xrootd
XrdCryptoX509.hh
Go to the documentation of this file.
1 #ifndef __CRYPTO_X509_H__
2 #define __CRYPTO_X509_H__
3 /******************************************************************************/
4 /* */
5 /* X r d C r y p t o X 5 0 9 . h h */
6 /* */
7 /* (c) 2005 G. Ganis , CERN */
8 /* */
9 /* This file is part of the XRootD software suite. */
10 /* */
11 /* XRootD is free software: you can redistribute it and/or modify it under */
12 /* the terms of the GNU Lesser General Public License as published by the */
13 /* Free Software Foundation, either version 3 of the License, or (at your */
14 /* option) any later version. */
15 /* */
16 /* XRootD is distributed in the hope that it will be useful, but WITHOUT */
17 /* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
18 /* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
19 /* License for more details. */
20 /* */
21 /* You should have received a copy of the GNU Lesser General Public License */
22 /* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
23 /* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
24 /* */
25 /* The copyright holder's institutional names and contributor's names may not */
26 /* be used to endorse or promote products derived from this software without */
27 /* specific prior written permission of the institution or contributor. */
28 /* */
29 /******************************************************************************/
30 
31 /* ************************************************************************** */
32 /* */
33 /* Abstract interface for X509 certificates. */
34 /* Allows to plug-in modules based on different crypto implementation */
35 /* (OpenSSL, Botan, ...) */
36 /* */
37 /* ************************************************************************** */
38 
39 #include "XProtocol/XPtypes.hh"
40 #include "XrdSut/XrdSutBucket.hh"
41 #include "XrdCrypto/XrdCryptoRSA.hh"
42 
43 typedef void * XrdCryptoX509data;
44 
45 // ---------------------------------------------------------------------------//
46 //
47 // X509 interface
48 // Describes one certificate
49 //
50 // ---------------------------------------------------------------------------//
51 class XrdCryptoX509 {
52 public:
53 
54  // Certificate type
55  enum EX509Type { kUnknown = -1, kCA = 0, kEEC = 1, kProxy = 2 };
56  EX509Type type;
57 
58 
59  XrdCryptoX509() { type = kUnknown; }
60  virtual ~XrdCryptoX509() { }
61 
62  // Status
63  virtual bool IsValid(int when = 0); // object correctly loaded
64  virtual bool IsExpired(int when = 0); // Expired
65 
66  // Access underlying data (in opaque form: used in chains)
67  virtual XrdCryptoX509data Opaque();
68 
69  // Access certificate key
70  virtual XrdCryptoRSA *PKI();
71  virtual void SetPKI(XrdCryptoX509data pki);
72 
73  // Export in form of bucket (for transfers)
74  virtual XrdSutBucket *Export();
75 
76  // Dump information
77  virtual void Dump();
78  const char *Type(EX509Type t = kUnknown) const
79  { return ((t == kUnknown) ? ctype[type+1] : ctype[t+1]); }
80  virtual const char *ParentFile();
81 
82  // Key strength
83  virtual int BitStrength();
84 
85  // Serial number
86  virtual kXR_int64 SerialNumber();
87  virtual XrdOucString SerialNumberString();
88 
89  // Validity interval
90  virtual int NotBefore(); // begin-validity time in secs since Epoch
91  virtual int NotAfter(); // end-validity time in secs since Epoch
92 
93  // Issuer of top certificate
94  virtual const char *Issuer();
95  virtual const char *IssuerHash(int); // hash
96  const char *IssuerHash() { return IssuerHash(0); } // hash
97 
98  // Subject of bottom certificate
99  virtual const char *Subject();
100  virtual const char *SubjectHash(int); // hash
101  const char *SubjectHash() { return SubjectHash(0); } // hash
102 
103  // Retrieve a given extension if there (in opaque form)
104  virtual XrdCryptoX509data GetExtension(const char *oid);
105 
106  // Verify signature
107  virtual bool Verify(XrdCryptoX509 *ref);
108 
109 private:
110 
111  static const char *ctype[4]; // Names of types
112 };
113 
114 #endif
Generated by   doxygen 1.8.3.1