X509Certificate Class Reference

#include <X509Certificate.hpp>

Inheritance diagram for X509Certificate:

Collaboration diagram for X509Certificate:

Public Types
enum	Format { FORMAT_DER , FORMAT_PEM }
enum	DigestAlgorithm { DIGEST_MD5 , DIGEST_SHA1 }

Public Member Functions
	~X509Certificate ()
virtual void	write (utility::outputStream &os, const Format format) const =0
virtual const byteArray	getSerialNumber () const =0
const string	getIssuerString () const
virtual bool	checkIssuer (shared_ptr< const X509Certificate > issuer) const =0
virtual bool	verify (shared_ptr< const X509Certificate > caCert) const =0
virtual bool	verifyHostName (const string &hostname, std::vector< std::string > *nonMatchingNames=NULL) const =0
virtual const datetime	getExpirationDate () const =0
virtual const datetime	getActivationDate () const =0
virtual const byteArray	getFingerprint (const DigestAlgorithm algo) const =0
virtual void	checkValidity ()
Public Member Functions inherited from certificate
virtual const byteArray	getEncoded () const =0
virtual const string	getType () const =0
virtual int	getVersion () const =0
virtual bool	equals (shared_ptr< const certificate > other) const =0
virtual void *	getInternalData ()=0

Static Public Member Functions
static shared_ptr< X509Certificate >	import (utility::inputStream &is)
static shared_ptr< X509Certificate >	import (const byte_t *data, const size_t length)

Additional Inherited Members
Protected Member Functions inherited from object
	object ()
	object (const object &)
object &	operator= (const object &)
virtual	~object ()

Detailed Description

Identity certificate based on X.509 standard.

Member Enumeration Documentation

DigestAlgorithm

enum DigestAlgorithm

Supported digest algorithms (used for fingerprint).

Enumerator
DIGEST_MD5	MD5 digest.
DIGEST_SHA1	SHA1 digest.

Format

enum Format

Supported encodings for X.509 certificates.

Enumerator
FORMAT_DER	DER encoding.
FORMAT_PEM	PEM encoding.

Constructor & Destructor Documentation

~X509Certificate()

~X509Certificate

(

)

Member Function Documentation

checkIssuer()

virtual bool checkIssuer ( shared_ptr< const X509Certificate >  issuer ) const

pure virtual

Checks if this certificate has the given issuer.

Parameters

issuer

certificate of a possible issuer

Returns

true if this certificate was issued by the given issuer, false otherwise

checkValidity()

void checkValidity ( )

virtual

Checks that the certificate is currently valid.

For the certificate to be valid, the current date and time must be in the validity period specified in the certificate.

Exceptions

certificateExpiredException	if the certificate has expired
certificateNotYetValidException	if the certificate is not yet valid

References vmime::dynamicCast(), X509Certificate::getActivationDate(), X509Certificate::getExpirationDate(), datetime::now(), and certificateException::setCertificate().

getActivationDate()

virtual const datetime getActivationDate ( ) const

pure virtual

Gets the activation date of this certificate.

This is the date at which this certificate will be valid.

Returns

activation date of this certificate

Referenced by X509Certificate::checkValidity().

getExpirationDate()

virtual const datetime getExpirationDate ( ) const

pure virtual

Gets the expiration date of this certificate.

This is the date at which this certificate will not be valid anymore.

Returns

expiration date of this certificate

Referenced by X509Certificate::checkValidity().

getFingerprint()

virtual const byteArray getFingerprint ( const DigestAlgorithm  algo ) const

pure virtual

Returns the fingerprint of this certificate.

Returns

the fingerprint of this certificate

getIssuerString()

const string getIssuerString

(

)

const

Returns the distinguished name of the issuer of this certificate.

Eg. "C=US,O=VeriSign\, Inc.,OU=Class 1 Public Primary Certification Authority"

Returns

distinguished name of the certificate issuer, as a string

getSerialNumber()

virtual const byteArray getSerialNumber ( ) const

pure virtual

Returns the X.509 certificate's serial number.

This is obtained by the X.509 Certificate 'serialNumber' field. Serial is not always a 32 or 64bit number. Some CAs use large serial numbers, thus it may be wise to handle it as something opaque.

Returns

serial number of this certificate

import() [1/2]

static shared_ptr< X509Certificate > import ( const byte_t *  data, const size_t  length  )

static

Imports a DER or PEM encoded X.509 certificate.

Parameters

data	points to raw data
length	size of data

Returns

a X.509 certificate, or NULL if the given data does not represent a valid certificate

import() [2/2]

static shared_ptr< X509Certificate > import ( utility::inputStream &  is )

static

Imports a DER or PEM encoded X.509 certificate.

Parameters

is	input stream to read data from

Returns

a X.509 certificate, or NULL if the given data does not represent a valid certificate

verify()

virtual bool verify ( shared_ptr< const X509Certificate >  caCert ) const

pure virtual

Verifies this certificate against a given trusted one.

Parameters

caCert

a certificate that is considered to be trusted one

Returns

true if the verification succeeded, false otherwise

verifyHostName()

virtual bool verifyHostName ( const string &  hostname, std::vector< std::string > *  nonMatchingNames = NULL  ) const

pure virtual

Verify certificate's subject name against the given hostname.

Parameters

hostname	DNS name of the server
nonMatchingNames	if not NULL, will contain the names that do not match the identities in the certificate

Returns

true if the match is successful, false otherwise

write()

virtual void write ( utility::outputStream &  os, const Format  format  ) const

pure virtual

Exports this X.509 certificate to the specified format.

Parameters

os	output stream into which write data
format	output format

---

The documentation for this class was generated from the following files:

• X509Certificate.hpp
• X509Certificate.cpp