CACertificate.hpp

Go to the documentation of this file.

/*
Copyright (c) 2000, The JAP-Team
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:

  - Redistributions of source code must retain the above copyright notice,
    this list of conditions and the following disclaimer.

  - Redistributions in binary form must reproduce the above copyright notice,
    this list of conditions and the following disclaimer in the documentation and/or
    other materials provided with the distribution.

  - Neither the name of the University of Technology Dresden, Germany nor the names of its contributors
    may be used to endorse or promote products derived from this software without specific
    prior written permission.


THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS
OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS
BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE
*/
#ifndef __CACERTIFICATE__
#define __CACERTIFICATE__
#ifndef ONLY_LOCAL_PROXY
#define CERT_DER 1
#define CERT_XML_X509CERTIFICATE 2
#define CERT_PKCS12 3
#define CERT_X509CERTIFICATE 4
class CASignature;
class CAASymCipher;
class CASSLContext;
class CATLSClientSocket;
class CACertificate
  {
    friend class CASignature;
    friend class CAASymCipher;
    friend class CASSLContext;
    friend class CATLSClientSocket;

    public:
      ~CACertificate()
        {
          X509_free(m_pCert);
          ASN1_OCTET_STRING_free(m_pSKI);
          AUTHORITY_KEYID_free(m_pAKI);
        }
      CACertificate* clone() const
        {
          X509* x = X509_dup(m_pCert);
          CACertificate* tmp = new CACertificate(x);
          return tmp;
        }

      static CACertificate* decode(const UINT8* const buff,UINT32 bufflen,UINT32 type,const char* const passwd=NULL);
      static CACertificate* decode(const DOMNode* node,UINT32 type,const char* passwd=NULL);
      SINT32 encode(UINT8* buff,UINT32* bufflen,UINT32 type) const;
      SINT32 encode(DOMElement* & elemRoot,XERCES_CPP_NAMESPACE::DOMDocument* doc) const;

      static UINT8 * getXmlElementName()
        {
          if(!CACertificate::m_spXmlElementName)
          {
            UINT8 name[] = "X509Certificate";
            CACertificate::m_spXmlElementName = new UINT8[strlen((char*)name)+1];
            strcpy((char*)CACertificate::m_spXmlElementName, (char*)name);
          }
          return CACertificate::m_spXmlElementName;
        }

      SINT32 getRawSubjectKeyIdentifier(UINT8* r_ski, UINT32* r_skiLen);
      SINT32 getAuthorityKeyIdentifier(UINT8* r_aki, UINT32* r_akiLen) const;
            /* LERNGRUPPE */
            /* SubjectKeyIdentifier Extension handling */
      SINT32 getSubjectKeyIdentifier(UINT8* r_ski, UINT32 *r_skiLen);
      SINT32 setSubjectKeyIdentifier( UINT8* a_value, UINT32 a_valueLen );
      SINT32 setSubjectKeyIdentifier();
      static SINT32 removeColons(const UINT8* a_cSki, UINT32 a_cSkiLen, UINT8 *&r_ski, UINT32 *r_skiLen);
      SINT32 verify(const CACertificate* a_cert) const;
      bool isValid() const;
    
    private:
      CACertificate();
      CACertificate(X509* x);
      static X509* decode(const UINT8** derX509, UINT32 derX509Len);
      X509* getX509() const
        {
          return m_pCert;
        }
      X509* m_pCert;
      ASN1_OCTET_STRING* m_pSKI;
      AUTHORITY_KEYID* m_pAKI;
      static UINT8 * m_spXmlElementName;
  };
#endif
#endif //ONLY_LOCAL_PROXY