Ice 3.7 C++11 API Reference
|
Go to the documentation of this file.
5 #ifndef ICESSL_PLUGIN_H
6 #define ICESSL_PLUGIN_H
12 #ifdef ICE_CPP11_MAPPING
22 # if defined(ICE_STATIC_LIBS)
24 # elif defined(ICESSL_API_EXPORTS)
25 # define ICESSL_API ICE_DECLSPEC_EXPORT
27 # define ICESSL_API ICE_DECLSPEC_IMPORT
37 #ifdef ICE_CPP11_MAPPING
48 HasExcludedNameConstraint,
50 HasNonDefinedNameConstraint,
52 HasNonPermittedNameConstraint,
54 HasNonSupportedCriticalExtension,
56 HasNonSupportedNameConstraint,
60 InvalidBasicConstraints,
64 InvalidNameConstraints,
66 InvalidPolicyConstraints,
79 RevocationStatusUnknown,
168 #ifndef ICE_CPP11_COMPILER
174 #ifndef ICE_CPP11_MAPPING
187 static const char* _name;
200 #ifndef ICE_CPP11_COMPILER
206 #ifndef ICE_CPP11_MAPPING
219 static const char* _name;
232 #ifndef ICE_CPP11_COMPILER
238 #ifndef ICE_CPP11_MAPPING
251 static const char* _name;
311 bool match(
const std::string& dn)
const;
317 operator std::string()
const;
327 std::list<std::pair<std::string, std::string> > _rdns;
328 std::list<std::pair<std::string, std::string> > _unescaped;
364 return !(lhs == rhs);
372 #ifndef ICE_CPP11_MAPPING
394 virtual std::vector<Ice::Byte>
getData()
const = 0;
407 #ifdef ICE_CPP11_MAPPING
408 public std::enable_shared_from_this<Certificate>
464 #ifdef ICE_CPP11_MAPPING
465 virtual bool checkValidity(
const std::chrono::system_clock::time_point& t)
const = 0;
467 virtual bool checkValidity(
const IceUtil::Time& t)
const = 0;
492 #ifdef ICE_CPP11_MAPPING
493 virtual std::chrono::system_clock::time_point
getNotAfter()
const = 0;
502 #ifdef ICE_CPP11_MAPPING
503 virtual std::chrono::system_clock::time_point
getNotBefore()
const = 0;
605 #ifndef ICE_CPP11_MAPPING // C++98 mapping
616 virtual ~CertificateVerifier();
623 virtual bool verify(
const ConnectionInfoPtr& info) = 0;
647 virtual ~PasswordPrompt();
655 virtual std::string getPassword() = 0;
675 #ifdef ICE_CPP11_MAPPING
678 virtual void setCertificateVerifier(
const CertificateVerifierPtr& v) = 0;
686 #ifdef ICE_CPP11_MAPPING
689 virtual void setPasswordPrompt(
const PasswordPromptPtr& p) = 0;
bool operator>(const DistinguishedName &lhs, const DistinguishedName &rhs)
Performs an exact match.
Definition: Plugin.h:335
@ NoError
The certification verification succeed.
virtual void setPasswordPrompt(std::function< std::string()> p)=0
Establish the password prompt object.
virtual std::string ice_id() const
Returns the type ID of this exception.
Definition: ConnectionInfo.h:59
const unsigned int KEY_USAGE_DECIPHER_ONLY
The key usage "decipherOnly" bit is set.
Definition: Plugin.h:127
const unsigned int EXTENDED_KEY_USAGE_CODE_SIGNING
The extended key usage "codeSigning" bit is set.
Definition: Plugin.h:144
std::string getHost(const IceSSL::ConnectionInfoPtr &)
std::string getTrustErrorDescription(TrustError)
Represents an X509 Certificate extension.
Definition: Plugin.h:375
#define ICE_DEFINE_PTR(TPtr, T)
Definition: Config.h:359
A communicator plug-in.
