#include <openssl/bio.h>
#include <openssl/x509v3.h>
-X509Req::X509Req( X509_REQ* csr ) {
- req = std::shared_ptr<X509_REQ>( csr, X509_REQ_free );
+X509Req::X509Req( X509_REQ* csr ) : req( csr, X509_REQ_free ) {
EVP_PKEY* pkt = X509_REQ_get_pubkey( req.get() );
if( !pkt ) {
return X509_REQ_verify( req.get(), pk.get() );
}
-std::shared_ptr<EVP_PKEY> X509Req::getPkey() {
+std::shared_ptr<EVP_PKEY> X509Req::getPkey() const {
return pk;
}
add_ext( caCert, target, NID_info_access, "OCSP;URI:http://ocsp.cacert.org" );
add_ext( caCert, target, NID_crl_distribution_points, "URI:http://crl.cacert.org/class3-revoke.crl" );
- if( sans.size() == 0 ) {
+ if( sans.empty() ) {
return;
}
//X509_print_fp( stdout, target.get() );
std::shared_ptr<BIO> mem = std::shared_ptr<BIO>( BIO_new( BIO_s_mem() ), BIO_free );
+
+ if( !mem ) {
+ throw "Failed to allocate memory for the signed certificate.";
+ }
+
PEM_write_bio_X509( mem.get(), target.get() );
- BUF_MEM* buf;
+
+ BUF_MEM* buf = NULL;
BIO_get_mem_ptr( mem.get(), &buf );
+
std::shared_ptr<SignedCertificate> res = std::shared_ptr<SignedCertificate>( new SignedCertificate() );
res->certificate = std::string( buf->data, buf->data + buf->length );
- BIGNUM* ser = ASN1_INTEGER_to_BN( target->cert_info->serialNumber, NULL );
- char* serStr = BN_bn2hex( ser );
- res->serial = std::string( serStr );
- OPENSSL_free( serStr );
- BN_free( ser );
+
+ std::shared_ptr<BIGNUM> ser( ASN1_INTEGER_to_BN( target->cert_info->serialNumber, NULL ), BN_free );
+
+ if( !ser ) {
+ throw "Failed to retrieve certificate serial of signed certificate.";
+ }
+
+ std::shared_ptr<char> serStr(
+ BN_bn2hex( ser.get() ),
+ []( char* p ) {
+ OPENSSL_free( p );
+ } ); // OPENSSL_free is a macro...
+ res->serial = serStr ? std::string( serStr.get() ) : "";
+
return res;
}