Main Page   Class Hierarchy   Compound List   File List   Compound Members   File Members  

WvX509Mgr Class Reference

#include <wvx509.h>

List of all members.

Public Methods

 WvX509Mgr (X509 *cert=NULL)
 WvX509Mgr (WvString dName, int bits, WvRSAKey *_keypair=NULL)
virtual ~WvX509Mgr ()
void createSScert (WvString dName, int keysize)
WvString createcertreq (WvString dName, int keysize)
void decodecert (WvString encodedcert)
void encodecert ()
bool validate ()
bool signedbyCAindir (WvString certdir)
bool signedbyCAinfile (WvString certfile)
void signcert (WvRSAKey CAKeypair)
bool isinCRL ()
void dumpcert (WvString outfile, bool append=false)
void dumpkeypair (WvString outfile, bool append=false)
void dumprawkeypair (WvString outfile, bool append=false)
void seterr (const WvString &s)
 WvX509Mgr (X509 *cert=NULL)
 WvX509Mgr (WvString dName, int bits, WvRSAKey *_keypair=NULL)
virtual ~WvX509Mgr ()
void createSScert (WvString dName, int keysize)
WvString createcertreq (WvString dName, int keysize)
void decodecert (WvString encodedcert)
void encodecert ()
bool validate ()
bool signedbyCAindir (WvString certdir)
bool signedbyCAinfile (WvString certfile)
void signcert (WvRSAKey CAKeypair)
bool isinCRL ()
void dumpcert (WvString outfile, bool append=false)
void dumpkeypair (WvString outfile, bool append=false)
void dumprawkeypair (WvString outfile, bool append=false)
void seterr (const WvString &s)

Public Attributes

X509cert
WvRSAKeykeypair
WvString enccert
WvLog debug
bool err
WvString errstr
X509cert
WvRSAKeykeypair


Detailed Description

X509 Class to Handle certificates and their related functions

Definition at line 23 of file crypto/wvx509.h.


Constructor & Destructor Documentation

WvX509Mgr::WvX509Mgr X509   cert = NULL
 

Initialize a blank X509 Object with the certificate *cert (used for client side operations...)

Definition at line 13 of file wvx509.cc.

References cert, err, and keypair.

WvX509Mgr::WvX509Mgr WvString    dName,
int    bits,
WvRSAKey   _keypair = NULL
 

Constructor to create a selfsigned certificate for dn dName NOTE: If you already have an RSAKey, then you can shove it in here in the third parameter (i.e.: If you wanted to generate a cert for an existing TunnelVision connection).

Also: For SSL Servers: the dName MUST be in the form: cn=FQDN,o=foo,c=CA (actually, any part after the cn=FQDN is up to you... dc= works as well..)

But the important bit is to use the Fully Qualified Domain Name in the cn= part - otherwise Web Clients get confused...(I imaging other server clients will get equally confused, but I haven't checked). I don't check for this, since other kinds of certificates are perfectly valid without this... If you want to generate invalid certs, that's up to you.

Definition at line 21 of file wvx509.cc.

References cert, createSScert(), debug, err, and keypair.

WvX509Mgr::~WvX509Mgr   [virtual]
 

Destructor

Definition at line 32 of file wvx509.cc.

References cert.

WvX509Mgr::WvX509Mgr X509   cert = NULL
 

Initialize a blank X509 Object with the certificate *cert (used for client side operations...)

WvX509Mgr::WvX509Mgr WvString    dName,
int    bits,
WvRSAKey   _keypair = NULL
 

Constructor to create a selfsigned certificate for dn dName NOTE: If you already have an RSAKey, then you can shove it in here in the third parameter (i.e.: If you wanted to generate a cert for an existing TunnelVision connection).

Also: For SSL Servers: the dName MUST be in the form: cn=FQDN,o=foo,c=CA (actually, any part after the cn=FQDN is up to you... dc= works as well..)

