aboutsummaryrefslogtreecommitdiffstats
path: root/src/cert
diff options
context:
space:
mode:
Diffstat (limited to 'src/cert')
-rw-r--r--src/cert/x509/x509_ca.h48
1 files changed, 41 insertions, 7 deletions
diff --git a/src/cert/x509/x509_ca.h b/src/cert/x509/x509_ca.h
index 969e62558..9f7cb9515 100644
--- a/src/cert/x509/x509_ca.h
+++ b/src/cert/x509/x509_ca.h
@@ -15,24 +15,53 @@
namespace Botan {
-/*************************************************
-* X.509 Certificate Authority *
-*************************************************/
+/**
+* This class represents X.509 Certificate Authorities (CAs).
+*/
class BOTAN_DLL X509_CA
{
public:
+
+ /**
+ * Sign a PKCS#10 Request.
+ * @param req the request to sign
+ * @param rng the rng to use
+ * @param not_before the starting time for the certificate
+ * @param not_after the expiration time for the certificate
+ * @return the resulting certificate
+ */
X509_Certificate sign_request(const PKCS10_Request& req,
RandomNumberGenerator& rng,
const X509_Time& not_before,
const X509_Time& not_after);
+ /**
+ * Get the certificate of this CA.
+ * @return the CA certificate
+ */
X509_Certificate ca_certificate() const;
+ /**
+ * Create a new and empty CRL for this CA.
+ * @param rng the random number generator to use
+ * @param next_update the time to set in next update in seconds as the offset from
+ * the current time
+ * @return the new CRL
+ */
X509_CRL new_crl(RandomNumberGenerator& rng, u32bit = 0) const;
- X509_CRL update_crl(const X509_CRL&,
- const std::vector<CRL_Entry>&,
+
+ /**
+ * Create a new CRL by with additional entries.
+ * @param last_crl the last CRL of this CA to add the new entries to
+ * @param new_entries contains the new CRL entries to be added to the CRL
+ * @param rng the random number generator to use
+ * @param next_update the time to set in next update in seconds
+ * as the offset from the current time
+ */
+ X509_CRL update_crl(const X509_CRL& last_crl,
+ const std::vector<CRL_Entry>& new_entries,
RandomNumberGenerator& rng,
- u32bit = 0) const;
+ u32bit next_update = 0) const;
static X509_Certificate make_cert(PK_Signer*,
RandomNumberGenerator&,
@@ -42,7 +71,12 @@ class BOTAN_DLL X509_CA
const X509_DN&, const X509_DN&,
const Extensions&);
- X509_CA(const X509_Certificate&, const Private_Key&);
+ /**
+ * Create a new CA object.
+ * @param ca_certificate the certificate of the CA
+ * @param key the private key of the CA
+ */
+ X509_CA(const X509_Certificate& ca_certificate, const Private_Key& key);
~X509_CA();
private:
X509_CA(const X509_CA&) {}