X-Git-Url: https://main.carlh.net/gitweb/?a=blobdiff_plain;ds=sidebyside;f=src%2Fcertificates.h;h=aba6d5cfa2b8f1534c44638884f7834bef99df87;hb=81821868864e19809b373639b8cb78d2acc522a2;hp=c7d6698bd513852b3196cc234aff3b44a1c727df;hpb=0703842433013ac1d5f79c09d7a8361dc2e565c8;p=libdcp.git

diff --git a/src/certificates.h b/src/certificates.h
index c7d6698b..aba6d5cf 100644
--- a/src/certificates.h
+++ b/src/certificates.h
@@ -1,5 +1,5 @@
 /*
-    Copyright (C) 2012 Carl Hetherington <cth@carlh.net>
+    Copyright (C) 2012-2014 Carl Hetherington <cth@carlh.net>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -17,16 +17,19 @@
 
 */
 
+/** @file  src/certificates.h
+ *  @brief Certificate and CertificateChain classes.
+ */
+
 #ifndef LIBDCP_CERTIFICATES_H
 #define LIBDCP_CERTIFICATES_H
 
-#include <string>
-#include <list>
-#include <boost/noncopyable.hpp>
-#include <boost/shared_ptr.hpp>
-#include <boost/filesystem.hpp>
 #undef X509_NAME
 #include <openssl/x509.h>
+#include <boost/shared_ptr.hpp>
+#include <boost/filesystem.hpp>
+#include <string>
+#include <list>
 
 class certificates;
 
@@ -36,6 +39,11 @@ namespace xmlpp {
 
 namespace dcp {
 
+/** @class Certificate
+ *  @brief A wrapper for an X509 certificate.
+ *
+ *  This class can take a Certificate from a string or an OpenSSL X509 object.
+ */
 class Certificate
 {
 public:
@@ -43,7 +51,6 @@ public:
 		: _certificate (0)
 	{}
 
-	Certificate (boost::filesystem::path);
 	Certificate (std::string);
 	Certificate (X509 *);
 	Certificate (Certificate const &);
@@ -51,16 +58,16 @@ public:
 
 	Certificate& operator= (Certificate const &);
 
-	/** @param with_begin_end true to include BEGIN CERTIFICATE / END CERTIFICATE markers
-	 *  @return the whole certificate as a string.
-	 */
 	std::string certificate (bool with_begin_end = false) const;
 	std::string issuer () const;
 	std::string serial () const;
 	std::string subject () const;
 	std::string common_name () const;
 
-	/** @return RSA public key from this Certificate.  Caller must not free the returned value. */
+	X509* x509 () const {
+		return _certificate;
+	}
+
 	RSA* public_key () const;
 
 	std::string thumbprint () const;
@@ -76,21 +83,33 @@ private:
 	mutable RSA* _public_key;
 };
 
+/** @class CertificateChain
+ *  @brief A chain of any number of certificates, from root to leaf.
+ */
 class CertificateChain
 {
 public:
 	CertificateChain () {}
 
-	void add (boost::shared_ptr<Certificate>);
+	void add (boost::shared_ptr<const Certificate> c);
+	void remove (boost::shared_ptr<const Certificate> c);
+	void remove (int);
 
-	boost::shared_ptr<Certificate> root () const;
-	boost::shared_ptr<Certificate> leaf () const;
+	boost::shared_ptr<const Certificate> root () const;
+	boost::shared_ptr<const Certificate> leaf () const;
 
-	std::list<boost::shared_ptr<Certificate> > leaf_to_root () const;
+	typedef std::list<boost::shared_ptr<const Certificate> > List;
+	
+	List leaf_to_root () const;
+	List root_to_leaf () const;
+
+	bool valid () const;
+	bool attempt_reorder ();
 
 private:
 	friend class ::certificates;
-	std::list<boost::shared_ptr<Certificate> > _certificates;
+
+	List _certificates;
 };
 
 }