diff options
| author | Carl Hetherington <cth@carlh.net> | 2014-07-17 16:12:56 +0100 |
|---|---|---|
| committer | Carl Hetherington <cth@carlh.net> | 2014-07-17 16:12:56 +0100 |
| commit | 3d77daab7639c06d1cdbeb852559fc4be5671819 (patch) | |
| tree | 1bbe412ad4107a4b3dde663eb6397079c65de465 /src | |
| parent | e21bb3e3c2cf5d0d971f1a5cf25da431fcde0409 (diff) | |
Add variousn new bits to CertificateChain.
Diffstat (limited to 'src')
| -rw-r--r-- | src/certificates.cc | 61 | ||||
| -rw-r--r-- | src/certificates.h | 11 |
2 files changed, 65 insertions, 7 deletions
diff --git a/src/certificates.cc b/src/certificates.cc index b6e45c0e..b331c6b6 100644 --- a/src/certificates.cc +++ b/src/certificates.cc @@ -33,9 +33,11 @@ #include <openssl/err.h> #include <boost/algorithm/string.hpp> #include <cerrno> +#include <algorithm> using std::list; using std::string; +using std::cout; using boost::shared_ptr; using namespace dcp; @@ -307,11 +309,18 @@ CertificateChain::leaf () const return _certificates.back (); } +/** @return Certificates in order from root to leaf */ +CertificateChain::List +CertificateChain::root_to_leaf () const +{ + return _certificates; +} + /** @return Certificates in order from leaf to root */ -list<shared_ptr<Certificate> > +CertificateChain::List CertificateChain::leaf_to_root () const { - list<shared_ptr<Certificate> > c = _certificates; + List c = _certificates; c.reverse (); return c; } @@ -325,6 +334,29 @@ CertificateChain::add (shared_ptr<Certificate> c) _certificates.push_back (c); } +void +CertificateChain::remove (shared_ptr<Certificate> c) +{ + _certificates.remove (c); +} + +/** Remove the i'th certificate in the list, as listed + * from root to leaf. + */ +void +CertificateChain::remove (int i) +{ + List::iterator j = _certificates.begin (); + while (j != _certificates.end () && i > 0) { + --i; + ++j; + } + + if (j != _certificates.end ()) { + _certificates.erase (j); + } +} + /** Verify the chain. * @return true if it's ok, false if not. */ @@ -335,9 +367,10 @@ CertificateChain::verify () const if (!store) { return false; } - - for (list<shared_ptr<Certificate> >::const_iterator i = _certificates.begin(); i != _certificates.end(); ++i) { - list<shared_ptr<Certificate> >::const_iterator j = i; + + for (List::const_iterator i = _certificates.begin(); i != _certificates.end(); ++i) { + + List::const_iterator j = i; ++j; if (j == _certificates.end ()) { break; @@ -373,3 +406,21 @@ CertificateChain::verify () const X509_STORE_free (store); return true; } + +/** @return true if the chain is now in order from root to leaf, + * false if no correct order was found. + */ +bool +CertificateChain::attempt_reorder () +{ + List original = _certificates; + _certificates.sort (); + do { + if (verify ()) { + return true; + } + } while (std::next_permutation (_certificates.begin(), _certificates.end ())); + + _certificates = original; + return false; +} diff --git a/src/certificates.h b/src/certificates.h index 5a2b9324..8ae562c9 100644 --- a/src/certificates.h +++ b/src/certificates.h @@ -93,17 +93,24 @@ public: CertificateChain () {} void add (boost::shared_ptr<Certificate> c); + void remove (boost::shared_ptr<Certificate> c); + void remove (int); boost::shared_ptr<Certificate> root () const; boost::shared_ptr<Certificate> leaf () const; - std::list<boost::shared_ptr<Certificate> > leaf_to_root () const; + typedef std::list<boost::shared_ptr<Certificate> > List; + + List leaf_to_root () const; + List root_to_leaf () const; bool verify () const; + bool attempt_reorder (); private: friend class ::certificates; - std::list<boost::shared_ptr<Certificate> > _certificates; + + List _certificates; }; } |