Public Member Functions | Static Public Member Functions

UaPkiRevocationList Class Reference
[PKI Library Classes]

#include <uapkirevocationlist.h>

List of all members.

Public Member Functions

 UaPkiRevocationList (long validity, const UaPkiIdentity &issuer, long iCrlNumber)
 UaPkiRevocationList (const UaPkiRevocationList &copy)
 ~UaPkiRevocationList ()
UaPkiRevocationList operator= (const UaPkiRevocationList &copy)
bool operator== (const UaPkiRevocationList &other) const
void addRevoked (const UaPkiCertificate &cert, const UaDateTime &revocationDate)
bool verify (const UaPkiPrivateKey &issuerPrivateKey) const
 < [in] The issuer's private key to verify with.
bool sign (const UaPkiPrivateKey &issuerPrivateKey)
UaPkiIdentity issuer () const
long crlNumber () const
UaByteArray toDER () const
int toDERFile (const char *szFile) const
 < [in] The filename to use.
int toPEMFile (const char *szFile) const
 < [in] The filename to use.

Static Public Member Functions

static UaPkiRevocationList fromDER (const UaByteArray &DERdata)
static UaPkiRevocationList fromFile (const char *szFile)

Detailed Description

Class for handling revocation lists. The following sample demonstrates how to create a revocation list. 

  UaPkiIdentity        issuer;
  issuer.commonName = "Example Company";
  issuer.organization = "ACME";
  issuer.organizationUnit = "Development Department";
  issuer.locality = "Zell am See";
  issuer.state = "Salzburg";
  issuer.country = "AT"; 
  // create new keypair
  int                  bits = 2048; 
  UaPkiRsaKeyPair      keyPairIssuer(bits);
  // create new revocation list with validity set to 5 years and CrlNumber 0
  UaPkiRevocationList revocationList(3600*24*365*5, issuer, 0);
  // add a certificate to the list
  UaPkiCertificate certToRevoke = UaPkiCertificate::fromDERFile("/path/to/certToRevoke.der");
  revocationList.addRevoked(certToRevoke, UaDateTime::now());
  // sign the list
  revocationList.sign(keyPairIssuer.privateKey());
  // store revocation list in a DER encoded file
  revocationList.toPEMFile("/path/to/myrevocationlist.crl");

Constructor & Destructor Documentation

UaPkiRevocationList::UaPkiRevocationList ( long  validity,
const UaPkiIdentity issuer,
long  iCrlNumber 
)

Constructor

Parameters:
[in]validityTime from now in seconds until a new CRL will be created.
[in]issuerThe issuer of the Certificate.
[in]iCrlNumberThe CrlNumber of the certificate
UaPkiRevocationList::UaPkiRevocationList ( const UaPkiRevocationList copy )

construction

UaPkiRevocationList::~UaPkiRevocationList (  )

destruction

Member Function Documentation

void UaPkiRevocationList::addRevoked ( const UaPkiCertificate cert,
const UaDateTime revocationDate 
)

Adds a certificate to the revocation list.

Parameters:
[in]certThe certificate to be added.
[in]revocationDateThe certificate will be revoked from this date on.
long UaPkiRevocationList::crlNumber (  ) const

Returns the number of the revocation list.

UaPkiRevocationList UaPkiRevocationList::fromDER ( const UaByteArray DERdata ) [static]

Loads a revocation list from a DER encoded byte array.

Returns:
A new UaPkiRevocationList instance.
Parameters:
[in]DERdataThe DER data.
UaPkiRevocationList UaPkiRevocationList::fromFile ( const char *  szFile ) [static]

Loads a certificate from a CRL or PEM encoded file.

Returns:
A new UaPkiRevocationList instance.
Parameters:
[in]szFileThe file name (local 8 bit encoding).
UaPkiIdentity UaPkiRevocationList::issuer (  ) const

Returns the identity of the revocation list's issuer.

UaPkiRevocationList UaPkiRevocationList::operator= ( const UaPkiRevocationList copy )

ToDoDoc

Parameters:
copyAn existing UaPkiRevocationList.
Returns:
ToDoDoc
bool UaPkiRevocationList::operator== ( const UaPkiRevocationList other ) const

Compares the issuer name of the CRL to another one.

Parameters:
other[in] The other CRL to compare to.
Returns:
True if the issuer names are equal, false if not.
bool UaPkiRevocationList::sign ( const UaPkiPrivateKey &  issuerPrivateKey )

Signs the revocation list.

Returns:
True if signing was successful, false otherwise.
Parameters:
[in]issuerPrivateKeyThe private key of the issuer to sign the list with.
UaByteArray UaPkiRevocationList::toDER (  ) const

Encodes the revocation list into DER format.

Returns:
UaByteArray with DER data.
int UaPkiRevocationList::toDERFile ( const char *  szFile ) const

< [in] The filename to use.

Stores the revocation list into a DER encoded file.

Returns:
1 on success, 0 otherwise.
int UaPkiRevocationList::toPEMFile ( const char *  szFile ) const

< [in] The filename to use.

Stores the revocation list into a PEM encoded file.

Returns:
1 on success, 0 otherwise.
bool UaPkiRevocationList::verify ( const UaPkiPrivateKey &  issuerPrivateKey ) const

< [in] The issuer's private key to verify with.

Verifies the signature of the revocation list.

Returns:
True if the list is valid, false otherwise.
The documentation for this class was generated from the following files:
  • /home/buildbot/work/uasdkcpp/src/uabase/uapkicpp/uapkirevocationlist.h
  • /home/buildbot/work/uasdkcpp/src/uabase/uapkicpp/uapkirevocationlist.cpp