But the important bit is to use the Fully Qualified Domain Name in the cn= part - otherwise Web Clients get confused...(I imaging other server clients will get equally confused, but I haven't checked). I don't check for this, since other kinds of certificates are perfectly valid without this... If you want to generate invalid certs, that's up to you.

virtual WvX509Mgr::~WvX509Mgr   [virtual]
 

Destructor


Member Function Documentation

WvString WvX509Mgr::createcertreq WvString    dName,
int    keysize
 

Create a certificate request (PKCS#10) using this function.. this request is what you would send off to Verisign, or Entrust.net (or any other CA), to get your real certificate. It leaves the RSA key pair in keypair, where you MUST save it for the certificate to be AT ALL valid when you get it back. Returns a PEM Encoded PKCS#10 certificate request.

WvString WvX509Mgr::createcertreq WvString    dName,
int    keysize
 

Create a certificate request (PKCS#10) using this function.. this request is what you would send off to Verisign, or Entrust.net (or any other CA), to get your real certificate. It leaves the RSA key pair in keypair, where you MUST save it for the certificate to be AT ALL valid when you get it back. Returns a PEM Encoded PKCS#10 certificate request.

Definition at line 223 of file wvx509.cc.

References WvString::edit(), keypair, WvRSAKey::rsa, set_name_entry(), seterr(), and WvString::setsize().

void WvX509Mgr::createSScert WvString    dName,
int    keysize
 

Given the Distinguished Name dName and the number of bits for the Private key in keysize, return a Self Signed Certificate, and the RSA Private/Public Keypair in keypair

void WvX509Mgr::createSScert WvString    dName,
int    keysize
 

Given the Distinguished Name dName and the number of bits for the Private key in keysize, return a Self Signed Certificate, and the RSA Private/Public Keypair in keypair

Definition at line 124 of file wvx509.cc.

References cert, debug, WvString::edit(), encodecert(), keypair, WvRSAKey::rsa, set_name_entry(), and seterr().

Referenced by WvX509Mgr().

void WvX509Mgr::decodecert WvString    encodedcert
 

Given a hexified encodedcert, fill the cert member

void WvX509Mgr::decodecert WvString    encodedcert
 

Given a hexified encodedcert, fill the cert member

Definition at line 285 of file wvx509.cc.

References cert, and unhexify().

void WvX509Mgr::dumpcert WvString    outfile,
bool    append = false
 

Dump the X509 Certificate in Cert to outfile in PEM

void WvX509Mgr::dumpcert WvString    outfile,
bool    append = false
 

Dump the X509 Certificate in Cert to outfile in PEM

Definition at line 400 of file wvx509.cc.

References cert, debug, and seterr().

void WvX509Mgr::dumpkeypair WvString    outfile,
bool    append = false
 

Dump RSA Keypair to outfile in PEM format

void WvX509Mgr::dumpkeypair WvString    outfile,
bool    append = false
 

Dump RSA Keypair to outfile in PEM format

Definition at line 430 of file wvx509.cc.

References debug, keypair, WvRSAKey::rsa, and seterr().

void WvX509Mgr::dumprawkeypair WvString    outfile,
bool    append = false
 

Dump RSA Keypair to outfile in RAW format (suitable for FreeS/WAN)

void WvX509Mgr::dumprawkeypair WvString    outfile,
bool    append = false
 

Dump RSA Keypair to outfile in RAW format (suitable for FreeS/WAN)

Definition at line 460 of file wvx509.cc.

References debug, keypair, WvRSAKey::rsa, and seterr().

void WvX509Mgr::encodecert  
 

Given the X509 certificate object cert, return a hexified string (in enccert) - Suitable for inclusion in a WvConf object ;)

void WvX509Mgr::encodecert  
 

Given the X509 certificate object cert, return a hexified string (in enccert) - Suitable for inclusion in a WvConf object ;)

Definition at line 300 of file wvx509.cc.

References cert, WvString::edit(), enccert, hexify(), WvString::setsize(), and size.

Referenced by createSScert().

bool WvX509Mgr::isinCRL  
 

Check and see if the certificate in cert has been revoked... currently relies on the CRL Distribution Point X509v3 extension... returns true if it has expired

bool WvX509Mgr::isinCRL  
 

Check and see if the certificate in cert has been revoked... currently relies on the CRL Distribution Point X509v3 extension... returns true if it has expired

Definition at line 395 of file wvx509.cc.

void WvX509Mgr::seterr const WvString   s [inline]
 

Definition at line 161 of file include/wvx509.h.

References err.

void WvX509Mgr::seterr const WvString   s [inline]
 

Definition at line 161 of file crypto/wvx509.h.

