X-Git-Url: https://git.carlh.net/gitweb/?a=blobdiff_plain;f=src%2Fcertificates.cc;h=818d5f7252810840ad8521a896ca71b4a333ae01;hb=e80df6ca95b57a45ec912b36425f282058cf3ce6;hp=d02754f1f098ccaa07c9d117dba821477c93da76;hpb=30e2f6f873002d16aeae707879ea15c1c63a4323;p=libdcp.git diff --git a/src/certificates.cc b/src/certificates.cc index d02754f1..818d5f72 100644 --- a/src/certificates.cc +++ b/src/certificates.cc @@ -23,6 +23,7 @@ #include #include #include +#include #include #include "KM_util.h" #include "certificates.h" @@ -39,14 +40,16 @@ using namespace libdcp; /** @param c X509 certificate, which this object will take ownership of */ Certificate::Certificate (X509* c) : _certificate (c) + , _public_key (0) { } Certificate::Certificate (boost::filesystem::path filename) : _certificate (0) + , _public_key (0) { - FILE* f = fopen (filename.c_str(), "r"); + FILE* f = fopen (filename.string().c_str(), "r"); if (!f) { throw FileError ("could not open file", filename); } @@ -58,12 +61,14 @@ Certificate::Certificate (boost::filesystem::path filename) Certificate::Certificate (string cert) : _certificate (0) + , _public_key (0) { read_string (cert); } Certificate::Certificate (Certificate const & other) : _certificate (0) + , _public_key (0) { read_string (other.certificate (true)); } @@ -87,6 +92,7 @@ Certificate::read_string (string cert) Certificate::~Certificate () { X509_free (_certificate); + RSA_free (_public_key); } Certificate & @@ -97,6 +103,10 @@ Certificate::operator= (Certificate const & other) } X509_free (_certificate); + _certificate = 0; + RSA_free (_public_key); + _public_key = 0; + read_string (other.certificate ()); return *this; @@ -183,6 +193,14 @@ Certificate::subject () const return name_for_xml (X509_get_subject_name (_certificate)); } +string +Certificate::common_name () const +{ + assert (_certificate); + + return get_name_part (X509_get_subject_name (_certificate), NID_commonName); +} + string Certificate::serial () const { @@ -224,6 +242,28 @@ Certificate::thumbprint () const return Kumu::base64encode (digest, 20, digest_base64, 64); } +RSA * +Certificate::public_key () const +{ + assert (_certificate); + + if (_public_key) { + return _public_key; + } + + EVP_PKEY* key = X509_get_pubkey (_certificate); + if (!key) { + throw MiscError ("could not get public key from certificate"); + } + + _public_key = EVP_PKEY_get1_RSA (key); + if (!_public_key) { + throw MiscError (String::compose ("could not get RSA public key (%1)", ERR_error_string (ERR_get_error(), 0))); + } + + return _public_key; +} + shared_ptr CertificateChain::root () const {