cdk::Chain

Chain Struct Reference

#include <cert.h>

Collaboration diagram for Chain:

Collaboration graph

Detailed Description

Data type used for processing X.509 certificate chains.


Public Types

 root
 = 0 (self-signed)
 user
 = 1 (issuer and subject differ)
enum  certtype {
  root,
  user
}
 Certificate types. More...

Public Member Functions

Constructors
 Chain ()
 Constructor used to create an empty object.
 Chain (const str &x)
 Constructor used to load an array of certificates into a new object.
Object Reuse and Initialization
void clear ()
 Clear the Chain object, zeroizing all internal data members.
void add (const str &cer)
 Append the specified certificate to the chain.
Inspectors
int count () const
 Count certificates in the chain.
str index (int k) const
 Get the kth certificate in the chain.
Search and Sort
int find (certtype flag) const
 Locate a root or end-user certificate in the chain.
int find (const str &cer, certtype flag) const
 Locate the parent or child of a given certificate in the chain.
int findmatch (const str &infolist, asn &info, asn &cert) const
 Select from a list of CMS RecipientInfo or SignerInfo PDUs the one matching a specified certificate.
int sort ()
 Sort the chain in descending order and prune it.

Member Enumeration Documentation

enum certtype

Certificate types.

Enumerator:
root  = 0 (self-signed)
user  = 1 (issuer and subject differ)

Constructor & Destructor Documentation

Chain ( const str x  )  [inline, explicit]

Constructor used to load an array of certificates into a new object.

Parameters:
x a list of binary, ASN.1 DER-encoded certificates simply concatentated together.
Remarks:
Modifies: certs

Member Function Documentation

void add ( const str cer  )  [inline]

Append the specified certificate to the chain.

Parameters:
cer a str containing the binary, ASN.1 DER-encoded certificate that is to be appended to the chain

int count (  )  const

Count certificates in the chain.

Returns:
the number of certificates found in the chain.

int find ( const str cer,
certtype  flag 
) const

Locate the parent or child of a given certificate in the chain.

Parameters:
cer certificate whose parent or child is requested
flag 0 (or root) to find parent, 1 (or user) to find child
Returns:
the index (>= 0) of the requested certificate
-1 if the requested certificate cannot be found in the chain.

int find ( certtype  flag  )  const

Locate a root or end-user certificate in the chain.

Parameters:
flag 0 (or root) to find a self-signed certificate, 1 (or user) for an end-user certificate (i.e., a certificate whose subject DN does not appear as the issuer DN elsewhere in the chain).
Returns:
the index (>= 0) of the requested certificate
-1 if the requested certificate cannot be found in the chain.

int findmatch ( const str infolist,
asn info,
asn cert 
) const

Select from a list of CMS RecipientInfo or SignerInfo PDUs the one matching a specified certificate.

Parameters:
infolist an array of PKCS #7 RecipientInfo or SignerInfo PDUs
info a pointer to the buffer that is to receive the matching RecipientInfo or SignerInfo PDU
cert the certificate to be matched in infolist.
Returns:
0 (success)
2 if cert does not appear in infolist

str index ( int  k  )  const

Get the kth certificate in the chain.

Parameters:
k index of the certificate to return.
Returns:
a str containing the kth certificate in the chain. (If the kth certificate doesn't exist or can't be found, the str has zero length.)

int sort (  ) 

Sort the chain in descending order and prune it.

Returns:
the number of discarded certificates
Remarks:
After execution the Chain object contains certificates sorted in top-down order with the root first and end-user certificate last. Certificates that are not part of the chain are discarded.

The documentation for this struct was generated from the following file:
ISC Cryptographic Development Kit - User's Guide
ISC website
Questions? E-mail ISC technical support
Copyright© 2002-2006 Information Security Corp. All rights reserved.