CPKIFCacheMediator2 Class Reference

#include <PKIFCacheMediator2.h>

Inheritance diagram for CPKIFCacheMediator2:

[legend]

Collaboration diagram for CPKIFCacheMediator2:

[legend]

List of all members.

---

Detailed Description

CPKIFCacheMediator2 implements four interfaces (one of which, IPKIFPKIRepositoryFull, is a shorthand representation of several additional interfaces), as shown in the following definition:

 
class CPKIFCacheMediator2 :	public IPKIFMediator, public IPKIFTrustCache, 
							public IPKIFPKIRepositoryFull, public IPKIFCertSearch

Colleague objects must be manually associated with an instance of CPKIFCacheMediator2 in order for any functionality to be accessible. Alternatively, a complete set of mediators and colleagues can be created using the MakeDefaultMediator function, which associates the following cache-related colleagues with an instance of CPKIFCacheMediator2 by default:

	CPKIFCAPIRepository2
	CPKIFCAPITrustStore2
	CPKIFCAPITrustRootCRLRepository2
	CPKIFCRLDPRetrieval

These colleagues provide functionality to retrieve trust roots, certificates and CRLs from the current user’s "CA" certificate store as well as retrieving CRLs identified by LDAP or HTTP URLs in CRL distribution point extensions in certificates. The default colleague collection is intended to support path building and path validation. CPKIFCacheMediator2 queries all associated colleagues that implement a specific interface upon each invocation and thus may collect and return information retrieved from a variety of sources. For example, assume an instance CPKIFCacheMediator2 has the default colleagues associated by passing boolean true into the CPKIFCacheMediator2 constructor, plus a SimpleCertCache associated at runtime. When the GetCertificates function is invoked, the mediator will query the associated CPKIFCAPIRepository2 and SimpleCertCache objects and return certificates from each (removing any duplicates before returning the certificates to the application).

Applications may wish to define mediator/colleague collections directly instead of using the MakeDefaultMediator function. In-memory cache colleagues from the SimpleXXX family of colleagues can be associated with a CPKIFCacheMediator2 instance by an application to permit application control over the lifetime of the cache and to permit a cache instance can to be used by multiple mediator instances.

CPKIFLDAPRepository requires runtime information to locate an LDAP server. This precludes inclusion by MakeDefaultMediator. The Associating an LDAP Directory with a CMS Object and Enabling OCSP samples provide examples for adding colleagues manually and for using MakeDefaultMediator.

TSP-enforcing: Yes

Definition at line 77 of file PKIFCacheMediator2.h.

Public Member Functions
	CPKIFCacheMediator2 (bool addDefaultColleagues=false)
virtual	~CPKIFCacheMediator2 (void)
void	InitializeMediator (std::vector< CPKIFException * > *errorInfo)
void	Terminate ()
void	Initialize ()
void	GetColleagues (std::vector< IPKIFColleaguePtr > &v) const
void	AddColleague (IPKIFColleaguePtr &module)
void	GetCRLs (const CPKIFCertificatePtr &cert, CPKIFCRLList &crlList, PKIInfoSource source=ALL)
void	GetCRLs (const CPKIFCertificatePtr &cert, CPKIFCRLNodeList &crlNodeList, PKIInfoSource source=ALL)
void	GetCRLs (const CPKIFCertificatePtr &cert, CPKIFCRLList &crlList, PKIInfoSource source, CPKIFPathSettingsPtr &ps)
void	GetCRLs (const CPKIFCertificatePtr &cert, CPKIFCRLNodeList &crlNodeList, PKIInfoSource source, CPKIFPathSettingsPtr &ps)
void	GetCertificates (const CPKIFNamePtr &subDN, CPKIFCertificateList &certList, PKIInfoSource source=ALL)
void	GetCertificates (const CPKIFNamePtr &subDN, CPKIFCertificateNodeList &certNodeList, PKIInfoSource source=ALL)
void	GetCertificates (const CPKIFCertificatePtr &cert, CPKIFCertificateList &certList, PKIInfoSource source=ALL, PathBuildingDirection pbd=PBD_FORWARD)
void	GetCertificates (const CPKIFCertificatePtr &cert, CPKIFCertificateNodeList &certNodeList, PKIInfoSource source=ALL, PathBuildingDirection pbd=PBD_FORWARD)
void	GetCertificates (const CPKIFNamePtr &subDN, CPKIFCertificateList &certList, PKIInfoSource source, CPKIFPathSettingsPtr &ps)
void	GetCertificates (const CPKIFCertificatePtr &cert, CPKIFCertificateList &certList, PKIInfoSource source, PathBuildingDirection pbd, CPKIFPathSettingsPtr &ps)
void	GetCertificates (const CPKIFCertificatePtr &cert, CPKIFCertificateNodeList &certNodeList, PKIInfoSource source, PathBuildingDirection pbd, CPKIFPathSettingsPtr &ps)
void	GetCertificates (const CPKIFNamePtr &subDN, CPKIFCertificateNodeList &certNodeList, PKIInfoSource source, CPKIFPathSettingsPtr &ps)
void	AddCRL (const CPKIFCRLPtr &crl, const CPKIFGeneralNamePtr &dp)
void	AddCertificate (CertType certType, const CPKIFCertificatePtr &cert)
void	AddCertificate (CertType certType, const CPKIFCertificateNodeEntryPtr &certNode)
bool	GetTrustRoots (const CPKIFNamePtr &subDN, IPKIFTrustAnchorList &rootList)
void	FindCertificates (IPKIFSearchCriteria *searchCriteria, CPKIFCertificateList &certList, PKIInfoSource source=ALL)
void	FindKeys (IPKIFSearchCriteria *searchCriteria, IPKIFNameAndKeyList &keyList, PKIInfoSource source=ALL)
void	GetCertificateSources (const CPKIFCertificatePtr &cert, CPKIFCertificateSourceList &certs, PathBuildingDirection pbd=PBD_FORWARD)
PKIInfoSource	GetSourceType ()

