#include <xmlsec/dl.h>
#include <xmlsec/app.h>
#include <xmlsec/crypto.h>
+#include <openssl/pem.h>
#include "compose.hpp"
using std::string;
using std::list;
-using std::cout;
using boost::shared_ptr;
using namespace dcp;
Signer::Signer (boost::filesystem::path openssl)
{
- boost::filesystem::path directory = make_certificate_chain (openssl);
+ create (make_certificate_chain (openssl));
+}
+
+Signer::Signer (boost::filesystem::path openssl,
+ string organisation,
+ string organisational_unit,
+ string root_common_name,
+ string intermediate_common_name,
+ string leaf_common_name
+ )
+{
+ create (
+ make_certificate_chain (
+ openssl,
+ organisation,
+ organisational_unit,
+ root_common_name,
+ intermediate_common_name,
+ leaf_common_name
+ )
+ );
+}
- _certificates.add (shared_ptr<dcp::Certificate> (new dcp::Certificate (dcp::file_to_string (directory / "ca.self-signed.pem"))));
- _certificates.add (shared_ptr<dcp::Certificate> (new dcp::Certificate (dcp::file_to_string (directory / "intermediate.signed.pem"))));
- _certificates.add (shared_ptr<dcp::Certificate> (new dcp::Certificate (dcp::file_to_string (directory / "leaf.signed.pem"))));
+void
+Signer::create (boost::filesystem::path directory)
+{
+ _certificates.add (dcp::Certificate (dcp::file_to_string (directory / "ca.self-signed.pem")));
+ _certificates.add (dcp::Certificate (dcp::file_to_string (directory / "intermediate.signed.pem")));
+ _certificates.add (dcp::Certificate (dcp::file_to_string (directory / "leaf.signed.pem")));
_key = dcp::file_to_string (directory / "leaf.key");
boost::filesystem::remove_all (directory);
}
-
/** Add a <Signer> and <ds:Signature> nodes to an XML node.
* @param parent XML node to add to.
xmlpp::Element* signer = parent->add_child("Signer");
xmlpp::Element* data = signer->add_child("X509Data", "dsig");
xmlpp::Element* serial_element = data->add_child("X509IssuerSerial", "dsig");
- serial_element->add_child("X509IssuerName", "dsig")->add_child_text (_certificates.leaf()->issuer());
- serial_element->add_child("X509SerialNumber", "dsig")->add_child_text (_certificates.leaf()->serial());
- data->add_child("X509SubjectName", "dsig")->add_child_text (_certificates.leaf()->subject());
+ serial_element->add_child("X509IssuerName", "dsig")->add_child_text (_certificates.leaf().issuer());
+ serial_element->add_child("X509SerialNumber", "dsig")->add_child_text (_certificates.leaf().serial());
+ data->add_child("X509SubjectName", "dsig")->add_child_text (_certificates.leaf().subject());
/* <Signature> */
{
xmlpp::Element* serial = data->add_child("X509IssuerSerial", ns);
- serial->add_child("X509IssuerName", ns)->add_child_text((*i)->issuer ());
- serial->add_child("X509SerialNumber", ns)->add_child_text((*i)->serial ());
+ serial->add_child("X509IssuerName", ns)->add_child_text (i->issuer ());
+ serial->add_child("X509SerialNumber", ns)->add_child_text (i->serial ());
}
- data->add_child("X509Certificate", ns)->add_child_text((*i)->certificate());
+ data->add_child("X509Certificate", ns)->add_child_text (i->certificate());
}
xmlSecDSigCtxPtr signature_context = xmlSecDSigCtxCreate (0);
}
RSA* private_key = PEM_read_bio_RSAPrivateKey (bio, 0, 0, 0);
- RSA* public_key = _certificates.leaf()->public_key ();
+ RSA* public_key = _certificates.leaf().public_key ();
bool const valid = !BN_cmp (private_key->n, public_key->n);
BIO_free (bio);