Definition: Plugin.h:78
virtual ~CertificateReadException()
virtual ~ParseException()
virtual bool operator==(const Certificate &) const =0
Compares the certificates for equality using the native certificate comparison method.
const unsigned int EXTENDED_KEY_USAGE_TIME_STAMPING
The extended key usage "timeStamping" bit is set.
Definition: Plugin.h:152
unsigned int getKeyUsage() const
Returns the value of the key usage extension.
virtual void setCertificateVerifier(std::function< bool(const std::shared_ptr< ConnectionInfo > &)> v)=0
Establish the certificate verifier object.
const unsigned int KEY_USAGE_ENCIPHER_ONLY
The key usage "encipherOnly" bit is set.
Definition: Plugin.h:123
const unsigned int EXTENDED_KEY_USAGE_EMAIL_PROTECTION
The extended key usage "emailProtection" bit is set.
Definition: Plugin.h:148
const unsigned int EXTENDED_KEY_USAGE_CLIENT_AUTH
The extended key usage "clientAuth" bit is set.
Definition: Plugin.h:140
virtual bool isCritical() const =0
Determines whether the information in this extension is important.
const unsigned int EXTENDED_KEY_USAGE_ANY_KEY_USAGE
The extended key usage "anyKeyUsage" bit is set.
Definition: Plugin.h:132
virtual std::vector< Ice::Byte > getData() const =0
Obtains the data associated with this extension.
const unsigned int KEY_USAGE_CRL_SIGN
The key usage "cRLSign" bit is set.
Definition: Plugin.h:119
::std::shared_ptr< Certificate > CertificatePtr
Definition: Plugin.h:399
const unsigned int KEY_USAGE_DATA_ENCIPHERMENT
The key usage "dataEncipherment" bit is set.
Definition: Plugin.h:107
Represents the IceSSL plug-in object.
Definition: Plugin.h:665
virtual CertificatePtr decode(const std::string &str) const =0
Decode a certificate from a string that uses the PEM encoding format.
bool operator<=(const DistinguishedName &lhs, const DistinguishedName &rhs)
Performs an exact match.
Definition: Plugin.h:344
Thrown if the certificate cannot be read.
Definition: Plugin.h:163
const unsigned int KEY_USAGE_KEY_AGREEMENT
The key usage "keyAgreement" bit is set.
Definition: Plugin.h:111
virtual std::vector< std::pair< int, std::string > > getSubjectAlternativeNames() const =0
See the comment for Plugin::getIssuerAlternativeNames.
DistinguishedName(const std::string &name)
Creates a DistinguishedName from a string encoded using the rules in RFC2253.
Thrown if the certificate cannot be encoded.
Definition: Plugin.h:195
virtual std::vector< Ice::Byte > getAuthorityKeyIdentifier() const =0
Obtains the authority key identifier.
DistinguishedName(const std::list< std::pair< std::string, std::string > > &)
Creates a DistinguishedName from a list of RDN pairs, where each pair consists of the RDN's type and ...
const unsigned int KEY_USAGE_KEY_ENCIPHERMENT
The key usage "keyEncipherment" bit is set.
Definition: Plugin.h:103
CertificateEncodingException(const char *, int, const std::string &)
std::string reason
The reason for the exception.
Definition: Plugin.h:183
TrustError
The reason for an IceSSL certificate verification failure.
Definition: Plugin.h:42
virtual std::vector< Ice::Byte > getSubjectKeyIdentifier() const =0
Obtains the subject key identifier.
virtual DistinguishedName getSubjectDN() const =0
Obtains the subject's distinguished name (DN).
::std::shared_ptr< X509Extension > X509ExtensionPtr
Definition: Plugin.h:396
static CertificatePtr load(const std::string &file)
Loads the certificate from a file.
virtual bool verify(const CertificatePtr &cert) const =0
Verifies that this certificate was signed by the given certificate public key.
virtual std::chrono::system_clock::time_point getNotAfter() const =0
Obtains the not-after validity time.
virtual CertificatePtr load(const std::string &file) const =0
Load the certificate from a file.
virtual X509ExtensionPtr getX509Extension(const std::string &oid) const =0
Obtains the extension with the given OID.
const unsigned int EXTENDED_KEY_USAGE_SERVER_AUTH
The extended key usage "serverAuth" bit is set.