---

Constructor & Destructor Documentation

CPKIFCacheMediator2::CPKIFCacheMediator2

(

bool

addDefaultColleagues = false

)

Interface: External

This function creates an instance of CPKIFCacheMediator2. If the addDefaultColleagues parameter is set to true the following colleagues CPKIFCAPITrustStore2, CPKIFCAPITrustRootCRLRepository2, CPKIFCAPIRepository2, CPKIFCRLDPRetrieval will be added to the mediator upon initialization. Following construction, CPKIFCacheMediator2 instances are not ready for use. It is necessary to call Initialize prior to exercising any functionality.

Returns:

None

Parameters:

addDefaultColleagues

[in] Boolean value, if true will force Initialize to add default colleagues to the mediator

Definition at line 228 of file PKIFCacheMediator2.cpp.

References LOG_STRING_DEBUG, and TOOLKIT_SR_MEDIATOR.

CPKIFCacheMediator2::~CPKIFCacheMediator2

(

void

)

[virtual]

Interface: External

This function destroys an instance of CPKIFCacheMediator2 including clean up of colleagues added at runtime with ownership transfer and notification of associated mediators

Returns:

None

Definition at line 245 of file PKIFCacheMediator2.cpp.

References LOG_STRING_DEBUG, Terminate(), and TOOLKIT_SR_MEDIATOR.

---

Member Function Documentation

void CPKIFCacheMediator2::InitializeMediator

(

std::vector< CPKIFException * > *

errorInfo

)

[virtual]

Interface: External

This function prepares an instance of CPKIFCacheMediator2 for use, including initialization of all runtime-associated mediators and colleagues. If a boolean true was passed to CPKIFCacheMediator2 constructor default colleagues CPKIFCAPITrustStore2, CPKIFCAPITrustRootCRLRepository2, CPKIFCAPIRepository2, CPKIFCRLDPRetrieval will be added. Colleagues may throw exceptions during initialization. By default, all mediators catch and discard these exceptions and ignore colleagues that raise exceptions. Applications can review the list of exceptions that occurred during initialization by passing a non-NULL pointer to a vector of CPKIFException objects. Any exception objects returned in the vector must be freed by the application.

Returns:

None

Parameters:

errorInfo

[out] Pointer to a vector of exception objects to receive exceptions thrown during initialization by associated colleague objects

Reimplemented from IPKIFColleague.

Definition at line 339 of file PKIFCacheMediator2.cpp.

References AddColleague(), COMMON_ALREADY_INITIALIZED, LOG_STRING_DEBUG, and TOOLKIT_SR_MEDIATOR.

Referenced by Initialize().

void CPKIFCacheMediator2::Terminate

(

)

[virtual]

Interface: External

De-initializes an instance of CPKIFCacheMediator2 rendering it unusable until after a subsequent call to Initialize. Terminate will remove all mediator and colleague associations and will destroy any colleagues associated at runtime via AddColleague with transfer of ownership set to true

Returns:

None

Reimplemented from IPKIFColleague.

Definition at line 264 of file PKIFCacheMediator2.cpp.

References _ASSERT, COMMON_TERMINATION_ERROR, LOG_STRING_DEBUG, LOG_STRING_ERROR, LOG_STRING_FATAL, IPKIFColleague::RemoveMediatorAssociations(), RemoveParentRelationships(), IPKIFColleague::Terminate(), and TOOLKIT_SR_MEDIATOR.

Referenced by ~CPKIFCacheMediator2().

void CPKIFCacheMediator2::Initialize

(

void

)

[virtual]

Interface: External

This function prepares an instance of CPKIFCacheMediator2 for use, including initialization of all runtime-associated mediators and colleagues. If a boolean true was passed to CPKIFCacheMediator2 constructor default colleagues CPKIFCAPITrustStore2, CPKIFCAPITrustRootCRLRepository2, CPKIFCAPIRepository2, CPKIFCRLDPRetrieval will be added.

Returns:

None

Reimplemented from IPKIFColleague.

Definition at line 320 of file PKIFCacheMediator2.cpp.

