return st;
}
+/** @return thumbprint of the to-be-signed portion of this certificate */
string
Certificate::thumbprint () const
{
uint8_t buffer[8192];
uint8_t* p = buffer;
+
+#if OPENSSL_VERSION_NUMBER > 0x10100000L
+#warning "Using new OpenSSL API"
+ i2d_re_X509_tbs(_certificate, &p);
+#else
i2d_X509_CINF (_certificate->cert_info, &p);
+#endif
unsigned int const length = p - buffer;
if (length > sizeof (buffer)) {
throw MiscError ("buffer too small to generate thumbprint");
#include <openssl/bio.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
+#include <openssl/rsa.h>
#include <boost/filesystem.hpp>
#include <boost/algorithm/string.hpp>
#include <boost/foreach.hpp>
RSA* private_key = PEM_read_bio_RSAPrivateKey (bio, 0, 0, 0);
RSA* public_key = leaf().public_key ();
+
+#if OPENSSL_VERSION_NUMBER > 0x10100000L
+#warning "Using new OpenSSL API"
+ BIGNUM const * private_key_n;
+ RSA_get0_key(private_key, &private_key_n, 0, 0);
+ BIGNUM const * public_key_n;
+ RSA_get0_key(public_key, &public_key_n, 0, 0);
+ bool const valid = !BN_cmp (private_key_n, public_key_n);
+#else
bool const valid = !BN_cmp (private_key->n, public_key->n);
+#endif
BIO_free (bio);
return valid;
/* Leaf */
BOOST_CHECK_EQUAL (*i, c.leaf ());
+ BOOST_CHECK_EQUAL (i->thumbprint(), "EZg5wDcihccWqwdg59Y8D+IJpYM=");
BOOST_CHECK_EQUAL (
c.leaf().issuer(),
++i;
/* Intermediate */
+ BOOST_CHECK_EQUAL (i->thumbprint(), "GwM6ex2UVlWclH8f1uV7W1n0EEU=");
BOOST_CHECK_EQUAL (
i->issuer(),
"dnQualifier=DCnRdHFbcv4ANVUq2\\+wMVALFSec=,CN=.smpte-430-2.ROOT.NOT_FOR_PRODUCTION,OU=example.org,O=example.org"
/* Root */
BOOST_CHECK_EQUAL (*i, c.root ());
+ BOOST_CHECK_EQUAL (i->thumbprint(), "zU8NVNwI2PYejmSYRntG7c6sdTw=");
BOOST_CHECK_EQUAL (
c.root().issuer(),
"dnQualifier=DCnRdHFbcv4ANVUq2\\+wMVALFSec=,CN=.smpte-430-2.ROOT.NOT_FOR_PRODUCTION,OU=example.org,O=example.org"