Add initial CRL support to KSSLCertificate

1 files changed, 22 insertions, 0 deletions

diff --git a/tdeio/kssl/ksslcertificate.h b/tdeio/kssl/ksslcertificate.h
index 0c5f87323..67f6a808d 100644
--- a/tdeio/kssl/ksslcertificate.h
+++ b/tdeio/kssl/ksslcertificate.h
@@ -57,8 +57,10 @@ class KSSLX509V3;
 
 #ifdef KSSL_HAVE_SSL
 typedef struct x509_st X509;
+typedef struct X509_crl_st X509_CRL;
 #else
 class X509;
+class X509_CRL;
 #endif
 
 /**
@@ -98,6 +100,13 @@ public:
 	static KSSLCertificate *fromString(TQCString cert);
 
 	/**
+	 *  Create an X.509 CRL certificate from a base64 encoded string.
+	 *  @param cert the certificate in base64 form
+	 *  @return the X.509 CRL certificate, or NULL
+	 */
+	static KSSLCertificate *crlFromString(TQCString cert);
+
+	/**
 	 *  Create an X.509 certificate from the internal representation.
 	 *  This one duplicates the X509 object for itself.
 	 *  @param x5 the OpenSSL representation of the certificate
@@ -166,6 +175,18 @@ public:
 	TQDateTime getQDTNotAfter() const;
 
 	/**
+	 *  Get the date that the CRL was generated on.
+	 *  @return the date
+	 */
+	TQDateTime getQDTLastUpdate() const;
+
+	/**
+	 *  Get the date that the CRL must be updated by.
+	 *  @return the date
+	 */
+	TQDateTime getQDTNextUpdate() const;
+
+	/**
 	 *  Convert the certificate to DER (ASN.1) format.
 	 *  @return the binary data of the DER encoding
 	 */
@@ -360,6 +381,7 @@ protected:
 	KSSLCertificate();
 
 	void setCert(X509 *c);
+	void setCRL(X509_CRL *c);
 	void setChain(void *c);
 	X509 *getCert();
 	KSSLValidation processError(int ec);