limal-ca-mgm: CA.hpp Source File

Go to the documentation of this file.
 /*---------------------------------------------------------------------\
 |                                                                      |
 |                     _     _   _   _     __     _                     |
 |                    | |   | | | \_/ |   /  \   | |                    |
 |                    | |   | | | |_| |  / /\ \  | |                    |
 |                    | |__ | | | | | | / ____ \ | |__                  |
 |                    |____||_| |_| |_|/ /    \ \|____|                 |
 |                                                                      |
 |                             ca-mgm library                           |
 |                                                                      |
 |                                         (C) SUSE Linux Products GmbH |
 \----------------------------------------------------------------------/
 
   File:       CA.hpp
 
   Author:     <Michael Calmer>     <mc@suse.de>
   Maintainer: <Michael Calmer>     <mc@suse.de>
 
   Purpose:
 
 /-*/
 
 #ifndef    LIMAL_CA_HPP
 #define    LIMAL_CA_HPP
 
 #include  <limal/ca-mgm/config.h>
 #include  <limal/ca-mgm/CommonData.hpp>
 #include  <limal/ca-mgm/RequestGenerationData.hpp>
 #include  <limal/ca-mgm/RequestData.hpp>
 #include  <limal/ca-mgm/CRLGenerationData.hpp>
 #include  <limal/ca-mgm/CRLData.hpp>
 #include  <limal/ca-mgm/CertificateIssueData.hpp>
 #include  <limal/ca-mgm/CertificateData.hpp>
 #include  <limal/ca-mgm/CAConfig.hpp>
 #include  <limal/ByteBuffer.hpp>
 #include  <blocxx/COWIntrusiveReference.hpp>
 
 namespace LIMAL_NAMESPACE
 {
 namespace CA_MGM_NAMESPACE
 {
         class CAImpl;
 
         class CA
         {
         public:
 
                 CA(const String& caName, const String& caPasswd, const String& repos=REPOSITORY);
 
                 ~CA();
 
 
                 String
                 createSubCA(const String& newCaName,
                             const String& keyPasswd,
                             const RequestGenerationData& caRequestData,
                             const CertificateIssueData& caIssueData);
 
                 String
                 createRequest(const String& keyPasswd,
                               const RequestGenerationData& requestData,
                               Type requestType);
 
 
                 String
                 issueCertificate(const String& requestName,
                                  const CertificateIssueData& issueData,
                                  Type certType);
 
                 String
                 createCertificate(const String& keyPasswd,
                                   const RequestGenerationData& requestData,
                                   const CertificateIssueData&  certificateData,
                                   Type type);
 
 
                 void
                 revokeCertificate(const String& certificateName,
                                   const CRLReason& crlReason = CRLReason());
 
                 void
                 createCRL(const CRLGenerationData& crlData);
 
                 String
                 importRequestData(const limal::ByteBuffer& request,
                                   FormatType formatType = E_PEM);
 
                 String
                 importRequest(const String& requestFile,
                               FormatType formatType = E_PEM);
 
 
                 CertificateIssueData
                 getIssueDefaults(Type type);
 
                 RequestGenerationData
                 getRequestDefaults(Type type);
 
                 CRLGenerationData
                 getCRLDefaults();
 
                 void
                 setIssueDefaults(Type type,
                                  const CertificateIssueData& defaults);
 
                 void
                 setRequestDefaults(Type type,
                                    const RequestGenerationData& defaults);
 
                 void
                 setCRLDefaults(const CRLGenerationData& defaults);
 
 
                 blocxx::Array<blocxx::Map<blocxx::String, blocxx::String> >
                 getCertificateList();
 
 
                 blocxx::Array<blocxx::Map<blocxx::String, blocxx::String> >
                 getRequestList();
 
 
 
                 CertificateData
                 getCA();
 
                 RequestData
                 getRequest(const String& requestName);
 
                 CertificateData
                 getCertificate(const String& certificateName);
 
 
                 CRLData
                 getCRL();
 
 
                 limal::ByteBuffer
                 exportCACert(FormatType exportType);
 
                 limal::ByteBuffer
                 exportCAKeyAsPEM(const String& newPassword);
 
                 limal::ByteBuffer
                 exportCAKeyAsDER();
 
                 limal::ByteBuffer
                 exportCAasPKCS12(const String& p12Password,
                                  bool withChain = false);
 
 
                 limal::ByteBuffer
                 exportCertificate(const String& certificateName,
                                   FormatType exportType);
 
                 limal::ByteBuffer
                 exportCertificateKeyAsPEM(const String& certificateName,
                                           const String& keyPassword,
                                           const String& newPassword);
 
                 limal::ByteBuffer
                 exportCertificateKeyAsDER(const String& certificateName,
                                           const String& keyPassword);
 
                 limal::ByteBuffer
                 exportCertificateAsPKCS12(const String& certificateName,
                                           const String& keyPassword,
                                           const String& p12Password,
                                           bool withChain = false);
 
                 limal::ByteBuffer
                 exportCRL(FormatType exportType);
 
 
                 void
                 deleteRequest(const String& requestName);
 
                 void
                 deleteCertificate(const String& certificateName,
                                   bool requestToo = true);
 
 
                 void
                 updateDB();
 
                 bool
                 verifyCertificate(const String& certificateName,
                                   bool crlCheck = true,
                                   const String& purpose = String("any"));
 
                 CAConfig*
                 getConfig();
 
 
                 /* ##########################################################################
                  * ###          static Functions                                          ###
                  * ##########################################################################
                  */
 
                 static void
                 createRootCA(const String& caName,
                              const String& caPasswd,
                              const RequestGenerationData& caRequestData,
                              const CertificateIssueData& caIssueData,
                              const String& repos=REPOSITORY);
 
 
                 static void
                 importCA(const String& caName,
                          const limal::ByteBuffer& caCertificate,
                          const limal::ByteBuffer& caKey,
                          const String& caPasswd = String(),
                          const String& repos=REPOSITORY);
 
                 static blocxx::Array<blocxx::String>
                 getCAList(const String& repos=REPOSITORY);
 
                 static blocxx::List<blocxx::Array<blocxx::String> >
                 getCATree(const String& repos=REPOSITORY);
 
                 static CertificateIssueData
                 getRootCAIssueDefaults(const String& repos=REPOSITORY);
 
                 static RequestGenerationData
                 getRootCARequestDefaults(const String& repos=REPOSITORY);
 
 
                 static void
                 deleteCA(const String& caName,
                          const String& caPasswd,
                          bool  force = false,
                          const String& repos = REPOSITORY);
 
         private:
                 blocxx::COWIntrusiveReference<CAImpl> m_impl;
 
 
                 CA();
                 CA(const CA&);
 
                 CA&
                 operator=(const CA&);
 
                 void
                 checkDNPolicy(const DNObject& dn, Type type);
 
                 String
                 initConfigFile();
 
                 void
                 commitConfig2Template();
 
                 void
                 removeDefaultsFromConfig();
         };
 
 }       // End of CA_MGM_NAMESPACE
 }       // End of LIMAL_NAMESPACE
 
 
 #endif  // LIMAL_CA_MGM_HPP
 