PKIFPathBuildAndValidate.cpp

Go to the documentation of this file.
00001 
00009 #include "PKIFPathBuildAndValidate.h"
00010 #include "PathConstants.h"
00011 #include "PKIFPathValidator2.h"
00012 #include "PKIFPathBuilder2.h"
00013 #include "Certificate.h"
00014 #include "KeyUsage.h"
00015 #include "Validity.h"
00016 #include "PKIFCertificateNodeEntry.h"
00017 #include "PKIFFuncStorage.h"
00018 #include "PathResults.h"
00019 #include "PKIFMediators.h"
00020 #include "PKIFPathSettings.h"
00021 #include "PKIFCertificatePath.h"
00022 
00023 #include "PKIFException.h"
00024 
00032 CPKIFPathBuildAndValidate::CPKIFPathBuildAndValidate(void)
00033 {
00034 }
00042 CPKIFPathBuildAndValidate::~CPKIFPathBuildAndValidate(void)
00043 {
00044 }
00052 void CPKIFPathBuildAndValidate::Initialize()
00053 {
00054 }
00062 void CAC_API keyUsageChecker_Any(
00064     const CPKIFCertificateNodeEntryPtr& certNode, 
00066     CPKIFPathValidationResults& results,
00068     CertificateType type)
00069 {
00070     if(EE == type)
00071     {
00072         CPKIFCertificatePtr curCert = certNode->GetCert();
00073         CPKIFKeyUsagePtr keyUsage = curCert->GetExtension<CPKIFKeyUsage>();
00074         if(keyUsage != (CPKIFKeyUsage*)NULL /*&& (keyUsage->DigitalSignature() || keyUsage->NonRepudiation())*/)
00075         {
00076             CPKIFX509ExtensionPtr keyUsage2 = keyUsage;
00077             certNode->MarkExtensionAsProcessed(keyUsage2);
00078         }
00079     }
00080 }
00081 
00094 //Functor<void, TYPELIST_3(const CPKIFCertificateNodeEntryPtr&, CPKIFPathValidationResults&, CertificateType)> keyUsageAny(keyUsageChecker_Any);
00095 bool CPKIFPathBuildAndValidate::BuildAndValidatePath(
00099     CPKIFCertificatePath& path, 
00102     CPKIFPathValidationResults& results)
00103 {
00104     CPKIFFuncStoragePtr keyUsageAny(new CPKIFFuncStorage(keyUsageChecker_Any));
00105 
00106     //create a builder object
00107     IPKIFPathBuild* pb = GetMediatorFromParent<IPKIFPathBuild>();
00108 
00109     //create a builder object
00110     IPKIFPathValidate* pv = GetMediatorFromParent<IPKIFPathValidate>();
00111 
00112     if(!pb || !pv)
00113         return false;
00114 
00115     try
00116     {
00117         //This do/while will iteratively call Build and Validate until all paths have been tried
00118         //or a good path has been found.  
00119         do
00120         {
00121             if(!pb->BuildPath(path))
00122             {
00123                 break;
00124             }
00125             if(pv->ValidatePath(path, results, keyUsageAny))
00126             {
00127                 CPKIFPathSettingsPtr effectiveSettings;
00128                 path.GetPathSettings(effectiveSettings);
00129                 bool bCheckRevStatus = effectiveSettings->GetCheckRevocationStatus();
00130                 if((bCheckRevStatus && NOT_REVOKED == results.GetRevocationStatusMostSevere())||
00131                     (!bCheckRevStatus && results.GetCertSignaturesVerified()))
00132                 {
00133                     return true;
00134                 }
00135             }
00136         }while(1);
00137 
00138         return false;
00139     }
00140     catch(CPKIFException& e)
00141     {
00142         throw e;
00143     }
00144 
00145 }
00146
Generated on Mon Nov 15 11:15:55 2010 for PublicKeyInfrastructureFramework(PKIF) by  doxygen 1.5.6