EIC code displayed by LXR master/​include/​xrootd/​private/​XrdCrypto/​XrdCryptoX509.hh	Source navigation Diff markup Identifier search General search
	Version: master test Revert   Change

File indexing completed on 2026-01-08 10:33:32

 #ifndef __CRYPTO_X509_H__
 #define __CRYPTO_X509_H__
 /******************************************************************************/
 /*                                                                            */
 /*                       X r d C r y p t o X 5 0 9 . h h                      */
 /*                                                                            */
 /* (c) 2005 G. Ganis , CERN                                                   */
 /*                                                                            */
 /* This file is part of the XRootD software suite.                            */
 /*                                                                            */
 /* XRootD is free software: you can redistribute it and/or modify it under    */
 /* the terms of the GNU Lesser General Public License as published by the     */
 /* Free Software Foundation, either version 3 of the License, or (at your     */
 /* option) any later version.                                                 */
 /*                                                                            */
 /* XRootD is distributed in the hope that it will be useful, but WITHOUT      */
 /* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or      */
 /* FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public       */
 /* License for more details.                                                  */
 /*                                                                            */
 /* You should have received a copy of the GNU Lesser General Public License   */
 /* along with XRootD in a file called COPYING.LESSER (LGPL license) and file  */
 /* COPYING (GPL license).  If not, see <http://www.gnu.org/licenses/>.        */
 /*                                                                            */
 /* The copyright holder's institutional names and contributor's names may not */
 /* be used to endorse or promote products derived from this software without  */
 /* specific prior written permission of the institution or contributor.       */
 /*                                                                            */
 /******************************************************************************/
 
 /* ************************************************************************** */
 /*                                                                            */
 /* Abstract interface for X509 certificates.                                  */
 /* Allows to plug-in modules based on different crypto implementation         */
 /* (OpenSSL, Botan, ...)                                                      */
 /*                                                                            */
 /* ************************************************************************** */
 
 #include "XProtocol/XPtypes.hh"
 #include "XrdSut/XrdSutBucket.hh"
 #include "XrdCrypto/XrdCryptoRSA.hh"
 
 typedef void * XrdCryptoX509data;
 
 // ---------------------------------------------------------------------------//
 //
 // X509 interface
 // Describes one certificate
 //
 // ---------------------------------------------------------------------------//
 class XrdCryptoX509 {
 public:
 
    // Certificate type
    enum EX509Type { kUnknown = -1, kCA = 0, kEEC = 1, kProxy = 2 };
    EX509Type    type;
 
 
    XrdCryptoX509() { type = kUnknown; }
    virtual ~XrdCryptoX509() { }
 
    // Status
    virtual bool IsValid(int when = 0);   // object correctly loaded
    virtual bool IsExpired(int when = 0);  // Expired
 
    // Access underlying data (in opaque form: used in chains)
    virtual XrdCryptoX509data Opaque();
 
    // Access certificate key
    virtual XrdCryptoRSA *PKI();
    virtual void SetPKI(XrdCryptoX509data pki);
 
    // Export in form of bucket (for transfers)
    virtual XrdSutBucket *Export();
 
    // Dump information
    virtual void Dump();
    virtual int DumpExtensions(bool = 0); // extensions
 
    const char *Type(EX509Type t = kUnknown) const
                  { return ((t == kUnknown) ? ctype[type+1] : ctype[t+1]); }
    virtual const char *ParentFile();
    virtual const char *ProxyType() const { return ""; }
 
    // Key strength
    virtual int BitStrength();
 
    // Serial number
    virtual kXR_int64 SerialNumber();
    virtual XrdOucString SerialNumberString();
 
    // Validity interval
    virtual time_t  NotBefore();  // begin-validity time in secs since Epoch
    virtual time_t  NotAfter();   // end-validity time in secs since Epoch
 
    // Issuer of top certificate
    virtual const char *Issuer();
    virtual const char *IssuerHash(int);   // hash 
    const char *IssuerHash() { return IssuerHash(0); }   // hash 
 
    // Subject of bottom certificate
    virtual const char *Subject();
    virtual const char *SubjectHash(int);   // hash 
    const char *SubjectHash() { return SubjectHash(0); }  // hash 
 
    // Returns true if the certificate has a subject alt name which matches
    // the given hostnem. If it fals and hasSAN is false, there is no SAN extn.
    virtual bool MatchesSAN(const char * fqdn, bool &hasSAN) = 0;
 
    // Retrieve a given extension if there (in opaque form) 
    virtual XrdCryptoX509data GetExtension(const char *oid);
 
    // Verify signature
    virtual bool Verify(XrdCryptoX509 *ref);
 
    // Compare two hostnames, handling wildcards as appropriate.  Necessary
    // for support for accepting connections where the remote X509 certificate
    // is a wildcard certificate.
    //
    // Returns true if the FQDN matches the specified pattern
    static bool MatchHostnames(const char *match_pattern, const char *fqdn);
 
 private:
 
    static const char *ctype[4];  // Names of types
 };
 
 #endif

This page was automatically generated by the 2.3.7 LXR engine. The LXR team