xrootd
XrdCryptosslX509Crl.hh
Go to the documentation of this file.
1 #ifndef __CRYPTO_SSLX509CRL_H__
2 #define __CRYPTO_SSLX509CRL_H__
3 /******************************************************************************/
4 /* */
5 /* X r d C r y p t o s s l X 5 0 9 C r l . h h */
6 /* */
7 /* (c) 2005 G. Ganis , CERN */
8 /* */
9 /* This file is part of the XRootD software suite. */
10 /* */
11 /* XRootD is free software: you can redistribute it and/or modify it under */
12 /* the terms of the GNU Lesser General Public License as published by the */
13 /* Free Software Foundation, either version 3 of the License, or (at your */
14 /* option) any later version. */
15 /* */
16 /* XRootD is distributed in the hope that it will be useful, but WITHOUT */
17 /* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
18 /* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
19 /* License for more details. */
20 /* */
21 /* You should have received a copy of the GNU Lesser General Public License */
22 /* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
23 /* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
24 /* */
25 /* The copyright holder's institutional names and contributor's names may not */
26 /* be used to endorse or promote products derived from this software without */
27 /* specific prior written permission of the institution or contributor. */
28 /* */
29 /******************************************************************************/
30 #include <openssl/x509v3.h>
31 
32 /* ************************************************************************** */
33 /* */
34 /* OpenSSL X509 CRL implementation . */
35 /* */
36 /* ************************************************************************** */
37 
38 #include "XrdSut/XrdSutCache.hh"
40 
41 // ---------------------------------------------------------------------------//
42 //
43 // X509 CRL interface
44 // Describes one CRL certificate
45 //
46 // ---------------------------------------------------------------------------//
47 
48 class XrdCryptoX509;
49 
51 public:
52 
53  XrdCryptosslX509Crl(const char *crlf, int opt = 0);
55  virtual ~XrdCryptosslX509Crl();
56 
57  // Status
58  bool IsValid() { return (crl != 0); }
59 
60  // Access underlying data (in opaque form: used in chains)
62 
63  // Dump information
64  void Dump();
65  const char *ParentFile() { return (const char *)(srcfile.c_str()); }
66 
67  // Validity interval
68  time_t LastUpdate(); // time when last updated
69  time_t NextUpdate(); // time foreseen for next update
70 
71  // Issuer of top certificate
72  const char *Issuer();
73  const char *IssuerHash(int); // hash
74 
75  // Chec certificate revocation
76  bool IsRevoked(int serialnumber, int when = 0);
77  bool IsRevoked(const char *sernum, int when = 0);
78 
79  // Verify signature
80  bool Verify(XrdCryptoX509 *ref);
81 
82 private:
83  X509_CRL *crl; // The CRL object
84  time_t lastupdate; // time of last update
85  time_t nextupdate; // time of next update
86  XrdOucString issuer; // issuer name;
87  XrdOucString issuerhash; // hash of issuer name (default algorithm);
88  XrdOucString issueroldhash; // hash of issuer name (md5 algorithm);
89  XrdOucString srcfile; // source file name, if any;
90  XrdOucString crluri; // URI from where to get the CRL file, if any;
91 
92  int nrevoked; // Number of certificates revoked
93  XrdSutCache cache; // cached infor about revoked certificates
94 
95  int GetFileType(const char *crlfn); //Determine file type
96  int LoadCache(); // Load the cache
97  int Init(const char *crlf); // Init from file
98  int InitFromURI(const char *uri, const char *hash); // Init from URI
99 };
100 
101 #endif
XrdSutCache.hh
XrdOucString::c_str
const char * c_str() const
Definition: XrdOucString.hh:280
XrdCryptosslX509Crl::Dump
void Dump()
XrdCryptosslX509Crl::crluri
XrdOucString crluri
Definition: XrdCryptosslX509Crl.hh:90
XrdCryptosslX509Crl::LastUpdate
time_t LastUpdate()
XrdCryptosslX509Crl::cache
XrdSutCache cache
Definition: XrdCryptosslX509Crl.hh:93
XrdCryptoX509Crl.hh
XrdCryptosslX509Crl::IsRevoked
bool IsRevoked(int serialnumber, int when=0)
XrdCryptosslX509Crl::issueroldhash
XrdOucString issueroldhash
Definition: XrdCryptosslX509Crl.hh:88
XrdCryptosslX509Crl::~XrdCryptosslX509Crl
virtual ~XrdCryptosslX509Crl()
XrdCryptosslX509Crl::Init
int Init(const char *crlf)
XrdCryptoX509Crl::IssuerHash
const char * IssuerHash()
Definition: XrdCryptoX509Crl.hh:73
XrdCryptosslX509Crl::GetFileType
int GetFileType(const char *crlfn)
XrdCryptosslX509Crl::Opaque
XrdCryptoX509Crldata Opaque()
Definition: XrdCryptosslX509Crl.hh:61
XrdCryptosslX509Crl::issuer
XrdOucString issuer
Definition: XrdCryptosslX509Crl.hh:86
XrdCryptosslX509Crl::IsValid
bool IsValid()
Definition: XrdCryptosslX509Crl.hh:58
XrdSutCache
Definition: XrdSutCache.hh:49
XrdCryptosslX509Crl::lastupdate
time_t lastupdate
Definition: XrdCryptosslX509Crl.hh:84
XrdCryptosslX509Crl::srcfile
XrdOucString srcfile
Definition: XrdCryptosslX509Crl.hh:89
XrdCryptosslX509Crl::XrdCryptosslX509Crl
XrdCryptosslX509Crl(const char *crlf, int opt=0)
XrdCryptosslX509Crl::Issuer
const char * Issuer()
XrdCryptosslX509Crl::ParentFile
const char * ParentFile()
Definition: XrdCryptosslX509Crl.hh:65
XrdCryptoX509Crldata
void * XrdCryptoX509Crldata
Definition: XrdCryptoX509Crl.hh:41
XrdCryptosslX509Crl
Definition: XrdCryptosslX509Crl.hh:50
XrdCryptosslX509Crl::issuerhash
XrdOucString issuerhash
Definition: XrdCryptosslX509Crl.hh:87
XrdCryptosslX509Crl::InitFromURI
int InitFromURI(const char *uri, const char *hash)
XrdCryptosslX509Crl::nextupdate
time_t nextupdate
Definition: XrdCryptosslX509Crl.hh:85
XrdCryptoX509
Definition: XrdCryptoX509.hh:51
XrdCryptosslX509Crl::Verify
bool Verify(XrdCryptoX509 *ref)
XrdCryptosslX509Crl::crl
X509_CRL * crl
Definition: XrdCryptosslX509Crl.hh:83
XrdCryptosslX509Crl::NextUpdate
time_t NextUpdate()
XrdCryptoX509Crl
Definition: XrdCryptoX509Crl.hh:49
XrdCryptosslX509Crl::LoadCache
int LoadCache()
XrdOucString
Definition: XrdOucString.hh:254
XrdCryptosslX509Crl::nrevoked
int nrevoked
Definition: XrdCryptosslX509Crl.hh:92