References InitializeMediator().

void CPKIFCacheMediator2::GetColleagues

(

std::vector< IPKIFColleaguePtr > &

v

)

const

Interface: External

This function retrives all the colleagues assosiated with this instance

Returns:

None

Parameters:

v	[out] std::vector that will contain all the colleagues assosiated with this instance

Definition at line 1636 of file PKIFCacheMediator2.cpp.

Referenced by CPKIFLDAPRepository::GetCertificateSources(), CPKIFLDAPRepository::GetCRLSources(), CPKIFSimpleCertAndCrlPanel::OnInitDialog(), CPKIFLdapAndOcspPanel::OnInitDialog(), and SaveStorageAndRetrievalComponents().

void CPKIFCacheMediator2::AddColleague

(

IPKIFColleaguePtr &

module

)

Interface: External

This function associates a colleague object with a mediator instance at runtime. This is most commonly invoked to add an instance of CPKIFLDAPRepository to the collection of certificate and CRL sources. When invoked with transferOwnership equal to true, the colleague specified by the module parameter will be destroyed when Terminate is invoked.

Only colleagues that implement at least one interface of the receiving mediator should be passed to AddColleague. Adding unrelated colleagues to a collection held by a mediator will decrease performance. The following interfaces are supported by CPKIFCacheMediator2:

• IPKIFCRLRepositoryUpdate
• IPKIFCRLRepository
• IPKIFCertRepositoryUpdate
• IPKIFCertRepository
• IPKIFCertSearch
• IPKIFTrustCache

The Initialize function on the object passed as module will be invoked by this function. Following successful invocation of this function, the object passed as module will be invoked when functions from any of the interfaces listed above are invoked on the mediator object to which the object was added.

Returns:

None

Exceptions:

CPKIFCacheException(COMMON_NOT_INITIALIZED)

Parameters:

module

[in] Pointer to an object that implements the IPKIFColleague interface

Definition at line 421 of file PKIFCacheMediator2.cpp.

References LOG_STRING_DEBUG, and TOOLKIT_SR_MEDIATOR.

Referenced by AddCacheColleague(), InitializeMediator(), and LoadStorageAndRetrievalComponents().

void CPKIFCacheMediator2::GetCRLs	(	const CPKIFCertificatePtr &	cert,
		CPKIFCRLList &	crlList,
		PKIInfoSource	source = ALL
	)			[virtual]

Interface: External

This function takes a certificate via the cert parameter and appends CRLs that may apply to the certificate to the crlList. The sources consulted in the CRL search depend on the associated colleagues and on the value passed via the source parameter. This function will iterate over all associated colleagues and will invoke the GetCRLs function on colleagues that implement the IPKIFCRLRepository interface passing all parameters. If no associated colleagues implement the IPKIFCRLRepository interface, an exception with the error code COMMON_OPERATION_NOT_HANDLED will be thrown.

Returns:

None

Exceptions:

	CPKIFCacheException(COMMON_OPERATION_NOT_HANDLED)
	CPKIFCacheException(COMMON_OPERATION_NOT_SUCCESSFUL)

Parameters:

cert	[in] Pointer to a certificate for which revocation status is to be checked
crlList	[out] Reference to a CRL list to receive CRLs that may be associated with the specified certificate
source	[in] PKIInfoSource indicating the locations to search for CRLs

Implements IPKIFCRLRepository.

Definition at line 718 of file PKIFCacheMediator2.cpp.

Referenced by GetCRLs().

void CPKIFCacheMediator2::GetCRLs	(	const CPKIFCertificatePtr &	cert,
		CPKIFCRLNodeList &	crlNodeList,
		PKIInfoSource	source = ALL
	)			[virtual]

Interface: External

GetCRLs works a little differently than other functions. If there is a synonymous source cache, then it will first try to retrieve stuff from there before trying the original targets. The logic is essentially as follows:

• see if there is a cache and at least one IPKIFSupportsSynonymousCRLSources colleague
• if there is a cache, poll all colleagues for sources + try to fulfill sources from the cache + launch asynchronous retrieval of things not retrieved from the cache
• if there is not a cache, invoke the GetCRLs function on each colleague as usual

Returns:

None

Exceptions:

	CPKIFCacheException(COMMON_OPERATION_NOT_HANDLED)
	CPKIFCacheException(COMMON_OPERATION_NOT_SUCCESSFUL)

Reimplemented from IPKIFCRLRepository.

Definition at line 498 of file PKIFCacheMediator2.cpp.

References GetCRLs().

void CPKIFCacheMediator2::GetCRLs	(	const CPKIFCertificatePtr &	cert,
		CPKIFCRLList &	crlList,
		PKIInfoSource	source,
		CPKIFPathSettingsPtr &	ps
	)			[virtual]

Interface: External

This function appends pointers to CRLs that may be applicable to the certificate identified by cert to crlList. This function does not ensure that all CRLs are applicable to the specified certificate.

Returns:

None

Reimplemented from IPKIFCRLRepository.

Definition at line 729 of file PKIFCacheMediator2.cpp.

