3 * OCSP request and response abstractions.
5 * OCSP provides a quick way of checking whether a certificate is valid or
6 * not. For more information, see: http://en.wikipedia.org/wiki/OCSP
8 * For the sake of both ease of implementation and use, these classes only
9 * expose a simplified subset of OCSP functionality.
10 * - A nonce (unique identifier for the request) is always sent in the
12 * - Both the request and response objects assume only one certificate is to
20 #include <openssl/ocsp.h>
26 WvOCSPReq(const WvX509
&cert
, const WvX509
&issuer
);
29 void encode(WvBuf
&buf
);
32 WvOCSPReq(WvOCSPReq
&); // not implemented yet
33 friend class WvOCSPResp
;
43 virtual ~WvOCSPResp();
45 void decode(WvBuf
&buf
);
48 bool check_nonce(const WvOCSPReq
&req
) const;
49 bool signedbycert(const WvX509
&cert
) const;
50 WvX509
get_signing_cert() const;
52 enum Status
{ Error
, Good
, Revoked
, Unknown
};
53 Status
get_status(const WvX509
&cert
, const WvX509
&issuer
) const;
54 static WvString
status_str(Status status
);
57 WvOCSPResp(WvOCSPResp
&); // not implemented yet