References err.

Referenced by createcertreq(), createSScert(), dumpcert(), dumpkeypair(), dumprawkeypair(), signedbyCAinfile(), and validate().

void WvX509Mgr::signcert WvRSAKey    CAKeypair
 

Sign the X509 certificate in cert with CAKeypair

void WvX509Mgr::signcert WvRSAKey    CAKeypair
 

Sign the X509 certificate in cert with CAKeypair

bool WvX509Mgr::signedbyCAindir WvString    certdir
 

Check the certificate in cert against the CA certificates in certfile - returns true if cert was signed by one of the CA certificates.

bool WvX509Mgr::signedbyCAindir WvString    certdir
 

Check the certificate in cert against the CA certificates in certfile - returns true if cert was signed by one of the CA certificates.

Definition at line 382 of file wvx509.cc.

References WvDirIter::next(), WvDirIter::rewind(), and signedbyCAinfile().

bool WvX509Mgr::signedbyCAinfile WvString    certfile
 

Check the certificate in cert against the CA certificates in certdir - returns true if cert was signed by one of the CA certificates.

bool WvX509Mgr::signedbyCAinfile WvString    certfile
 

Check the certificate in cert against the CA certificates in certdir - returns true if cert was signed by one of the CA certificates.

Definition at line 344 of file wvx509.cc.

References cert, and seterr().

Referenced by signedbyCAindir().

bool WvX509Mgr::validate  
 

Function to verify the validity of a certificate that has been placed in cert. Currently, this only outputs some information about the certificate but eventually, it should be used to verify that the certificate is valid (has not expired, and was issued by a valid and trusted CA)

bool WvX509Mgr::validate  
 

Function to verify the validity of a certificate that has been placed in cert. Currently, this only outputs some information about the certificate but eventually, it should be used to verify that the certificate is valid (has not expired, and was issued by a valid and trusted CA)

Definition at line 316 of file wvx509.cc.

References cert, debug, and seterr().

Referenced by WvSSLStream::post_select().


Member Data Documentation

X509* WvX509Mgr::cert
 

Certificate - this is why this class exists

Definition at line 61 of file include/wvx509.h.

X509* WvX509Mgr::cert
 

Certificate - this is why this class exists

Definition at line 61 of file crypto/wvx509.h.

Referenced by createSScert(), decodecert(), dumpcert(), encodecert(), signedbyCAinfile(), validate(), WvSSLStream::WvSSLStream(), WvX509Mgr(), and ~WvX509Mgr().

WvLog WvX509Mgr::debug
 

Definition at line 153 of file include/wvx509.h.

Referenced by createSScert(), dumpcert(), dumpkeypair(), dumprawkeypair(), validate(), and WvX509Mgr().

WvString WvX509Mgr::enccert
 

A hexified encoding of cert for use in getting it in and out of WvConf objects. I don't provide a similar entry for that for keypair, because you can always call keypair->private_str() and keypair->public_str() for that information.

Definition at line 76 of file include/wvx509.h.

Referenced by encodecert().

bool WvX509Mgr::err
 

Error Handling - if true, there was an error... check errstr for a description...

Definition at line 158 of file include/wvx509.h.

Referenced by WvSSLStream::post_select(), seterr(), and WvX509Mgr().

WvString WvX509Mgr::errstr
 

Definition at line 159 of file include/wvx509.h.

Referenced by WvSSLStream::post_select().

WvRSAKey* WvX509Mgr::keypair
 

The Public and Private RSA keypair associated with this certificate Make sure that you save this somewhere!!! If you don't, then you won't really be able to use the certificate for anything...

Definition at line 68 of file include/wvx509.h.

WvRSAKey* WvX509Mgr::keypair
 

The Public and Private RSA keypair associated with this certificate Make sure that you save this somewhere!!! If you don't, then you won't really be able to use the certificate for anything...

Definition at line 68 of file crypto/wvx509.h.

Referenced by createcertreq(), createSScert(), dumpkeypair(), dumprawkeypair(), WvSSLStream::WvSSLStream(), and WvX509Mgr().


The documentation for this class was generated from the following files:
Generated on Sat Aug 24 21:37:09 2002 for WvStreams by doxygen1.2.15