using std::stringstream;
using std::cout;
-static void command (char const * c)
+static void command (string cmd)
{
- int const r = system (c);
+ int const r = system (cmd.c_str ());
#ifdef LIBDCP_WINDOWS
- if (r) {
+ int const code = r;
#else
- if (WEXITSTATUS (r)) {
-#endif
+ int const code = WEXITSTATUS (r);
+#endif
+ if (code) {
stringstream s;
- s << "error in " << c << "\n";
+ s << "error " << code << " in " << cmd << " within " << boost::filesystem::current_path();
throw libdcp::MiscError (s.str());
}
}
/** Extract a public key from a private key and create a SHA1 digest of it.
* @param key Private key
+ * @param openssl openssl binary name (or full path if openssl is not on the system path).
* @return SHA1 digest of corresponding public key, with escaped / characters.
*/
static string
-public_key_digest (boost::filesystem::path private_key)
+public_key_digest (boost::filesystem::path private_key, boost::filesystem::path openssl)
{
boost::filesystem::path public_name = private_key.string() + ".public";
/* Create the public key from the private key */
stringstream s;
- s << "openssl rsa -outform PEM -pubout -in " << private_key.string() << " > " << public_name.string ();
+ s << "\"" << openssl.string() << "\" rsa -outform PEM -pubout -in " << private_key.string() << " > " << public_name.string ();
command (s.str().c_str ());
/* Read in the public key from the file */
char digest_base64[64];
string dig = Kumu::base64encode (digest, SHA_DIGEST_LENGTH, digest_base64, 64);
+#ifdef LIBDCP_WINDOWS
+ boost::replace_all (dig, "/", "\\/");
+#else
boost::replace_all (dig, "/", "\\\\/");
+#endif
return dig;
}
{
boost::filesystem::path const cwd = boost::filesystem::current_path ();
+ string quoted_openssl = "\"" + openssl.string() + "\"";
+
boost::filesystem::current_path (directory);
- command ("openssl genrsa -out ca.key 2048");
+ command (quoted_openssl + " genrsa -out ca.key 2048");
{
ofstream f ("ca.cnf");
<< "CN = Entity and dnQualifier\n";
}
- string const ca_subject = "/O=example.org/OU=example.org/CN=.smpte-430-2.ROOT.NOT_FOR_PRODUCTION/dnQualifier=" + public_key_digest ("ca.key");
+ string const ca_subject = "/O=example.org/OU=example.org/CN=.smpte-430-2.ROOT.NOT_FOR_PRODUCTION/dnQualifier=" + public_key_digest ("ca.key", openssl);
{
stringstream c;
- c << "openssl req -new -x509 -sha256 -config ca.cnf -days 3650 -set_serial 5 -subj " << ca_subject << " -key ca.key -outform PEM -out ca.self-signed.pem";
+ c << quoted_openssl
+ << " req -new -x509 -sha256 -config ca.cnf -days 3650 -set_serial 5"
+ << " -subj " << ca_subject << " -key ca.key -outform PEM -out ca.self-signed.pem";
command (c.str().c_str());
}
- command ("openssl genrsa -out intermediate.key 2048");
+ command (quoted_openssl + " genrsa -out intermediate.key 2048");
{
ofstream f ("intermediate.cnf");
<< "CN = Entity and dnQualifier\n";
}
- string const inter_subject = "/O=example.org/OU=example.org/CN=.smpte-430-2.INTERMEDIATE.NOT_FOR_PRODUCTION/dnQualifier=" + public_key_digest ("intermediate.key");
+ string const inter_subject = "/O=example.org/OU=example.org/CN=.smpte-430-2.INTERMEDIATE.NOT_FOR_PRODUCTION/dnQualifier="
+ + public_key_digest ("intermediate.key", openssl);
{
stringstream s;
- s << "openssl req -new -config intermediate.cnf -days 3649 -subj " << inter_subject << " -key intermediate.key -out intermediate.csr";
+ s << quoted_openssl
+ << " req -new -config intermediate.cnf -days 3649 -subj " << inter_subject << " -key intermediate.key -out intermediate.csr";
command (s.str().c_str());
}
- command ("openssl x509 -req -sha256 -days 3649 -CA ca.self-signed.pem -CAkey ca.key -set_serial 6 -in intermediate.csr -extfile intermediate.cnf -extensions v3_ca -out intermediate.signed.pem");
+ command (
+ quoted_openssl +
+ " x509 -req -sha256 -days 3649 -CA ca.self-signed.pem -CAkey ca.key -set_serial 6"
+ " -in intermediate.csr -extfile intermediate.cnf -extensions v3_ca -out intermediate.signed.pem"
+ );
- command ("openssl genrsa -out leaf.key 2048");
+ command (quoted_openssl + " genrsa -out leaf.key 2048");
{
ofstream f ("leaf.cnf");
<< "CN = Entity and dnQualifier\n";
}
- string const leaf_subject = "/O=example.org/OU=example.org/CN=CS.smpte-430-2.LEAF.NOT_FOR_PRODUCTION/dnQualifier=" + public_key_digest ("leaf.key");
+ string const leaf_subject = "/O=example.org/OU=example.org/CN=CS.smpte-430-2.LEAF.NOT_FOR_PRODUCTION/dnQualifier="
+ + public_key_digest ("leaf.key", openssl);
{
stringstream s;
- s << "openssl req -new -config leaf.cnf -days 3648 -subj " << leaf_subject << " -key leaf.key -outform PEM -out leaf.csr";
+ s << quoted_openssl << " req -new -config leaf.cnf -days 3648 -subj " << leaf_subject << " -key leaf.key -outform PEM -out leaf.csr";
command (s.str().c_str());
}
- command ("openssl x509 -req -sha256 -days 3648 -CA intermediate.signed.pem -CAkey intermediate.key -set_serial 7 -in leaf.csr -extfile leaf.cnf -extensions v3_ca -out leaf.signed.pem");
+ command (
+ quoted_openssl +
+ " x509 -req -sha256 -days 3648 -CA intermediate.signed.pem -CAkey intermediate.key"
+ " -set_serial 7 -in leaf.csr -extfile leaf.cnf -extensions v3_ca -out leaf.signed.pem"
+ );
boost::filesystem::current_path (cwd);
}