|
|
@ -173,9 +173,9 @@ namespace suisseid { |
|
|
|
/** @note by now, only @c MISSING and @c VALID is supported */ |
|
|
|
/** @note by now, only @c MISSING and @c VALID is supported */ |
|
|
|
enum CertStatus { |
|
|
|
enum CertStatus { |
|
|
|
MISSING, ///< certificate is missing, needs initiatlization
|
|
|
|
MISSING, ///< certificate is missing, needs initiatlization
|
|
|
|
EXPIRES_SOON, ///< certificate will soon expire, needs renewal
|
|
|
|
// EXPIRES_SOON, ///< certificate will soon expire, needs renewal
|
|
|
|
EXPIRED, ///< certificate is expired, needs new purchase
|
|
|
|
// EXPIRED, ///< certificate is expired, needs new purchase
|
|
|
|
REVOKED, ///< certificate has been revoked and is invalid
|
|
|
|
// REVOKED, ///< certificate has been revoked and is invalid
|
|
|
|
VALID ///< certificate is valid
|
|
|
|
VALID ///< certificate is valid
|
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
@ -311,11 +311,15 @@ namespace suisseid { |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
virtual CertStatus certStatus() { |
|
|
|
virtual CertStatus certStatus() { |
|
|
|
cryptoki::ObjectList certs |
|
|
|
try { |
|
|
|
(session().find(cryptoki::Attribute(CKA_CLASS) |
|
|
|
Certificate auth(authenticationCertificate()); |
|
|
|
.from<CK_OBJECT_CLASS>(CKO_CERTIFICATE))); |
|
|
|
Certificate sig(digitalSignatureCertificate()); |
|
|
|
if (certs.size()==0) return MISSING; |
|
|
|
|
|
|
|
return VALID; |
|
|
|
return VALID; |
|
|
|
|
|
|
|
} catch (const no_auth& x) { |
|
|
|
|
|
|
|
return MISSING; |
|
|
|
|
|
|
|
} catch (const no_digsig& x) { |
|
|
|
|
|
|
|
return MISSING; |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
virtual Certificate authenticationCertificate() try { |
|
|
|
virtual Certificate authenticationCertificate() try { |
|
|
|