#include <openssl/err.h>
#include <boost/algorithm/string.hpp>
#include <cerrno>
+#include <iostream>
#include <algorithm>
using std::list;
Certificate::Certificate (X509* c)
: _certificate (c)
, _public_key (0)
+ , _extra_data (false)
{
}
: _certificate (0)
, _public_key (0)
{
- read_string (cert);
+ _extra_data = read_string (cert);
}
/** Copy constructor.
Certificate::Certificate (Certificate const & other)
: _certificate (0)
, _public_key (0)
+ , _extra_data (other._extra_data)
{
if (other._certificate) {
read_string (other.certificate (true));
/** Read a certificate from a string.
* @param cert String to read.
+ * @return true if there is extra stuff after the end of the certificate, false if not.
*/
-void
+bool
Certificate::read_string (string cert)
{
/* Reformat cert so that it has line breaks every 64 characters.
}
BIO_free (bio);
+
+ line.clear ();
+ if (s.good ()) {
+ getline (s, line);
+ }
+ return !line.empty();
}
/** Destructor */
_certificate = 0;
RSA_free (_public_key);
_public_key = 0;
+ _extra_data = other._extra_data;
read_string (other.certificate (true));
std::string thumbprint () const;
+ bool extra_data () const {
+ return _extra_data;
+ }
+
private:
- void read_string (std::string);
+ bool read_string (std::string);
static std::string name_for_xml (X509_NAME *);
static std::string asn_to_utf8 (ASN1_STRING *);
X509* _certificate;
mutable RSA* _public_key;
+ /** true if extra data was found when this certificate was read
+ from a string.
+ */
+ bool _extra_data;
};
bool operator== (Certificate const & a, Certificate const & b);
*/
-#include <boost/test/unit_test.hpp>
#include "certificate.h"
#include "certificate_chain.h"
#include "util.h"
#include "exceptions.h"
#include "test.h"
+#include <boost/test/unit_test.hpp>
+#include <iostream>
using std::list;
using std::string;
"dnQualifier=QFVlym7fuql6bPOnY38aaO1ZPW4=,CN=CS.smpte-430-2.LEAF.NOT_FOR_PRODUCTION,OU=example.org,O=example.org"
);
+ BOOST_CHECK (!c.leaf().extra_data ());
+
++i;
/* Intermediate */
"dnQualifier=6eat8r33US71avuQEojmH\\+bjk84=,CN=.smpte-430-2.INTERMEDIATE.NOT_FOR_PRODUCTION,OU=example.org,O=example.org"
);
+ BOOST_CHECK (!i->extra_data ());
+
++i;
/* Root */
"dnQualifier=DCnRdHFbcv4ANVUq2\\+wMVALFSec=,CN=.smpte-430-2.ROOT.NOT_FOR_PRODUCTION,OU=example.org,O=example.org"
);
+ BOOST_CHECK (!c.root().extra_data ());
+
/* Check that reconstruction from a string works */
dcp::Certificate test (c.root().certificate (true));
BOOST_CHECK_EQUAL (test.certificate(), c.root().certificate());
{
dcp::Certificate c (dcp::file_to_string (private_test / "CA.GDC-TECH.COM_SA2100_A14903.crt.crt"));
BOOST_CHECK_EQUAL (c.certificate(true), dcp::file_to_string (private_test / "CA.GDC-TECH.COM_SA2100_A14903.crt.crt.reformatted"));
+ BOOST_CHECK (!c.extra_data ());
}
{
dcp::Certificate c (dcp::file_to_string (private_test / "usl-cert.pem"));
BOOST_CHECK_EQUAL (c.certificate(true), dcp::file_to_string (private_test / "usl-cert.pem.trimmed"));
+ BOOST_CHECK (!c.extra_data ());
+ }
+
+ {
+ dcp::Certificate c (dcp::file_to_string (private_test / "chain.pem"));
+ BOOST_CHECK (c.extra_data ());
}
BOOST_CHECK_THROW (dcp::Certificate (dcp::file_to_string (private_test / "no-begin.pem")), dcp::MiscError);