CPKIFCAPIRepository2 Class Reference

#include <PKIFCAPIRepository2.h>

Inheritance diagram for CPKIFCAPIRepository2:

[legend]

Collaboration diagram for CPKIFCAPIRepository2:

[legend]

List of all members.

---

Detailed Description

The CPKIFCAPIRepository2 class can be used to retrieve certificates and CRLs from a Microsoft CAPI certificate store. It implements two PKI-related interfaces: IPKIFPKIRepository and IPKIFCertSearch. Each instance of this class is associated with a specific Microsoft CAPI certificate store. The constructor takes two parameters that are used to specify which certificate store is associated with an instance of this class. The default constructor parameters are:

	CERT_SYSTEM_STORE_CURRENT_USER
	"CA"

These parameters are passed to the Windows CertOpenStore function upon initialization. Consult Microsoft MSDN documentation for details on various options that may be used to target an alternative certificate store. Typically, this class is not used directly by applications and is primarily intended for as a colleague associated with a cache mediator used by the path builder.

TSP-enforcing: No

Definition at line 43 of file PKIFCAPIRepository2.h.

Public Member Functions
	CPKIFCAPIRepository2 (int sysStoRegLoc=CERT_SYSTEM_STORE_CURRENT_USER, const char *store=g_defCACCAPIStore)
virtual	~CPKIFCAPIRepository2 (void)
void	Initialize (void)
void	GetCRLs (const CPKIFCertificatePtr &cert, CPKIFCRLList &crlList, PKIInfoSource source=ALL)
void	GetCertificates (const CPKIFNamePtr &subDN, CPKIFCertificateList &certList, PKIInfoSource source=ALL)
void	GetCertificates (const CPKIFCertificatePtr &cert, CPKIFCertificateList &certList, PKIInfoSource source=ALL, PathBuildingDirection pbd=PBD_FORWARD)
void	GetCertificateSources (const CPKIFCertificatePtr &cert, CPKIFCertificateSourceList &certs, PathBuildingDirection pbd=PBD_FORWARD)
void	GetCRLSources (const CPKIFCertificatePtr &cert, CPKIFCrlSourceList &crlNodeList, PKIInfoSource source=ALL)
PKIInfoSource	GetSourceType ()
void	FindCertificates (IPKIFSearchCriteria *searchCriteria, CPKIFCertificateList &certList, PKIInfoSource source=ALL)
Friends
struct	CPKIFCAPIRepository2Impl

---

Constructor & Destructor Documentation

CPKIFCAPIRepository2::CPKIFCAPIRepository2	(	int	sysStoRegLoc = CERT_SYSTEM_STORE_CURRENT_USER,
		const char *	store = g_defCACCAPIStore
	)

Interface: External

This function creates and initializes CPKIFCAPIRepository2 objects. The parameters determine which certificate store is associated with an instance of CPKIFCAPIRepository2. The default certificate store is the "CA" store associated with the current Windows user. For Windows services using PKIF, the sysStoRegLoc parameter should be set to CERT_SYSTEM_STORE_LOCA_MACHINE and the store parameter can be left to the default value. Consult Microsoft MSDN documentation for details on various options that may be used to target an alternative certificate store.

This function does not attempt to open the certificate store identified by the parameters. An attempt to open the store will be made when the Initialize function is called, which occurs when an instance of CPKIFCAPIRepository2 is passed to the AddColleague function of a mediator class (presumably the CPKIFCacheMediator2 class).

Returns:

None

Parameters:

sysStoRegLoc	[in] An integer indicating which certificate store is associated with an instance of CPKIFCAPITrustRootCRLRepository2.
store	[in] An NULL terminated string indicating which certificate store is associated with an instance of CPKIFCAPITrustRootCRLRepository2.

Definition at line 108 of file PKIFCAPIRepository2.cpp.

References LOG_STRING_DEBUG, and TOOLKIT_SR_CAPIREPOSITORY.

CPKIFCAPIRepository2::~CPKIFCAPIRepository2

(

void

)

[virtual]

Interface: External

This function destroys CPKIFCAPIRepository2 objects.

Returns:

None

Definition at line 144 of file PKIFCAPIRepository2.cpp.

References LOG_STRING_DEBUG, and TOOLKIT_SR_CAPIREPOSITORY.

