}
boost::filesystem::path
-dcp::make_certificate_chain (boost::filesystem::path openssl)
+dcp::make_certificate_chain (
+ boost::filesystem::path openssl,
+ string organisation,
+ string organisational_unit,
+ string root_common_name,
+ string intermediate_common_name,
+ string leaf_common_name
+ )
{
boost::filesystem::path directory = boost::filesystem::temp_directory_path() / boost::filesystem::unique_path ();
boost::filesystem::create_directories (directory);
<< "CN = Entity and dnQualifier\n";
}
- string const ca_subject = "/O=example.org/OU=example.org/CN=.smpte-430-2.ROOT.NOT_FOR_PRODUCTION/dnQualifier=" + public_key_digest ("ca.key", openssl);
+ string const ca_subject = "/O=" + organisation +
+ "/OU=" + organisational_unit +
+ "/CN=" + root_common_name +
+ "/dnQualifier=" + public_key_digest ("ca.key", openssl);
{
stringstream c;
<< "CN = Entity and dnQualifier\n";
}
- string const inter_subject = "/O=example.org/OU=example.org/CN=.smpte-430-2.INTERMEDIATE.NOT_FOR_PRODUCTION/dnQualifier="
- + public_key_digest ("intermediate.key", openssl);
+ string const inter_subject = "/O=" + organisation +
+ "/OU=" + organisational_unit +
+ "/CN=" + intermediate_common_name +
+ "/dnQualifier=" + public_key_digest ("intermediate.key", openssl);
{
stringstream s;
<< "CN = Entity and dnQualifier\n";
}
- string const leaf_subject = "/O=example.org/OU=example.org/CN=CS.smpte-430-2.LEAF.NOT_FOR_PRODUCTION/dnQualifier="
- + public_key_digest ("leaf.key", openssl);
+ string const leaf_subject = "/O=" + organisation +
+ "/OU=" + organisational_unit +
+ "/CN=" + leaf_common_name +
+ "/dnQualifier=" + public_key_digest ("leaf.key", openssl);
{
stringstream s;
* - leaf.key leaf certificate private key
* - leaf.signed.pem leaf certificate
*/
-boost::filesystem::path make_certificate_chain (boost::filesystem::path openssl);
-
+boost::filesystem::path make_certificate_chain (
+ boost::filesystem::path openssl,
+ std::string organisation = "example.org",
+ std::string organisational_unit = "example.org",
+ std::string root_common_name = ".smpte-430-2.ROOT.NOT_FOR_PRODUCTION",
+ std::string intermediate_common_name = ".smpte-430-2.INTERMEDIATE.NOT_FOR_PRODUCTION",
+ std::string leaf_common_name = "CS.smpte-430-2.LEAF.NOT_FOR_PRODUCTION"
+ );
+
}
Signer::Signer (boost::filesystem::path openssl)
{
- boost::filesystem::path directory = make_certificate_chain (openssl);
+ create (make_certificate_chain (openssl));
+}
+
+Signer::Signer (boost::filesystem::path openssl,
+ string organisation,
+ string organisational_unit,
+ string root_common_name,
+ string intermediate_common_name,
+ string leaf_common_name
+ )
+{
+ create (
+ make_certificate_chain (
+ openssl,
+ organisation,
+ organisational_unit,
+ root_common_name,
+ intermediate_common_name,
+ leaf_common_name
+ )
+ );
+}
+void
+Signer::create (boost::filesystem::path directory)
+{
_certificates.add (dcp::Certificate (dcp::file_to_string (directory / "ca.self-signed.pem")));
_certificates.add (dcp::Certificate (dcp::file_to_string (directory / "intermediate.signed.pem")));
_certificates.add (dcp::Certificate (dcp::file_to_string (directory / "leaf.signed.pem")));
boost::filesystem::remove_all (directory);
}
-
/** Add a <Signer> and <ds:Signature> nodes to an XML node.
* @param parent XML node to add to.
{
public:
Signer (boost::filesystem::path openssl);
+
+ Signer (
+ boost::filesystem::path openssl,
+ std::string organisation,
+ std::string organisational_unit,
+ std::string root_common_name,
+ std::string intermediate_common_name,
+ std::string leaf_common_name
+ );
/** @param c Certificate chain to sign with.
* @param k Key to sign with as a PEM-format string.
bool valid () const;
private:
-
+ void create (boost::filesystem::path directory);
+
/** Certificate chain to sign with */
CertificateChain _certificates;
/** Key to sign with as a PEM-format string */
projects / libdcp.git / commitdiff