References AuditString, CAT_PKIF_CACHE, COMMON_OPERATION_NOT_HANDLED, COMMON_OPERATION_NOT_SUCCESSFUL, COMMON_UNKNOWN_ERROR, LOG_STRING_DEBUG, PKIF_UNEXPECTED_EXCEPTION, CPKIFException::print(), and TOOLKIT_SR_MEDIATOR.

void CPKIFCacheMediator2::GetCRLs	(	const CPKIFCertificatePtr &	cert,
		CPKIFCRLNodeList &	crlNodeList,
		PKIInfoSource	source,
		CPKIFPathSettingsPtr &	ps
	)			[virtual]

Interface: External

This function appends pointers to CRLs that may be applicable to the certificate identified by cert to crlList. This function does not ensure that all CRLs are applicable to the specified certificate.

Returns:

None

Reimplemented from IPKIFCRLRepository.

Definition at line 503 of file PKIFCacheMediator2.cpp.

References AuditString, CAT_PKIF_CACHE, COMMON_UNKNOWN_ERROR, PKIFENUMS::LOCAL, PAS_AVAILABLE, PAS_PENDING, PAS_UNAVAILABLE, PKIF_UNEXPECTED_EXCEPTION, CPKIFException::print(), and GottaMatch< T >::SetRHS().

void CPKIFCacheMediator2::GetCertificates	(	const CPKIFNamePtr &	subDN,
		CPKIFCertificateList &	certList,
		PKIInfoSource	source = ALL
	)			[virtual]

Interface: External

This function takes a distinguished name via the subDN parameter and appends certificates (or certificate nodes) to the certList (or certNodeList) parameter. The sources consulted in the certificate search depend on the associated colleagues and on the value passed via the source parameter. This function will iterate over all associated colleagues and will invoke the appropriate GetCertificates function on colleagues that implement the IPKIFCertRepository interface passing all parameters. If no associated colleagues implement the IPKIFCertRepository interface, an exception with the error code COMMON_OPERATION_NOT_HANDLED will be thrown.

This function comes in two flavors. One returns a list containing pointers to certificates and the other returns a list of pointers to certificate nodes. Applications seeking to obtain a certificate should use the certificate list variant. The certificate node variant is used by the path builder as a means of maintaining information about the original source of the certificate. The function simply returns without searching when source is equal to REMOTE.

This function does not remove certificates from the outbound lists. Thus, following a call to this function the list may contain certificates other than those with subject distinguished names matching the subDN parameter value.

Returns:

None

Exceptions:

	CPKIFCacheException(COMMON_OPERATION_NOT_HANDLED)
	CPKIFCacheException(COMMON_OPERATION_NOT_SUCCESSFUL)

Parameters:

subDN	[in] Pointer to a distinguished name corresponding to the subject distinguished name in the desired certificates
certList	[out] List of pointers to certificates with a subject distinguished name equal to the value passed via the subDN parameter
source	[in] PKIInfoSource value indicating the types of locations that should be searched for certificates

Implements IPKIFCertRepository.

Definition at line 794 of file PKIFCacheMediator2.cpp.

Referenced by GetCertificates().

void CPKIFCacheMediator2::GetCertificates	(	const CPKIFNamePtr &	subDN,
		CPKIFCertificateNodeList &	certList,
		PKIInfoSource	source = ALL
	)			[virtual]

Interface: External

This function takes a distinguished name via the subDN parameter and appends certificates (or certificate nodes) to the certList (or certNodeList) parameter. The sources consulted in the certificate search depend on the associated colleagues and on the value passed via the source parameter. This function will iterate over all associated colleagues and will invoke the appropriate GetCertificates function on colleagues that implement the IPKIFCertRepository interface passing all parameters. If no associated colleagues implement the IPKIFCertRepository interface, an exception with the error code COMMON_OPERATION_NOT_HANDLED will be thrown.

This function comes in two flavors. One returns a list containing pointers to certificates and the other returns a list of pointers to certificate nodes. Applications seeking to obtain a certificate should use the certificate list variant. The certificate node variant is used by the path builder as a means of maintaining information about the original source of the certificate. The function simply returns without searching when source is equal to REMOTE.

This function does not remove certificates from the outbound lists. Thus, following a call to this function the list may contain certificates other than those with subject distinguished names matching the subDN parameter value.

Returns:

None

Exceptions:

	CPKIFCacheException(COMMON_OPERATION_NOT_HANDLED)
	CPKIFCacheException(COMMON_OPERATION_NOT_SUCCESSFUL)

Parameters:

subDN	[in] Pointer to a distinguished name corresponding to the subject distinguished name in the desired certificates
certList	[out] List of pointers to certificate node objects containing certificates with a subject distinguished name equal to the value passed via the subDN parameter
source	[in] PKIInfoSource value indicating the types of locations that should be searched for certificates

Reimplemented from IPKIFCertRepository.

Definition at line 907 of file PKIFCacheMediator2.cpp.

