ROOT_528-00b_version: net/xrootd/src/xrootd/src/XrdCrypto/XrdCryptosslX509Crl.hh Source File

00001 // $Id: XrdCryptosslX509Crl.hh 28154 2009-04-08 12:40:52Z ganis $
00002 #ifndef __CRYPTO_SSLX509CRL_H__
00003 #define __CRYPTO_SSLX509CRL_H__
00004 /******************************************************************************/
00005 /*                                                                            */
00006 /*                X r d C r y p t o s s l X 5 0 9 C r l . h h                 */
00007 /*                                                                            */
00008 /*                                                                            */
00009 /* (c) 2005 G. Ganis , CERN                                                   */
00010 /*                                                                            */
00011 /******************************************************************************/
00012 #include <openssl/x509v3.h>
00013 
00014 /* ************************************************************************** */
00015 /*                                                                            */
00016 /* OpenSSL X509 CRL implementation        .                                   */
00017 /*                                                                            */
00018 /* ************************************************************************** */
00019 
00020 #include <XrdSut/XrdSutCache.hh>
00021 #include <XrdCrypto/XrdCryptoX509Crl.hh>
00022 
00023 // ---------------------------------------------------------------------------//
00024 //
00025 // X509 CRL interface
00026 // Describes one CRL certificate
00027 //
00028 // ---------------------------------------------------------------------------//
00029 
00030 class XrdSutCache;
00031 class XrdCryptoX509;
00032 
00033 class XrdCryptosslX509Crl : public XrdCryptoX509Crl {
00034 public:
00035 
00036    XrdCryptosslX509Crl(const char *crlf, int opt = 0);
00037    XrdCryptosslX509Crl(XrdCryptoX509 *cacert);
00038    virtual ~XrdCryptosslX509Crl();
00039 
00040    // Status
00041    bool IsValid() { return (crl != 0); }
00042 
00043    // Access underlying data (in opaque form: used in chains)
00044    XrdCryptoX509Crldata Opaque() { return (XrdCryptoX509Crldata)crl; }
00045 
00046    // Dump information
00047    void Dump();
00048    const char *ParentFile() { return (const char *)(srcfile.c_str()); }
00049 
00050    // Validity interval
00051    int  LastUpdate();  // time when last updated
00052    int  NextUpdate();  // time foreseen for next update
00053 
00054    // Issuer of top certificate
00055    const char *Issuer();
00056    const char *IssuerHash();   // hash 
00057 
00058    // Chec certificate revocation
00059    bool IsRevoked(int serialnumber, int when = 0);
00060    bool IsRevoked(const char *sernum, int when = 0);
00061 
00062    // Verify signature
00063    bool Verify(XrdCryptoX509 *ref);
00064 
00065 private:
00066    X509_CRL    *crl;       // The CRL object
00067    int          lastupdate; // time of last update
00068    int          nextupdate; // time of next update
00069    XrdOucString issuer;     // issuer name;
00070    XrdOucString issuerhash; // hash of issuer name;
00071    XrdOucString srcfile;    // source file name, if any;
00072    XrdOucString crluri;     // URI from where to get the CRL file, if any;
00073 
00074    int          nrevoked;   // Number of certificates revoked
00075    XrdSutCache  cache;      // cached infor about revoked certificates
00076 
00077    int LoadCache();         // Load the cache
00078    int Init(const char *crlf); // Init from file
00079    int InitFromURI(const char *uri, const char *hash); // Init from URI
00080 };
00081 
00082 #endif