return pk;
}
-std::shared_ptr<X509Req> X509Req::parse( std::string filename ) {
- std::shared_ptr<BIO> in = std::shared_ptr<BIO>( BIO_new_mem_buf( const_cast<char*>( filename.c_str() ), -1 ), BIO_free );
+std::shared_ptr<X509Req> X509Req::parseCSR( std::string content ) {
+ std::shared_ptr<BIO> in = std::shared_ptr<BIO>( BIO_new_mem_buf( const_cast<char*>( content.c_str() ), -1 ), BIO_free );
X509_REQ* req = PEM_read_bio_X509_REQ( in.get(), NULL, NULL, NULL );
if( !req ) {
add_ext( caCert, target, NID_info_access, "OCSP;URI:http://ocsp.cacert.org" );
add_ext( caCert, target, NID_crl_distribution_points, "URI:http://crl.cacert.org/class3-revoke.crl" );
+ if( sans.size() == 0 ) {
+ return;
+ }
+
std::shared_ptr<GENERAL_NAMES> gens = std::shared_ptr<GENERAL_NAMES>(
sk_GENERAL_NAME_new_null(),
[]( GENERAL_NAMES * ref ) {
X509_EXTENSION_free( ext );
}
-std::shared_ptr<SignedCertificate> X509Cert::sign( std::shared_ptr<EVP_PKEY> caKey ) {
+std::shared_ptr<SignedCertificate> X509Cert::sign( std::shared_ptr<EVP_PKEY> caKey, std::string signAlg ) {
if( !X509_set_subject_name( target.get(), subject.get() ) ) {
throw "error setting subject";
}
- if( !X509_sign( target.get(), caKey.get(), EVP_sha512() ) ) {
+ const EVP_MD* md;
+
+ if( signAlg == "sha512" ) {
+ md = EVP_sha512();
+ } else if( signAlg == "sha384" ) {
+ md = EVP_sha384();
+ } else if( signAlg == "sha256" ) {
+ md = EVP_sha256();
+ } else if( signAlg == "sha1" ) {
+ md = EVP_sha1();
+ } else {
+ throw "Unknown md-type";
+ }
+
+ if( !X509_sign( target.get(), caKey.get(), md ) ) {
throw "Signing failed.";
}