Inheritance diagram for X509Certificate:

Collaboration diagram for X509Certificate:

Public Types
enum	Format { FORMAT_DER, FORMAT_PEM }

enum	DigestAlgorithm { DIGEST_MD5, DIGEST_SHA1 }

Public Member Functions
	~X509Certificate ()

virtual void	write (utility::outputStream &os, const Format format) const =0

virtual const byteArray	getSerialNumber () const =0

const string	getIssuerString () const

virtual bool	checkIssuer (shared_ptr< const X509Certificate > issuer) const =0

virtual bool	verify (shared_ptr< const X509Certificate > caCert) const =0

virtual bool	verifyHostName (const string &hostname, std::vector< std::string > *nonMatchingNames=NULL) const =0

virtual const datetime	getExpirationDate () const =0

virtual const datetime	getActivationDate () const =0

virtual const byteArray	getFingerprint (const DigestAlgorithm algo) const =0

virtual void	checkValidity ()

Public Member Functions inherited from certificate
virtual const byteArray	getEncoded () const =0

virtual const string	getType () const =0

virtual int	getVersion () const =0

virtual bool	equals (shared_ptr< const certificate > other) const =0

virtual void *	getInternalData ()=0

Static Public Member Functions
static shared_ptr < X509Certificate >	import (utility::inputStream &is)

static shared_ptr < X509Certificate >	import (const byte_t *data, const size_t length)

Additional Inherited Members
Protected Member Functions inherited from object
	object ()

	object (const object &)

object &	operator= (const object &)

virtual	~object ()

Detailed Description

Identity certificate based on X.509 standard.

Member Enumeration Documentation

enum DigestAlgorithm

Supported digest algorithms (used for fingerprint).

Enumerator
DIGEST_MD5	MD5 digest.
DIGEST_SHA1	SHA1 digest.

enum Format

Supported encodings for X.509 certificates.

Enumerator
FORMAT_DER	DER encoding.
FORMAT_PEM	PEM encoding.

Constructor & Destructor Documentation

~X509Certificate ( )

Member Function Documentation

virtual bool checkIssuer ( shared_ptr< const X509Certificate > issuer ) const

pure virtual

Checks if this certificate has the given issuer.

Parameters

issuer certificate of a possible issuer

Returns: true if this certificate was issued by the given issuer, false otherwise

void checkValidity ( )

virtual

Checks that the certificate is currently valid.

For the certificate to be valid, the current date and time must be in the validity period specified in the certificate.

Exceptions

certificateExpiredException	if the certificate has expired
certificateNotYetValidException	if the certificate is not yet valid

References X509Certificate::getActivationDate(), X509Certificate::getExpirationDate(), datetime::now(), and certificateException::setCertificate().

virtual const datetime getActivationDate ( ) const

pure virtual

Gets the activation date of this certificate.

This is the date at which this certificate will be valid.

Returns: activation date of this certificate

Referenced by X509Certificate::checkValidity().

virtual const datetime getExpirationDate ( ) const

pure virtual

Gets the expiration date of this certificate.

This is the date at which this certificate will not be valid anymore.

Returns: expiration date of this certificate

Referenced by X509Certificate::checkValidity().

virtual const byteArray getFingerprint ( const DigestAlgorithm algo ) const

pure virtual

Returns the fingerprint of this certificate.

Returns: the fingerprint of this certificate

const string getIssuerString ( ) const

Returns the distinguished name of the issuer of this certificate.

Eg. "C=US,O=VeriSign\, Inc.,OU=Class 1 Public Primary Certification Authority"

Returns: distinguished name of the certificate issuer, as a string

virtual const byteArray getSerialNumber ( ) const

pure virtual

Returns the X.509 certificate's serial number.

This is obtained by the X.509 Certificate 'serialNumber' field. Serial is not always a 32 or 64bit number. Some CAs use large serial numbers, thus it may be wise to handle it as something opaque.

Returns: serial number of this certificate

static shared_ptr<X509Certificate> import ( utility::inputStream & is )

static

Imports a DER or PEM encoded X.509 certificate.

Parameters

is	input stream to read data from

Returns: a X.509 certificate, or NULL if the given data does not represent a valid certificate

static shared_ptr<X509Certificate> import	(	const byte_t *	data,
		const size_t	length
	)

static

Imports a DER or PEM encoded X.509 certificate.

Parameters

data	points to raw data
length	size of data

Returns: a X.509 certificate, or NULL if the given data does not represent a valid certificate

virtual bool verify ( shared_ptr< const X509Certificate > caCert ) const

pure virtual

Verifies this certificate against a given trusted one.

Parameters

caCert a certificate that is considered to be trusted one

Returns: true if the verification succeeded, false otherwise

virtual bool verifyHostName	(	const string &	hostname,
		std::vector< std::string > *	nonMatchingNames = `NULL`
	)		const

pure virtual

Verify certificate's subject name against the given hostname.

Parameters

hostname	DNS name of the server
nonMatchingNames	if not NULL, will contain the names that do not match the identities in the certificate

Returns: true if the match is successful, false otherwise

virtual void write	(	utility::outputStream &	os,
		const Format	format
	)		const

pure virtual

Exports this X.509 certificate to the specified format.

Parameters

os	output stream into which write data
format	output format

The documentation for this class was generated from the following files:

Public Types

Public Member Functions

Static Public Member Functions

Additional Inherited Members

Detailed Description

Member Enumeration Documentation

Constructor & Destructor Documentation

Member Function Documentation