mor get methods in certificate

15 years ago · 2d60d54967
parent 8f38360ef7
commit 2d60d54967
2 changed files with 26 additions and 4 deletions
--- a/src/cryptoki.cxx
+++ b/src/cryptoki.cxx
@ -242,14 +242,12 @@ namespace cryptoki {
  //----------------------------------------------------------------------------
  Object Session::create(const openssl::X509& cert) {
    AttributeList attrs;
-    /*
    attrs.push_back(Attribute(CKA_CLASS)
                    .from<CK_OBJECT_CLASS>(CKO_CERTIFICATE));
    attrs.push_back(Attribute(CKA_CERTIFICATE_TYPE)
                    .from<CK_CERTIFICATE_TYPE>(CKC_X_509));
-    attrs.push_back(Attribute(CKA_SUBJECT, derSubject));
-    attrs.push_back(Attribute(CKA_VALUE, desValue));
-        */
+    attrs.push_back(Attribute(CKA_SUBJECT, cert.subjectDER()));
+    attrs.push_back(Attribute(CKA_VALUE, cert.valueDER()));
    return create(attrs);
  }
  Object Session::create(const openssl::PrivateKey& key) {
--- a/src/openssl.hxx
+++ b/src/openssl.hxx
@ -338,6 +338,20 @@ namespace openssl {
        return std::string((char*)M_ASN1_STRING_data(cn),
                           M_ASN1_STRING_length(cn));
      }
+      //! Check for basic constraints.
+      /*! e.g. check for CA certificate:
+          @code
+          if (x509.basicConstraints() && x509.basicConstraints()->ca) [...]
+          @endcode
+          @return 0 if there are no basic constraints */
+      BASIC_CONSTRAINTS* basicConstraints() {
+        static BASIC_CONSTRAINTS* bc(0);
+        if (!bc) {
+          int pos(X509_get_ext_by_NID(_x509, NID_basic_constraints, -1));
+          if (pos>=0) bc = X509V3_EXT_d2i(X509_get_ext(_x509, pos));
+        }
+        return bc;
+      }
      //! Get organizational unit name.
      std::string organizationalUnitName() const {
        X509_NAME *name(X509_get_subject_name(_x509));
@ -349,6 +363,16 @@ namespace openssl {
        return std::string((char*)M_ASN1_STRING_data(cn),
                           M_ASN1_STRING_length(cn));
      }
+      //! Get key usage flags.
+      std::string keyUsageFlags() const {
+        int pos(X509_get_ext_by_NID(_x509, NID_key_usage, -1));
+        if (pos>=0) {
+          ASN1_BIT_STRING ku(d2i(X509_get_ext(_x509, pos)));
+          return std::string((char*)M_ASN1_STRING_data(ku),
+                             M_ASN1_STRING_lengthku));
+        else
+          return std::string(); //! @todo better throw exception?
+      }
    private:
      ::X509* _x509;
  };