Ice 3.7 C++11 API Reference
|
This convenience class is a wrapper around a native certificate. More...
#include <IceSSL/IceSSL.h>
Public Member Functions | |
virtual bool | checkValidity () const =0 |
Checks that the certificate is currently valid, that is, the current date falls between the validity period given in the certificate. More... | |
virtual bool | checkValidity (const std::chrono::system_clock::time_point &t) const =0 |
Checks that the certificate is valid at the given time. More... | |
virtual std::string | encode () const =0 |
Obtains a string encoding of the certificate in PEM format. More... | |
virtual std::vector< Ice::Byte > | getAuthorityKeyIdentifier () const =0 |
Obtains the authority key identifier. More... | |
unsigned int | getExtendedKeyUsage () const |
Returns the value of the extended key usage extension. More... | |
virtual std::vector< std::pair< int, std::string > > | getIssuerAlternativeNames () const =0 |
Obtains the values in the issuer's alternative names extension. More... | |
virtual DistinguishedName | getIssuerDN () const =0 |
Obtains the issuer's distinguished name (DN). More... | |
unsigned int | getKeyUsage () const |
Returns the value of the key usage extension. More... | |
virtual std::chrono::system_clock::time_point | getNotAfter () const =0 |
Obtains the not-after validity time. More... | |
virtual std::chrono::system_clock::time_point | getNotBefore () const =0 |
Obtains the not-before validity time. More... | |
virtual std::string | getSerialNumber () const =0 |
Obtains the serial number. More... | |
virtual std::vector< std::pair< int, std::string > > | getSubjectAlternativeNames () const =0 |
See the comment for Plugin::getIssuerAlternativeNames. More... | |
virtual DistinguishedName | getSubjectDN () const =0 |
Obtains the subject's distinguished name (DN). More... | |
virtual std::vector< Ice::Byte > | getSubjectKeyIdentifier () const =0 |
Obtains the subject key identifier. More... | |
virtual int | getVersion () const =0 |
Obtains the certificate version number. More... | |
virtual X509ExtensionPtr | getX509Extension (const std::string &oid) const =0 |
Obtains the extension with the given OID. More... | |
virtual std::vector< X509ExtensionPtr > | getX509Extensions () const =0 |
Obtains a list of the X509v3 extensions contained in the certificate. More... | |
virtual bool | operator!= (const Certificate &) const =0 |
Compares the certificates for equality using the native certificate comparison method. More... | |
virtual bool | operator== (const Certificate &) const =0 |
Compares the certificates for equality using the native certificate comparison method. More... | |
virtual std::string | toString () const =0 |
Stringifies the certificate. More... | |
virtual bool | verify (const CertificatePtr &cert) const =0 |
Verifies that this certificate was signed by the given certificate public key. More... | |
Static Public Member Functions | |
static CertificatePtr | decode (const std::string &str) |
Decodes a certificate from a string that uses the PEM encoding format. More... | |
static CertificatePtr | load (const std::string &file) |
Loads the certificate from a file. More... | |
This convenience class is a wrapper around a native certificate.
The interface is inspired by java.security.cert.X509Certificate.
|
pure virtual |
Checks that the certificate is currently valid, that is, the current date falls between the validity period given in the certificate.
|
pure virtual |
Checks that the certificate is valid at the given time.
t | The target time. |
|
static |
Decodes a certificate from a string that uses the PEM encoding format.
str | A string containing the encoded certificate. |
CertificateEncodingException | if an error occurs. |
|
pure virtual |
Obtains a string encoding of the certificate in PEM format.
CertificateEncodingException | if an error occurs. |
|
pure virtual |
Obtains the authority key identifier.
unsigned int IceSSL::Certificate::getExtendedKeyUsage | ( | ) | const |
Returns the value of the extended key usage extension.
The flags EXTENDED_KEY_USAGE_ANY_KEY_USAGE, EXTENDED_KEY_USAGE_SERVER_AUTH, EXTENDED_KEY_USAGE_CLIENT_AUTH, EXTENDED_KEY_USAGE_CODE_SIGNING, EXTENDED_KEY_USAGE_EMAIL_PROTECTION, EXTENDED_KEY_USAGE_TIME_STAMPING and EXTENDED_KEY_USAGE_OCSP_SIGNING can be used to check what extended key usage bits are set.
|
pure virtual |
Obtains the values in the issuer's alternative names extension.
The returned list contains a pair of int, string.
otherName [0] OtherName rfc822Name [1] IA5String dNSName [2] IA5String x400Address [3] ORAddress directoryName [4] Name ediPartyName [5] EDIPartyName uniformResourceIdentifier [6] IA5String iPAddress [7] OCTET STRING registeredID [8] OBJECT IDENTIFIER
rfc822Name, dNSName, directoryName and uniformResourceIdentifier data is returned as a string.
iPAddress is returned in dotted quad notation. IPv6 is not currently supported.
All distinguished names are encoded in RFC2253 format.
The remainder of the data will result in an empty string. Use the raw X509* certificate to obtain these values.
|
pure virtual |
Obtains the issuer's distinguished name (DN).
unsigned int IceSSL::Certificate::getKeyUsage | ( | ) | const |
Returns the value of the key usage extension.
The flags KEY_USAGE_DIGITAL_SIGNATURE, KEY_USAGE_NON_REPUDIATION, KEY_USAGE_KEY_ENCIPHERMENT, KEY_USAGE_DATA_ENCIPHERMENT KEY_USAGE_KEY_AGREEMENT, KEY_USAGE_KEY_CERT_SIGN, KEY_USAGE_CRL_SIGN, KEY_USAGE_ENCIPHER_ONLY and KEY_USAGE_DECIPHER_ONLY can be used to check what key usage bits are set.
|
pure virtual |
Obtains the not-after validity time.
|
pure virtual |
Obtains the not-before validity time.
|
pure virtual |
Obtains the serial number.
This is an arbitrarily large number.
|
pure virtual |
See the comment for Plugin::getIssuerAlternativeNames.
|
pure virtual |
Obtains the subject's distinguished name (DN).
|
pure virtual |
Obtains the subject key identifier.
|
pure virtual |
Obtains the certificate version number.
|
pure virtual |
Obtains the extension with the given OID.
|
pure virtual |
Obtains a list of the X509v3 extensions contained in the certificate.
|
static |
Loads the certificate from a file.
The certificate must use the PEM encoding format.
file | The certificate file. |
CertificateReadException | if the file cannot be read. |
|
pure virtual |
Compares the certificates for equality using the native certificate comparison method.
|
pure virtual |
Compares the certificates for equality using the native certificate comparison method.
|
pure virtual |
Stringifies the certificate.
This is a human readable version of the certificate, not a DER or PEM encoding.
|
pure virtual |
Verifies that this certificate was signed by the given certificate public key.
cert | A certificate containing the public key. |