diff options
| author | Carl Hetherington <cth@carlh.net> | 2013-01-11 00:25:11 +0000 |
|---|---|---|
| committer | Carl Hetherington <cth@carlh.net> | 2013-01-11 00:25:11 +0000 |
| commit | 67cf9c95d190b1f2a67d73c0a7f712e213b6e71a (patch) | |
| tree | 5330aa403ea22459ed257ee577aaeec84053c0a4 /src/crypt_chain.cc | |
| parent | 5265670cb158bee669e62a2953b41a624d324a36 (diff) | |
Tweaks to management of crypto information.
Diffstat (limited to 'src/crypt_chain.cc')
| -rw-r--r-- | src/crypt_chain.cc | 34 |
1 files changed, 23 insertions, 11 deletions
diff --git a/src/crypt_chain.cc b/src/crypt_chain.cc index 853d8c50..d0777859 100644 --- a/src/crypt_chain.cc +++ b/src/crypt_chain.cc @@ -3,17 +3,29 @@ #include <boost/filesystem.hpp> #include <boost/algorithm/string.hpp> #include "crypt_chain.h" +#include "exceptions.h" using std::string; using std::ofstream; using std::ifstream; using std::stringstream; +using std::cout; + +static void command (char const * c) +{ + int const r = system (c); + if (WEXITSTATUS (r)) { + stringstream s; + s << "error in " << c << "\n"; + throw libdcp::MiscError (s.str()); + } +} void libdcp::make_crypt_chain (string directory) { boost::filesystem::current_path (directory); - system ("openssl genrsa -out ca.key 2048"); + command ("openssl genrsa -out ca.key 2048"); { ofstream f ("ca.cnf"); @@ -31,7 +43,7 @@ libdcp::make_crypt_chain (string directory) << "CN = Entity and dnQualifier\n"; } - system ("openssl rsa -outform PEM -pubout -in ca.key | openssl base64 -d | dd bs=1 skip=24 2>/dev/null | openssl sha1 -binary | openssl base64 > ca_dnq"); + command ("openssl rsa -outform PEM -pubout -in ca.key | openssl base64 -d | dd bs=1 skip=24 2>/dev/null | openssl sha1 -binary | openssl base64 > ca_dnq"); string ca_dnq; @@ -46,10 +58,10 @@ libdcp::make_crypt_chain (string directory) { stringstream c; c << "openssl req -new -x509 -sha256 -config ca.cnf -days 3650 -set_serial 5 -subj " << ca_subject << " -key ca.key -outform PEM -out ca.self-signed.pem"; - system (c.str().c_str()); + command (c.str().c_str()); } - system ("openssl genrsa -out intermediate.key 2048"); + command ("openssl genrsa -out intermediate.key 2048"); { ofstream f ("intermediate.cnf"); @@ -67,7 +79,7 @@ libdcp::make_crypt_chain (string directory) << "CN = Entity and dnQualifier\n"; } - system ("openssl rsa -outform PEM -pubout -in intermediate.key | openssl base64 -d | dd bs=1 skip=24 2>/dev/null | openssl sha1 -binary | openssl base64 > inter_dnq"); + command ("openssl rsa -outform PEM -pubout -in intermediate.key | openssl base64 -d | dd bs=1 skip=24 2>/dev/null | openssl sha1 -binary | openssl base64 > inter_dnq"); string inter_dnq; @@ -82,13 +94,13 @@ libdcp::make_crypt_chain (string directory) { stringstream s; s << "openssl req -new -config intermediate.cnf -days 3649 -subj " << inter_subject << " -key intermediate.key -out intermediate.csr"; - system (s.str().c_str()); + command (s.str().c_str()); } - system ("openssl x509 -req -sha256 -days 3649 -CA ca.self-signed.pem -CAkey ca.key -set_serial 6 -in intermediate.csr -extfile intermediate.cnf -extensions v3_ca -out intermediate.signed.pem"); + command ("openssl x509 -req -sha256 -days 3649 -CA ca.self-signed.pem -CAkey ca.key -set_serial 6 -in intermediate.csr -extfile intermediate.cnf -extensions v3_ca -out intermediate.signed.pem"); - system ("openssl genrsa -out leaf.key 2048"); + command ("openssl genrsa -out leaf.key 2048"); { ofstream f ("leaf.cnf"); @@ -106,7 +118,7 @@ libdcp::make_crypt_chain (string directory) << "CN = Entity and dnQualifier\n"; } - system ("openssl rsa -outform PEM -pubout -in leaf.key | openssl base64 -d | dd bs=1 skip=24 2>/dev/null | openssl sha1 -binary | openssl base64 > leaf_dnq"); + command ("openssl rsa -outform PEM -pubout -in leaf.key | openssl base64 -d | dd bs=1 skip=24 2>/dev/null | openssl sha1 -binary | openssl base64 > leaf_dnq"); string leaf_dnq; @@ -121,8 +133,8 @@ libdcp::make_crypt_chain (string directory) { stringstream s; s << "openssl req -new -config leaf.cnf -days 3648 -subj " << leaf_subject << " -key leaf.key -outform PEM -out leaf.csr"; - system (s.str().c_str()); + command (s.str().c_str()); } - system ("openssl x509 -req -sha256 -days 3648 -CA intermediate.signed.pem -CAkey intermediate.key -set_serial 7 -in leaf.csr -extfile leaf.cnf -extensions v3_ca -out leaf.signed.pem"); + command ("openssl x509 -req -sha256 -days 3648 -CA intermediate.signed.pem -CAkey intermediate.key -set_serial 7 -in leaf.csr -extfile leaf.cnf -extensions v3_ca -out leaf.signed.pem"); } |