fix: resolve some memory issues with slipBio testing

[cassiopeia.git] / src / X509.cpp

diff --git a/src/X509.cpp b/src/X509.cpp
index 19901e41b0c19b38d322f744722c3e2b703df0ef..d5f8bc50d52d33970ea436094c28cebb75d9c8ea 100644 (file)
--- a/src/X509.cpp
+++ b/src/X509.cpp
@@ -52,8 +52,8 @@ std::shared_ptr<EVP_PKEY> X509Req::getPkey() {
     return pk;
 }
 
-std::shared_ptr<X509Req> X509Req::parse( std::string filename ) {
-    std::shared_ptr<BIO> in = std::shared_ptr<BIO>( BIO_new_mem_buf( const_cast<char*>( filename.c_str() ), -1 ), BIO_free );
+std::shared_ptr<X509Req> X509Req::parseCSR( std::string content ) {
+    std::shared_ptr<BIO> in = std::shared_ptr<BIO>( BIO_new_mem_buf( const_cast<char*>( content.c_str() ), -1 ), BIO_free );
     X509_REQ* req = PEM_read_bio_X509_REQ( in.get(), NULL, NULL, NULL );
 
     if( !req ) {
@@ -103,6 +103,20 @@ X509Cert::X509Cert() {
     if( !X509_set_version( c, 2 ) ) {
         throw "Setting X509-version to 3 failed";
     }
+
+    X509_NAME* subjectP = X509_NAME_new();
+
+    if( !subjectP ) {
+        throw "malloc failure";
+    }
+
+    subject = std::shared_ptr<X509_NAME>( subjectP, X509_NAME_free );
+}
+
+void X509Cert::addRDN( int nid, std::string data ) {
+    if( ! X509_NAME_add_entry_by_NID( subject.get(), nid, MBSTRING_UTF8, ( unsigned char* )const_cast<char*>( data.data() ), data.size(), -1, 0 ) ) {
+        throw "malloc failure";
+    }
 }
 
 void X509Cert::setIssuerNameFrom( std::shared_ptr<X509> caCert ) {
@@ -170,6 +184,10 @@ void X509Cert::setExtensions( std::shared_ptr<X509> caCert, std::vector<std::sha
     add_ext( caCert, target, NID_info_access, "OCSP;URI:http://ocsp.cacert.org" );
     add_ext( caCert, target, NID_crl_distribution_points, "URI:http://crl.cacert.org/class3-revoke.crl" );
 
+    if( sans.size() == 0 ) {
+        return;
+    }
+
     std::shared_ptr<GENERAL_NAMES> gens = std::shared_ptr<GENERAL_NAMES>(
         sk_GENERAL_NAME_new_null(),
         []( GENERAL_NAMES * ref ) {
@@ -203,8 +221,26 @@ void X509Cert::setExtensions( std::shared_ptr<X509> caCert, std::vector<std::sha
     X509_EXTENSION_free( ext );
 }
 
-std::shared_ptr<SignedCertificate> X509Cert::sign( std::shared_ptr<EVP_PKEY> caKey ) {
-    if( !X509_sign( target.get(), caKey.get(), EVP_sha512() ) ) {
+std::shared_ptr<SignedCertificate> X509Cert::sign( std::shared_ptr<EVP_PKEY> caKey, std::string signAlg ) {
+    if( !X509_set_subject_name( target.get(), subject.get() ) ) {
+        throw "error setting subject";
+    }
+
+    const EVP_MD* md;
+
+    if( signAlg == "sha512" ) {
+        md = EVP_sha512();
+    } else if( signAlg == "sha384" ) {
+        md = EVP_sha384();
+    } else if( signAlg == "sha256" ) {
+        md = EVP_sha256();
+    } else if( signAlg == "sha1" ) {
+        md = EVP_sha1();
+    } else {
+        throw "Unknown md-type";
+    }
+
+    if( !X509_sign( target.get(), caKey.get(), md ) ) {
         throw "Signing failed.";
     }