PKIFOCSPChecker.h

Go to the documentation of this file.
00001 
00009 #ifndef __PKIFOCSPCHECKER_H__
00010 #define __PKIFOCSPCHECKER_H__
00011 
00012 #include "PKIFdll.h"
00013 #include "IPKIFColleague.h"
00014 #include "PKIFRevocationStatusInterfaces.h"
00015 #include "components.h"
00016 
00017 struct CPKIFOCSPCheckerImpl;
00018 FD_SMART_PTR(CPKIFCertificate);
00019 FD_SMART_PTR(CPKIFCertStatus);
00020 FD_SMART_PTR(CPKIFPathSettings);
00021 FD_SMART_PTR(CPKIFCredential);
00022 FD_SMART_PTR(CPKIFBuffer);
00023 FD_SMART_PTR(CPKIFGeneralSubtree);
00024 FD_LIST_PTR(CPKIFGeneralSubtree);
00025 
00026 
00041 class CAC_API CPKIFOCSPChecker : public IPKIFColleague, public IPKIFRevocationStatus
00042 {
00043     friend struct CPKIFOCSPCheckerImpl;
00044 public:
00045     CPKIFOCSPChecker(void);
00046     virtual ~CPKIFOCSPChecker(void);
00047     CPKIFOCSPChecker(const CPKIFOCSPChecker& copy);
00048 
00049     void SetHost(const char* host);
00050     void Set_Port(int port);
00051     void SetURL(const char * url);
00052     CPKIFStringPtr GetHost() const;
00053     CPKIFStringPtr GetURL() const;
00054     int GetPort() const;
00055 
00056     void SetMultiCertRequest(bool bDoMultiCertRequests);
00057     bool GetMultiCertRequest();
00058 
00059     //IPKIFColleague functions
00060     void Initialize();
00061 
00062     bool CheckStatus(const CPKIFCertificatePtr& targetCert, const CPKIFCertificatePtr& issuersCert, RevocationStatus& status, CPKIFCertStatusPtr& certStatus);
00063     bool CheckStatusPath(CPKIFCertificatePath& path, RevocationStatus& status);
00064 
00065     //Sets the path settings that are used when either an offline
00066     //response is being directly verified using an instance of this class
00067     //or when the status of a single certificate is being determined (instead
00068     //of a path) - the settings obtained from the path object are used in other 
00069     //cases
00070     void SetPathSettings(CPKIFPathSettingsPtr& settings);
00071 
00072     //added 7/31/2005 to enable support for signed OCSP requests
00073     void SetSigningCredential(CPKIFCredentialPtr& cred);
00074     CPKIFCredentialPtr GetSigningCredential() const;
00075 
00076     void SetResponderPublicKey(CPKIFCertificatePtr& cert, bool bRequireThisCert = false);
00077     CPKIFCertificatePtr GetResponderPublicKey() const;
00078     bool GetRequireSpecificCert() const;
00079 
00080     void AddNamespace(CPKIFGeneralSubtreePtr& name);
00081     CPKIFGeneralSubtreeList GetNamespaces();
00082 
00083     void AddIssuerNamespace(CPKIFGeneralSubtreePtr& name);
00084     CPKIFGeneralSubtreeList GetIssuerNamespaces();
00085 
00086 //moved to path settings class 7/18/2004 - crw
00087 //  void SetRequireSufficientlyRecent(bool requireSufficientlyRecent);
00088 //  void SetSufficientlyRecent(int seconds);
00089 
00090     //added two nonce flags and supporting code 6/9/2004
00091     void SetGenerateNonce(bool bGenerateNonce);
00092     bool GetGenerateNonce();
00093 
00094     void SetRequireNonceMatch(bool bRequireNonceMatch);
00095     bool GetRequireNonceMatch();
00096 
00097     //added 12/11/2003
00098     bool ProcessOfflineResponse(CPKIFCertificatePtr& targetCert, CPKIFCertificatePtr& targetIssuer, bool responderIsTrusted,
00099                                               CPKIFBufferPtr& ocspResponse, CPKIFCertStatusPtr& targetCertStatus);
00100 
00101     void SetCacheValidatedResponders(bool b);
00102     bool GetCacheValidatedResponders();
00103 
00104 private:
00106     CPKIFOCSPChecker& operator=(const CPKIFOCSPChecker& rhs); //added 4/6/2004
00107 
00108     enum {thisComponent=TOOLKIT_OCSP_CHECKER};
00109 
00110     struct CPKIFOCSPCheckerImpl *m_impl;
00111 
00112 
00113 };
00114 DECLARE_SMART_POINTERS(CPKIFOCSPChecker);
00115 
00116 CAC_API CPKIFOCSPChecker* MakeOCSPChecker();
00117 CAC_API void FreeOCSPChecker(CPKIFOCSPChecker* ldap);
00118 
00119 
00120 #endif
00121