Definition: Plugin.h:136
bool operator>=(const DistinguishedName &lhs, const DistinguishedName &rhs)
Performs an exact match.
Definition: Plugin.h:353
const unsigned int KEY_USAGE_DIGITAL_SIGNATURE
The key usage "digitalSignature" bit is set.
Definition: Plugin.h:95
virtual bool checkValidity(const std::chrono::system_clock::time_point &t) const =0
Checks that the certificate is valid at the given time.
This class represents a DistinguishedName, similar to the Java type X500Principal and the ....
Definition: Plugin.h:268
virtual std::string getOID() const =0
Obtains the object ID of this extension.
virtual int getVersion() const =0
Obtains the certificate version number.
virtual std::vector< std::pair< int, std::string > > getIssuerAlternativeNames() const =0
Obtains the values in the issuer's alternative names extension.
#define ICESSL_API
Definition: Plugin.h:27
bool operator!=(const DistinguishedName &lhs, const DistinguishedName &rhs)
Performs an exact match.
Definition: Plugin.h:362
virtual DistinguishedName getIssuerDN() const =0
Obtains the issuer's distinguished name (DN).
::std::shared_ptr< Plugin > PluginPtr
Definition: Plugin.h:708
virtual bool checkValidity() const =0
Checks that the certificate is currently valid, that is, the current date falls between the validity ...
CertificateReadException(const char *, int, const std::string &)
This convenience class is a wrapper around a native certificate.
Definition: Plugin.h:412
unsigned int getExtendedKeyUsage() const
Returns the value of the extended key usage extension.
const unsigned int KEY_USAGE_NON_REPUDIATION
The key usage "nonRepudiation" bit is set.
Definition: Plugin.h:99
static CertificatePtr decode(const std::string &str)
Decodes a certificate from a string that uses the PEM encoding format.
virtual std::vector< X509ExtensionPtr > getX509Extensions() const =0
Obtains a list of the X509v3 extensions contained in the certificate.
const unsigned int KEY_USAGE_KEY_CERT_SIGN
The key usage "keyCertSign" bit is set.
Definition: Plugin.h:115
virtual std::string encode() const =0
Obtains a string encoding of the certificate in PEM format.
std::string reason
The reason for the exception.
Definition: Plugin.h:215
This exception is thrown if a distinguished name cannot be parsed.
Definition: Plugin.h:227
bool match(const DistinguishedName &dn) const
Performs a partial match with another DistinguishedName.
TrustError getTrustError(const IceSSL::ConnectionInfoPtr &)
friend bool operator<(const DistinguishedName &, const DistinguishedName &)
Performs an exact match.
std::string reason
The reason for the exception.
Definition: Plugin.h:247
virtual bool operator!=(const Certificate &) const =0
Compares the certificates for equality using the native certificate comparison method.
bool match(const std::string &dn) const
Performs a partial match with another DistinguishedName.
Helper template for the implementation of Ice::Exception.
Definition: Exception.h:128
virtual ~CertificateEncodingException()
virtual std::string ice_id() const
Returns the type ID of this exception.
const unsigned int EXTENDED_KEY_USAGE_OCSP_SIGNING
The extended key usage "OCSPSigning" bit is set.
Definition: Plugin.h:156
virtual std::string getSerialNumber() const =0
Obtains the serial number.
virtual std::chrono::system_clock::time_point getNotBefore() const =0
Obtains the not-before validity time.
friend bool operator==(const DistinguishedName &, const DistinguishedName &)
Performs an exact match.
virtual std::string toString() const =0
Stringifies the certificate.
virtual std::string ice_id() const
Returns the type ID of this exception.
ParseException(const char *, int, const std::string &)