References GetCertificates().

void CPKIFCacheMediator2::GetCertificates	(	const CPKIFCertificatePtr &	cert,
		CPKIFCertificateList &	certList,
		PKIInfoSource	source = ALL,
		PathBuildingDirection	pbd = PBD_FORWARD
	)			[virtual]

Interface: External

This function takes a distinguished name via the subDN parameter and appends certificates (or certificate nodes) to the certList (or certNodeList) parameter. The sources consulted in the certificate search depend on the associated colleagues and on the value passed via the source parameter. This function will iterate over all associated colleagues and will invoke the appropriate GetCertificates function on colleagues that implement the IPKIFCertRepository interface passing all parameters. If no associated colleagues implement the IPKIFCertRepository interface, an exception with the error code COMMON_OPERATION_NOT_HANDLED will be thrown.

This function returns a list containing pointers to certificate.

Returns:

None

Exceptions:

	CPKIFCacheException(COMMON_OPERATION_NOT_HANDLED)
	CPKIFCacheException(COMMON_OPERATION_NOT_SUCCESSFUL)

Parameters:

cert	[in] Certificate containing information that can be used to discover additional certificates
certList	[out] Certificates discovered using information gleened from cert parameter
source	[in] Enumerated value indicating the type of sources to consult for certificates
pbd	[in] Enumerated value indicating the direction in which certificates are sought

Reimplemented from IPKIFCertRepository.

Definition at line 1013 of file PKIFCacheMediator2.cpp.

References GetCertificates().

void CPKIFCacheMediator2::GetCertificates	(	const CPKIFCertificatePtr &	cert,
		CPKIFCertificateNodeList &	certNodeList,
		PKIInfoSource	source = ALL,
		PathBuildingDirection	pbd = PBD_FORWARD
	)			[virtual]

Interface: External

This function takes a distinguished name via the subDN parameter and appends certificates (or certificate nodes) to the certList (or certNodeList) parameter. The sources consulted in the certificate search depend on the associated colleagues and on the value passed via the source parameter. This function will iterate over all associated colleagues and will invoke the appropriate GetCertificates function on colleagues that implement the IPKIFCertRepository interface passing all parameters. If no associated colleagues implement the IPKIFCertRepository interface, an exception with the error code COMMON_OPERATION_NOT_HANDLED will be thrown.

This function returns a list containing pointers to certificate nodes.

Returns:

None

Exceptions:

	CPKIFCacheException(COMMON_OPERATION_NOT_HANDLED)
	CPKIFCacheException(COMMON_OPERATION_NOT_SUCCESSFUL)

Parameters:

cert	[in] Certificate containing information that can be used to discover additional certificates
certNodeList	[out] Certificates discovered using information gleened from cert parameter
source	[in] Enumerated value indicating the type of sources to consult for certificates
pbd	[in] Enumerated value indicating the direction in which certificates are sought

Reimplemented from IPKIFCertRepository.

Definition at line 1110 of file PKIFCacheMediator2.cpp.

References GetCertificates().

void CPKIFCacheMediator2::GetCertificates	(	const CPKIFNamePtr &	subDN,
		CPKIFCertificateList &	certList,
		PKIInfoSource	source,
		CPKIFPathSettingsPtr &	ps
	)			[virtual]

Interface: External

This function takes a distinguished name via the subDN parameter and appends certificates (or certificate nodes) to the certList (or certNodeList) parameter. The sources consulted in the certificate search depend on the associated colleagues and on the value passed via the source parameter. This function will iterate over all associated colleagues and will invoke the appropriate GetCertificates function on colleagues that implement the IPKIFCertRepository interface passing all parameters. If no associated colleagues implement the IPKIFCertRepository interface, an exception with the error code COMMON_OPERATION_NOT_HANDLED will be thrown.

This function comes in two flavors. One returns a list containing pointers to certificates and the other returns a list of pointers to certificate nodes. Applications seeking to obtain a certificate should use the certificate list variant. The certificate node variant is used by the path builder as a means of maintaining information about the original source of the certificate. The function simply returns without searching when source is equal to REMOTE.

This function does not remove certificates from the outbound lists. Thus, following a call to this function the list may contain certificates other than those with subject distinguished names matching the subDN parameter value.

Returns:

None

Exceptions:

	CPKIFCacheException(COMMON_OPERATION_NOT_HANDLED)
	CPKIFCacheException(COMMON_OPERATION_NOT_SUCCESSFUL)

Parameters:

subDN	[in] Pointer to a distinguished name corresponding to the subject distinguished name in the desired certificates
certList	[out] List of pointers to certificates with a subject distinguished name equal to the value passed via the subDN parameter
source	[in] PKIInfoSource value indicating the types of locations that should be searched for certificates
ps	[in] Path settings

Reimplemented from IPKIFCertRepository.

Definition at line 832 of file PKIFCacheMediator2.cpp.

