mor get methods in certificate

master
Marc Wäckerlin 15 years ago
parent 8f38360ef7
commit 2d60d54967
  1. 6
      src/cryptoki.cxx
  2. 24
      src/openssl.hxx

@ -242,14 +242,12 @@ namespace cryptoki {
//---------------------------------------------------------------------------- //----------------------------------------------------------------------------
Object Session::create(const openssl::X509& cert) { Object Session::create(const openssl::X509& cert) {
AttributeList attrs; AttributeList attrs;
/*
attrs.push_back(Attribute(CKA_CLASS) attrs.push_back(Attribute(CKA_CLASS)
.from<CK_OBJECT_CLASS>(CKO_CERTIFICATE)); .from<CK_OBJECT_CLASS>(CKO_CERTIFICATE));
attrs.push_back(Attribute(CKA_CERTIFICATE_TYPE) attrs.push_back(Attribute(CKA_CERTIFICATE_TYPE)
.from<CK_CERTIFICATE_TYPE>(CKC_X_509)); .from<CK_CERTIFICATE_TYPE>(CKC_X_509));
attrs.push_back(Attribute(CKA_SUBJECT, derSubject)); attrs.push_back(Attribute(CKA_SUBJECT, cert.subjectDER()));
attrs.push_back(Attribute(CKA_VALUE, desValue)); attrs.push_back(Attribute(CKA_VALUE, cert.valueDER()));
*/
return create(attrs); return create(attrs);
} }
Object Session::create(const openssl::PrivateKey& key) { Object Session::create(const openssl::PrivateKey& key) {

@ -338,6 +338,20 @@ namespace openssl {
return std::string((char*)M_ASN1_STRING_data(cn), return std::string((char*)M_ASN1_STRING_data(cn),
M_ASN1_STRING_length(cn)); M_ASN1_STRING_length(cn));
} }
//! Check for basic constraints.
/*! e.g. check for CA certificate:
@code
if (x509.basicConstraints() && x509.basicConstraints()->ca) [...]
@endcode
@return 0 if there are no basic constraints */
BASIC_CONSTRAINTS* basicConstraints() {
static BASIC_CONSTRAINTS* bc(0);
if (!bc) {
int pos(X509_get_ext_by_NID(_x509, NID_basic_constraints, -1));
if (pos>=0) bc = X509V3_EXT_d2i(X509_get_ext(_x509, pos));
}
return bc;
}
//! Get organizational unit name. //! Get organizational unit name.
std::string organizationalUnitName() const { std::string organizationalUnitName() const {
X509_NAME *name(X509_get_subject_name(_x509)); X509_NAME *name(X509_get_subject_name(_x509));
@ -349,6 +363,16 @@ namespace openssl {
return std::string((char*)M_ASN1_STRING_data(cn), return std::string((char*)M_ASN1_STRING_data(cn),
M_ASN1_STRING_length(cn)); M_ASN1_STRING_length(cn));
} }
//! Get key usage flags.
std::string keyUsageFlags() const {
int pos(X509_get_ext_by_NID(_x509, NID_key_usage, -1));
if (pos>=0) {
ASN1_BIT_STRING ku(d2i(X509_get_ext(_x509, pos)));
return std::string((char*)M_ASN1_STRING_data(ku),
M_ASN1_STRING_lengthku));
else
return std::string(); //! @todo better throw exception?
}
private: private:
::X509* _x509; ::X509* _x509;
}; };

Loading…
Cancel
Save