---

Member Function Documentation

void CPKIFCAPIRepository2::Initialize

(

void

)

[virtual]

Interface: External

This function initializes an instance for use in a collection of IPKIFColleague objects held by a mediator. Initialization includes attempting to open the certificate store specified by the constructor parameters. If the store cannot be opened an exception indicating CACHE_CERT_STORE_OPEN_FAILED will be raised.

Returns:

None

Exceptions:

CPKIFCacheException(CACHE_CERT_STORE_OPEN_FAILED)

Reimplemented from IPKIFColleague.

Definition at line 206 of file PKIFCAPIRepository2.cpp.

References COMMON_ALREADY_INITIALIZED, LOG_STRING_DEBUG, LOG_STRING_WARN, and TOOLKIT_SR_CAPIREPOSITORY.

void CPKIFCAPIRepository2::GetCRLs	(	const CPKIFCertificatePtr &	cert,
		CPKIFCRLList &	crlList,
		PKIInfoSource	source = ALL
	)			[virtual]

Interface: External

This function appends pointers to CRLs that may be applicable to the certificate identified by cert to crlList. This function does not ensure that all CRLs are applicable to the specified certificate. The function simply returns without searching when source is equal to REMOTE. This function will search the certificate store identified by the constructor parameters.

Returns:

None

Exceptions:

CPKIFCacheException(COMMON_INVALID_INPUT)

Parameters:

cert	[in] Pointer to a certificate for which revocation status is to be checked
crlList	[out] Reference to a CRL list to receive CRLs that may be associated with the specified certificate
source	[in] PKIInfoSource indicating the locations to search for CRLs

Implements IPKIFCRLRepository.

Definition at line 389 of file PKIFCAPIRepository2.cpp.

References CACHE_PARSE_ERROR, COMMON_INVALID_INPUT, CPKIFCertificate::Issuer(), LOG_STRING_DEBUG, LOG_STRING_INFO, RAISE_CACHE_EXCEPTION, PKIFENUMS::REMOTE, GottaMatch< T >::SetRHS(), and TOOLKIT_SR_CAPIREPOSITORY.

void CPKIFCAPIRepository2::GetCertificates	(	const CPKIFNamePtr &	subDN,
		CPKIFCertificateList &	certList,
		PKIInfoSource	source = ALL
	)			[virtual]

Interface: External

This function appends pointers to certificates that are issued to the entity identified by subDN to certList. The function simply returns without searching when source is equal to REMOTE. This function will search the certificate store identified by the constructor parameters.

Returns:

None

Parameters:

subDN	[in] Pointer to a distinguished name corresponding to the subject distinguished name in the desired certificates
certList	[out] List of pointers to certificates with a subject distinguished name equal to the value passed via the subDN parameter
source	[in] PKIInfoSource value indicating the types of locations that should be searched for certificates

Implements IPKIFCertRepository.

Definition at line 230 of file PKIFCAPIRepository2.cpp.

References CACHE_PARSE_ERROR, COMMON_UNKNOWN_ERROR, LOG_STRING_DEBUG, LOG_STRING_ERROR, LOG_STRING_INFO, RAISE_CACHE_EXCEPTION, PKIFENUMS::REMOTE, GottaMatch< T >::SetRHS(), and TOOLKIT_SR_CAPIREPOSITORY.

Referenced by GetCertificateSources().

void CPKIFCAPIRepository2::GetCertificates	(	const CPKIFCertificatePtr &	certOfInterest,
		CPKIFCertificateList &	certList,
		PKIInfoSource	source = ALL,
		PathBuildingDirection	pbd = PBD_FORWARD
	)			[virtual]

Interface: External

This function appends pointers to certificates given a cert of interest and a build direction. If the build direction is FORWARD The stores will be searched for the subject name of the cert of interest, otherwise the stores will be searched for the issuer of the cert of interst. The function simply returns without searching when source is equal to REMOTE. This function will search the certificate store identified by the constructor parameters.

Returns:

None

Parameters:

certOfInterest	[in] A reference to a smart pointer to CPKIFCertificate object containing certificate of interest
certList	[out] A reference to CPKIFCertificateList object which will contain found certificates
source	[in] PKIInfoSource indicating the locations to search for certificates
pbd	[in] Enum identifying build direction

Reimplemented from IPKIFCertRepository.

Definition at line 662 of file PKIFCAPIRepository2.cpp.