References AuditString, CAT_PKIF_CACHE, COMMON_OPERATION_NOT_HANDLED, COMMON_OPERATION_NOT_SUCCESSFUL, COMMON_UNKNOWN_ERROR, LOG_STRING_DEBUG, PKIF_UNEXPECTED_EXCEPTION, CPKIFException::print(), and TOOLKIT_SR_MEDIATOR.

void CPKIFCacheMediator2::GetCertificates	(	const CPKIFCertificatePtr &	cert,
		CPKIFCertificateList &	certList,
		PKIInfoSource	source,
		PathBuildingDirection	pbd,
		CPKIFPathSettingsPtr &	ps
	)			[virtual]

Interface: External

This function takes a distinguished name via the subDN parameter and appends certificates (or certificate nodes) to the certList (or certNodeList) parameter. The sources consulted in the certificate search depend on the associated colleagues and on the value passed via the source parameter. This function will iterate over all associated colleagues and will invoke the appropriate GetCertificates function on colleagues that implement the IPKIFCertRepository interface passing all parameters. If no associated colleagues implement the IPKIFCertRepository interface, an exception with the error code COMMON_OPERATION_NOT_HANDLED will be thrown.

This function returns a list containing pointers to certificate.

Returns:

None

Exceptions:

	CPKIFCacheException(COMMON_OPERATION_NOT_HANDLED)
	CPKIFCacheException(COMMON_OPERATION_NOT_SUCCESSFUL)

Parameters:

cert	[in] Certificate containing information that can be used to discover additional certificates
certList	[out] Certificates discovered using information gleened from cert parameter
source	[in] Enumerated value indicating the type of sources to consult for certificates
pbd	[in] Enumerated value indicating the direction in which certificates are sought
ps	[in] Path settings

Reimplemented from IPKIFCertRepository.

Definition at line 1043 of file PKIFCacheMediator2.cpp.

References AuditString, CAT_PKIF_CACHE, COMMON_OPERATION_NOT_HANDLED, COMMON_OPERATION_NOT_SUCCESSFUL, COMMON_UNKNOWN_ERROR, LOG_STRING_DEBUG, PKIF_UNEXPECTED_EXCEPTION, CPKIFException::print(), and TOOLKIT_SR_MEDIATOR.

void CPKIFCacheMediator2::GetCertificates	(	const CPKIFCertificatePtr &	cert,
		CPKIFCertificateNodeList &	certNodeList,
		PKIInfoSource	source,
		PathBuildingDirection	pbd,
		CPKIFPathSettingsPtr &	ps
	)			[virtual]

Interface: External

This function takes a distinguished name via the subDN parameter and appends certificates (or certificate nodes) to the certList (or certNodeList) parameter. The sources consulted in the certificate search depend on the associated colleagues and on the value passed via the source parameter. This function will iterate over all associated colleagues and will invoke the appropriate GetCertificates function on colleagues that implement the IPKIFCertRepository interface passing all parameters. If no associated colleagues implement the IPKIFCertRepository interface, an exception with the error code COMMON_OPERATION_NOT_HANDLED will be thrown.

This function returns a list containing pointers to certificate nodes.

Returns:

None

Exceptions:

	CPKIFCacheException(COMMON_OPERATION_NOT_HANDLED)
	CPKIFCacheException(COMMON_OPERATION_NOT_SUCCESSFUL)

Parameters:

cert	[in] Certificate containing information that can be used to discover additional certificates
certNodeList	[out] Certificates discovered using information gleened from cert parameter
source	[in] Enumerated value indicating the type of sources to consult for certificates
pbd	[in] Enumerated value indicating the direction in which certificates are sought
ps	[in] Path settings

Reimplemented from IPKIFCertRepository.

Definition at line 1140 of file PKIFCacheMediator2.cpp.

References AuditString, CAT_PKIF_CACHE, COMMON_OPERATION_NOT_HANDLED, COMMON_OPERATION_NOT_SUCCESSFUL, COMMON_UNKNOWN_ERROR, PKIFENUMS::LOCAL, LOG_STRING_DEBUG, PAS_AVAILABLE, PAS_PENDING, PAS_UNAVAILABLE, PKIF_UNEXPECTED_EXCEPTION, CPKIFException::print(), GottaMatch< T >::SetRHS(), and TOOLKIT_SR_MEDIATOR.

void CPKIFCacheMediator2::GetCertificates	(	const CPKIFNamePtr &	subDN,
		CPKIFCertificateNodeList &	certList,
		PKIInfoSource	source,
		CPKIFPathSettingsPtr &	ps
	)			[virtual]

Interface: External

This function takes a distinguished name via the subDN parameter and appends certificates (or certificate nodes) to the certList (or certNodeList) parameter. The sources consulted in the certificate search depend on the associated colleagues and on the value passed via the source parameter. This function will iterate over all associated colleagues and will invoke the appropriate GetCertificates function on colleagues that implement the IPKIFCertRepository interface passing all parameters. If no associated colleagues implement the IPKIFCertRepository interface, an exception with the error code COMMON_OPERATION_NOT_HANDLED will be thrown.

This function comes in two flavors. One returns a list containing pointers to certificates and the other returns a list of pointers to certificate nodes. Applications seeking to obtain a certificate should use the certificate list variant. The certificate node variant is used by the path builder as a means of maintaining information about the original source of the certificate. The function simply returns without searching when source is equal to REMOTE.

This function does not remove certificates from the outbound lists. Thus, following a call to this function the list may contain certificates other than those with subject distinguished names matching the subDN parameter value.

