add: Implement signing based on requested "wish time"

[cassiopeia.git] / src / crypto / sslUtil.cpp

diff --git a/src/crypto/sslUtil.cpp b/src/crypto/sslUtil.cpp
index 9487e42a7253a98d581f7509498e477b8f314da4..d0710e0a837d8d297dd343f37b1796f18d362e0f 100644 (file)
--- a/src/crypto/sslUtil.cpp
+++ b/src/crypto/sslUtil.cpp
@@ -3,8 +3,11 @@
 #include <sys/types.h>
 #include <termios.h>
 #include <unistd.h>
+
 #include <iostream>
 
+#include "crypto/CRL.h"
+
 std::shared_ptr<int> ssl_lib_ref(
     new int( SSL_library_init() ),
     []( int* ref ) {
@@ -180,3 +183,24 @@ CAConfig::CAConfig( std::string name ) {
     ASN1_TIME* tm = X509_get_notBefore( ca );
     notBefore = std::shared_ptr<ASN1_TIME>( tm, ASN1_TIME_free );
 }
+
+std::string timeToString( std::shared_ptr<ASN1_TIME> time ) {
+    std::shared_ptr<ASN1_GENERALIZEDTIME> gtime( ASN1_TIME_to_generalizedtime( time.get(), 0 ) );
+    std::string strdate( ( char* ) ASN1_STRING_data( gtime.get() ), ASN1_STRING_length( gtime.get() ) );
+
+    if( strdate[strdate.size() - 1] != 'Z' ) {
+        throw "Got invalid date?";
+    }
+
+    return strdate.substr( 0, strdate.size() - 1 );
+}
+
+void extractTimes( std::shared_ptr<X509> target,  std::shared_ptr<SignedCertificate> cert ) {
+    cert->before = timeToString( std::shared_ptr<ASN1_TIME>( X509_get_notBefore( target.get() ), ASN1_TIME_free ) );
+    cert->after = timeToString( std::shared_ptr<ASN1_TIME>( X509_get_notAfter( target.get() ), ASN1_TIME_free ) );
+}
+
+bool CAConfig::crlNeedsResign() {
+    std::shared_ptr<CRL> crl( new CRL( path + "/ca.crl" ) );
+    return crl->needsResign();
+}