References CPKIFCertificate::Issuer(), LOG_STRING_DEBUG, LOG_STRING_ERROR, LOG_STRING_INFO, PKIFENUMS::PBD_FORWARD, PKIFENUMS::REMOTE, and TOOLKIT_SR_CAPIREPOSITORY.

void CPKIFCAPIRepository2::GetCertificateSources	(	const CPKIFCertificatePtr &	cert,
		CPKIFCertificateSourceList &	certs,
		PathBuildingDirection	pbd = PBD_FORWARD
	)

Interface: External

This function appends pointers to certificates and source info given a cert of interest and a build direction. If the build direction is FORWARD The stores will be searched for the subject name of the cert of interest, otherwise the stores will be searched for the issuer of the cert of interest. This function will search the certificate store identified by the constructor parameters.

Returns:

None

Parameters:

cert	[in] A reference to a smart pointer to CPKIFCertificate object containing certificate of interest
certs	[out] A reference to CPKIFCertificateList object which will contain found certificates
pbd	[in] Enum identifying build direction

Definition at line 770 of file PKIFCAPIRepository2.cpp.

References GetCertificates(), PKIFENUMS::LOCAL, and PAS_AVAILABLE.

void CPKIFCAPIRepository2::GetCRLSources	(	const CPKIFCertificatePtr &	cert,
		CPKIFCrlSourceList &	crlSourceList,
		PKIInfoSource	source = ALL
	)

Interface: External

This function appends pointers to CRLs and CRL source that may be applicable to the certificate identified by cert to crlList. This function does not ensure that all CRLs are applicable to the specified certificate. The function simply returns without searching when source is equal to REMOTE. This function will search the certificate store identified by the constructor parameters. This function also identifies crl source.

Returns:

None

Exceptions:

CPKIFCacheException(COMMON_INVALID_INPUT)

Parameters:

cert	[in] Pointer to a certificate for which revocation status is to be checked
crlSourceList	[out] Reference to a CRLNodeList list to receive CRLs and source info that may be associated with the specified certificate
source	[in] PKIInfoSource indicating the locations to search for CRLs

Definition at line 509 of file PKIFCAPIRepository2.cpp.

References CACHE_PARSE_ERROR, COMMON_INVALID_INPUT, CPKIFCertificate::Issuer(), LOG_STRING_DEBUG, LOG_STRING_ERROR, LOG_STRING_INFO, PAS_AVAILABLE, RAISE_CACHE_EXCEPTION, PKIFENUMS::REMOTE, and TOOLKIT_SR_CAPIREPOSITORY.

PKIInfoSource CPKIFCAPIRepository2::GetSourceType

(

)

[inline, virtual]

Implements IPKIFCertRepository.

Definition at line 66 of file PKIFCAPIRepository2.h.

References PKIFENUMS::LOCAL.

void CPKIFCAPIRepository2::FindCertificates	(	IPKIFSearchCriteria *	searchCriteria,
		CPKIFCertificateList &	certList,
		PKIInfoSource	source = ALL
	)			[virtual]

Parameters:

searchCriteria	[in] Pointer to a searchCriteria interface
certList	[out] List of certificates that match the specified search criteria
source	[in] PKIInfoSource value indicating the locations to search

Implements IPKIFCertSearch.

Definition at line 822 of file PKIFCAPIRepository2.cpp.

References ALLCERTS, atob(), COMMON_INVALID_INPUT, CPKIFIssuerNameAndSerialNumberBasedSearch::GetIssuerName(), CPKIFKeyIDBasedSearch::GetKeyID(), IPKIFSearchCriteria::GetSearchType(), CPKIFIssuerNameAndSerialNumberBasedSearch::GetSerialNumber(), CPKIFNameBasedSearch::GetStringName(), CPKIFCertificate::Issuer(), ISSUERNAME, ISSUERSERIAL, KEYID, LOG_STRING_DEBUG, LOG_STRING_ERROR, PKIFDelete(), PKIFENUMS::REMOTE, ReverseBytes(), CPKIFCertificate::SerialNumber(), GottaMatch< T >::SetRHS(), StrToName(), SUBJECTNAME, and TOOLKIT_SR_CAPIUSERREPOSITORY.

---

Friends And Related Function Documentation

friend struct CPKIFCAPIRepository2Impl [friend]

Definition at line 46 of file PKIFCAPIRepository2.h.

---

The documentation for this class was generated from the following files:

• PKIFCAPIRepository2.h
• PKIFCAPIRepository2.cpp