Returns:

None

Exceptions:

	CPKIFCacheException(COMMON_OPERATION_NOT_HANDLED)
	CPKIFCacheException(COMMON_OPERATION_NOT_SUCCESSFUL)

Parameters:

subDN	[in] Pointer to a distinguished name corresponding to the subject distinguished name in the desired certificates
certList	[out] List of pointers to certificate node objects containing certificates with a subject distinguished name equal to the value passed via the subDN parameter
source	[in] PKIInfoSource value indicating the types of locations that should be searched for certificates
ps	[in] Path settings

Reimplemented from IPKIFCertRepository.

Definition at line 945 of file PKIFCacheMediator2.cpp.

References AuditString, CAT_PKIF_CACHE, COMMON_OPERATION_NOT_HANDLED, COMMON_OPERATION_NOT_SUCCESSFUL, COMMON_UNKNOWN_ERROR, LOG_STRING_DEBUG, PKIF_UNEXPECTED_EXCEPTION, CPKIFException::print(), and TOOLKIT_SR_MEDIATOR.

void CPKIFCacheMediator2::AddCRL	(	const CPKIFCRLPtr &	crl,
		const CPKIFGeneralNamePtr &	dp
	)			[virtual]

Interface: External

This function takes a general name via the dp parameter and a CRL via the crl parameter that will be used to update one or more CRL stores. This function will iterate over all associated colleagues and will invoke the AddCRL function on colleagues that implement the IPKIFCRLRepositoryUpdate interface passing all parameters. If no associated colleagues implement the IPKIFCRLRepositoryUpdate interface, an exception with the error code COMMON_OPERATION_NOT_HANDLED will be thrown.

Returns:

None

Exceptions:

	CPKIFCacheException(COMMON_OPERATION_NOT_HANDLED)
	CPKIFCacheException(COMMON_OPERATION_NOT_SUCCESSFUL)

Parameters:

crl	[in] Pointer to the CRL being added to the CRL store
dp	[in] Pointer to a GeneralName identifying the distribution point of the CRL

Implements IPKIFCRLRepositoryUpdate.

Definition at line 1357 of file PKIFCacheMediator2.cpp.

References AuditString, CAT_PKIF_CACHE, COMMON_OPERATION_NOT_HANDLED, COMMON_OPERATION_NOT_SUCCESSFUL, COMMON_UNKNOWN_ERROR, LOG_STRING_DEBUG, PKIF_UNEXPECTED_EXCEPTION, CPKIFException::print(), and TOOLKIT_SR_MEDIATOR.

void CPKIFCacheMediator2::AddCertificate	(	CertType	certType,
		const CPKIFCertificatePtr &	cert
	)			[virtual]

Interface: External

This function takes a certificate type via the certType parameter and a certificate via the cert parameter that will be used to update one or more certificate stores. This function will iterate over all associated colleagues and will invoke the appropriate AddCertificate function on colleagues that implement the IPKIFCertRepositoryUpdate interface passing all parameters. If no associated colleagues implement the IPKIFCertRepositoryUpdate interface, an exception with the error code COMMON_OPERATION_NOT_HANDLED will be thrown.

Returns:

None

Exceptions:

	CPKIFCacheException(COMMON_OPERATION_NOT_HANDLED)
	CPKIFCacheException(COMMON_OPERATION_NOT_SUCCESSFUL)

Parameters:

certType	[in] CertType value indicating the type of certificate being added
cert	[in] Pointer to the certificate being added to the cache

Implements IPKIFCertRepositoryUpdate.

Definition at line 1421 of file PKIFCacheMediator2.cpp.

References AuditString, CAT_PKIF_CACHE, COMMON_OPERATION_NOT_HANDLED, COMMON_OPERATION_NOT_SUCCESSFUL, COMMON_UNKNOWN_ERROR, LOG_STRING_DEBUG, PKIF_UNEXPECTED_EXCEPTION, CPKIFException::print(), and TOOLKIT_SR_MEDIATOR.

void CPKIFCacheMediator2::AddCertificate	(	CertType	certType,
		const CPKIFCertificateNodeEntryPtr &	cert
	)			[virtual]

Interface: External

This function takes a certificate type via the certType parameter and a certificate via the cert parameter that will be used to update one or more certificate stores. This function will iterate over all associated colleagues and will invoke the appropriate AddCertificate function on colleagues that implement the IPKIFCertRepositoryUpdate interface passing all parameters. If no associated colleagues implement the IPKIFCertRepositoryUpdate interface, an exception with the error code COMMON_OPERATION_NOT_HANDLED will be thrown.

Returns:

None

Exceptions:

	CPKIFCacheException(COMMON_OPERATION_NOT_HANDLED)
	CPKIFCacheException(COMMON_OPERATION_NOT_SUCCESSFUL)

Parameters:

certType	[in] CertType value indicating the type of certificate being added
cert	[in] Pointer to the certificate node being added to the cache

Reimplemented from IPKIFCertRepositoryUpdate.

Definition at line 1483 of file PKIFCacheMediator2.cpp.

