xrootd/html/XrdCryptosslX509Crl_8hh_source.html

#ifndef __CRYPTO_SSLX509CRL_H__

#define __CRYPTO_SSLX509CRL_H__

/******************************************************************************/

/*                                                                            */

/*                X r d C r y p t o s s l X 5 0 9 C r l . h h                 */

/*                                                                            */

/* (c) 2005 G. Ganis , CERN                                                   */

/*                                                                            */

/* This file is part of the XRootD software suite.                            */

/*                                                                            */

/* XRootD is free software: you can redistribute it and/or modify it under    */

/* the terms of the GNU Lesser General Public License as published by the     */

/* Free Software Foundation, either version 3 of the License, or (at your     */

/* option) any later version.                                                 */

/*                                                                            */

/* XRootD is distributed in the hope that it will be useful, but WITHOUT      */

/* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or      */

/* FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public       */

/* License for more details.                                                  */

/*                                                                            */

/* You should have received a copy of the GNU Lesser General Public License   */

/* along with XRootD in a file called COPYING.LESSER (LGPL license) and file  */

/* COPYING (GPL license).  If not, see <http://www.gnu.org/licenses/>.        */

/*                                                                            */

/* The copyright holder's institutional names and contributor's names may not */

/* be used to endorse or promote products derived from this software without  */

/* specific prior written permission of the institution or contributor.       */

/*                                                                            */

/******************************************************************************/

#include <openssl/x509v3.h>


/* ************************************************************************** */

/*                                                                            */

/* OpenSSL X509 CRL implementation        .                                   */

/*                                                                            */

/* ************************************************************************** */


#include "XrdSut/XrdSutCache.hh"

#include "XrdCrypto/XrdCryptoX509Crl.hh"


// ---------------------------------------------------------------------------//

//

// X509 CRL interface

// Describes one CRL certificate

//

// ---------------------------------------------------------------------------//


class XrdCryptoX509;


class XrdCryptosslX509Crl : public XrdCryptoX509Crl {

public:


   XrdCryptosslX509Crl(const char *crlf, int opt = 0);

   XrdCryptosslX509Crl(XrdCryptoX509 *cacert);

   virtual ~XrdCryptosslX509Crl();


   // Status

   bool IsValid() { return (crl != 0); }


   // Access underlying data (in opaque form: used in chains)

   XrdCryptoX509Crldata Opaque() { return (XrdCryptoX509Crldata)crl; }


   // Dump information

   void Dump();

   const char *ParentFile() { return (const char *)(srcfile.c_str()); }


   // Validity interval

   time_t LastUpdate();  // time when last updated

   time_t NextUpdate();  // time foreseen for next update


   // Issuer of top certificate

   const char *Issuer();

   const char *IssuerHash(int);   // hash


   // Chec certificate revocation

   bool IsRevoked(int serialnumber, int when = 0);

   bool IsRevoked(const char *sernum, int when = 0);


   // Verify signature

   bool Verify(XrdCryptoX509 *ref);


private:

   X509_CRL    *crl;       // The CRL object

   time_t       lastupdate; // time of last update

   time_t       nextupdate; // time of next update

   XrdOucString issuer;     // issuer name;

   XrdOucString issuerhash; // hash of issuer name (default algorithm);

   XrdOucString issueroldhash; // hash of issuer name (md5 algorithm);

   XrdOucString srcfile;    // source file name, if any;

   XrdOucString crluri;     // URI from where to get the CRL file, if any;


   int          nrevoked;   // Number of certificates revoked

   XrdSutCache  cache;      // cached infor about revoked certificates


   int GetFileType(const char *crlfn); //Determine file type

   int LoadCache();         // Load the cache

   int Init(const char *crlf); // Init from file

   int InitFromURI(const char *uri, const char *hash); // Init from URI

};


#endif

XrdCryptoX509Crl.hh

XrdCryptoX509Crldata
void * XrdCryptoX509Crldata
Definition: XrdCryptoX509Crl.hh:41

XrdSutCache.hh

XrdCryptoX509Crl
Definition: XrdCryptoX509Crl.hh:49

XrdCryptoX509
Definition: XrdCryptoX509.hh:51

XrdCryptosslX509Crl
Definition: XrdCryptosslX509Crl.hh:50

XrdCryptosslX509Crl::Opaque
XrdCryptoX509Crldata Opaque()
Definition: XrdCryptosslX509Crl.hh:61

XrdCryptosslX509Crl::IsValid
bool IsValid()
Definition: XrdCryptosslX509Crl.hh:58

XrdCryptosslX509Crl::Init
int Init(const char *crlf)

XrdCryptosslX509Crl::XrdCryptosslX509Crl
XrdCryptosslX509Crl(const char *crlf, int opt=0)

XrdCryptosslX509Crl::IssuerHash
const char * IssuerHash(int)

XrdCryptosslX509Crl::LastUpdate
time_t LastUpdate()

XrdCryptosslX509Crl::issueroldhash
XrdOucString issueroldhash
Definition: XrdCryptosslX509Crl.hh:88

XrdCryptosslX509Crl::nextupdate
time_t nextupdate
Definition: XrdCryptosslX509Crl.hh:85

XrdCryptosslX509Crl::Dump
void Dump()

XrdCryptosslX509Crl::IsRevoked
bool IsRevoked(const char *sernum, int when=0)

XrdCryptosslX509Crl::crluri
XrdOucString crluri
Definition: XrdCryptosslX509Crl.hh:90

XrdCryptosslX509Crl::lastupdate
time_t lastupdate
Definition: XrdCryptosslX509Crl.hh:84

XrdCryptosslX509Crl::InitFromURI
int InitFromURI(const char *uri, const char *hash)

XrdCryptosslX509Crl::LoadCache
int LoadCache()

XrdCryptosslX509Crl::~XrdCryptosslX509Crl
virtual ~XrdCryptosslX509Crl()

XrdCryptosslX509Crl::IsRevoked
bool IsRevoked(int serialnumber, int when=0)

XrdCryptosslX509Crl::srcfile
XrdOucString srcfile
Definition: XrdCryptosslX509Crl.hh:89

XrdCryptosslX509Crl::ParentFile
const char * ParentFile()
Definition: XrdCryptosslX509Crl.hh:65

XrdCryptosslX509Crl::nrevoked
int nrevoked
Definition: XrdCryptosslX509Crl.hh:92

XrdCryptosslX509Crl::GetFileType
int GetFileType(const char *crlfn)

XrdCryptosslX509Crl::NextUpdate
time_t NextUpdate()

XrdCryptosslX509Crl::XrdCryptosslX509Crl
XrdCryptosslX509Crl(XrdCryptoX509 *cacert)

XrdCryptosslX509Crl::crl
X509_CRL * crl
Definition: XrdCryptosslX509Crl.hh:83

XrdCryptosslX509Crl::issuer
XrdOucString issuer
Definition: XrdCryptosslX509Crl.hh:86

XrdCryptosslX509Crl::cache
XrdSutCache cache
Definition: XrdCryptosslX509Crl.hh:93

XrdCryptosslX509Crl::Verify
bool Verify(XrdCryptoX509 *ref)

XrdCryptosslX509Crl::Issuer
const char * Issuer()

XrdCryptosslX509Crl::issuerhash
XrdOucString issuerhash
Definition: XrdCryptosslX509Crl.hh:87

XrdOucString
Definition: XrdOucString.hh:254

XrdOucString::c_str
const char * c_str() const
Definition: XrdOucString.hh:280

XrdSutCache
Definition: XrdSutCache.hh:49