References AuditString, CAT_PKIF_CACHE, COMMON_OPERATION_NOT_HANDLED, COMMON_OPERATION_NOT_SUCCESSFUL, COMMON_UNKNOWN_ERROR, LOG_STRING_DEBUG, PKIF_UNEXPECTED_EXCEPTION, CPKIFException::print(), and TOOLKIT_SR_MEDIATOR.

bool CPKIFCacheMediator2::GetTrustRoots	(	const CPKIFNamePtr &	subDN,
		IPKIFTrustAnchorList &	rootList
	)			[virtual]

Interface: External

This function takes a distinguished name (or a certificate) via the subDN parameter and appends trusted root information to the rootList parameter. The sources consulted in the certificate search depend on the associated colleagues and on the value passed via the source parameter. This function will iterate over all associated colleagues and will invoke the appropriate GetTrustRoots function on colleagues that implement the IPKIFTrustCache interface passing all parameters. If no associated colleagues implement the IPKIFTrustCache interface, an exception with the error code COMMON_OPERATION_NOT_HANDLED will be thrown

Returns:

True if at least one trust anchor was found matching the specific distinguished name; false if no trust anchors were found

Exceptions:

	CPKIFCacheException(COMMON_OPERATION_NOT_HANDLED)
	CPKIFCacheException(COMMON_OPERATION_NOT_SUCCESSFUL)

Parameters:

subDN	[in] Pointer to a name
rootList	[out] A list of trust anchors

Implements IPKIFTrustCache.

Definition at line 1293 of file PKIFCacheMediator2.cpp.

References AuditString, CAT_PKIF_CACHE, COMMON_OPERATION_NOT_HANDLED, COMMON_OPERATION_NOT_SUCCESSFUL, COMMON_UNKNOWN_ERROR, LOG_STRING_DEBUG, PKIF_UNEXPECTED_EXCEPTION, CPKIFException::print(), and TOOLKIT_SR_MEDIATOR.

void CPKIFCacheMediator2::FindCertificates	(	IPKIFSearchCriteria *	searchCriteria,
		CPKIFCertificateList &	certList,
		PKIInfoSource	source = ALL
	)			[virtual]

Interface: External

This function provides a simple means of searching for end-entity certificates

Returns:

None

Exceptions:

	CPKIFCacheException(COMMON_OPERATION_NOT_HANDLED)
	CPKIFCacheException(COMMON_OPERATION_NOT_SUCCESSFUL)

Parameters:

searchCriteria	[in] pointer to a null terminated serchCriteria interface
certList	[out] Reference to a list of certificates to which certificates matching the specified criteria will be added
source	[in] PKIInfoSource value indicating the types of locations that should be searched

Implements IPKIFCertSearch.

Definition at line 1582 of file PKIFCacheMediator2.cpp.

References AuditString, CAT_PKIF_CACHE, COMMON_OPERATION_NOT_HANDLED, COMMON_OPERATION_NOT_SUCCESSFUL, COMMON_UNKNOWN_ERROR, LOG_STRING_DEBUG, PKIF_UNEXPECTED_EXCEPTION, CPKIFException::print(), and TOOLKIT_SR_MEDIATOR.

void CPKIFCacheMediator2::FindKeys	(	IPKIFSearchCriteria *	searchCriteria,
		IPKIFNameAndKeyList &	keyList,
		PKIInfoSource	source = ALL
	)			[virtual]

Reimplemented from IPKIFCertSearch.

Definition at line 1531 of file PKIFCacheMediator2.cpp.

References AuditString, CAT_PKIF_CACHE, COMMON_OPERATION_NOT_HANDLED, COMMON_OPERATION_NOT_SUCCESSFUL, COMMON_UNKNOWN_ERROR, LOG_STRING_DEBUG, PKIF_UNEXPECTED_EXCEPTION, CPKIFException::print(), and TOOLKIT_SR_MEDIATOR.

void CPKIFCacheMediator2::GetCertificateSources	(	const CPKIFCertificatePtr &	cert,
		CPKIFCertificateSourceList &	certs,
		PathBuildingDirection	pbd = PBD_FORWARD
	)

Interface: External

This function will iterate over all associated cert cache objects and build up the certList. This function relies solely on the associated objects and does nothing with the source other than pass it on.

Returns:

None

Parameters:

cert	[in] Certificate containing information that can be used to discover additional certificates
certs	[out] Certificate source list which will contain the retrived certificates
pbd	[in] Enumerated value indicating the direction in which certificates are sought

Definition at line 1650 of file PKIFCacheMediator2.cpp.

References AuditString, CAT_PKIF_CACHE, COMMON_OPERATION_NOT_HANDLED, COMMON_OPERATION_NOT_SUCCESSFUL, COMMON_UNKNOWN_ERROR, LOG_STRING_DEBUG, PKIF_UNEXPECTED_EXCEPTION, CPKIFException::print(), and TOOLKIT_SR_MEDIATOR.

PKIInfoSource CPKIFCacheMediator2::GetSourceType

(

)

[inline, virtual]

Implements IPKIFCertRepository.

Definition at line 127 of file PKIFCacheMediator2.h.

References PKIFENUMS::REMOTE.

---

The documentation for this class was generated from the following files:

• PKIFCacheMediator2.h
• PKIFCacheMediator2.cpp