#include "X509.h"
+extern std::vector<Profile> profiles;
+
std::shared_ptr<int> SimpleOpensslSigner::lib_ref(
new int( SSL_library_init() ),
[]( int* ref ) {
} );
}
-std::shared_ptr<X509> SimpleOpensslSigner::caCert = loadX509FromFile( "assured.crt" );
+SimpleOpensslSigner::SimpleOpensslSigner() {
+ caCert = loadX509FromFile( profiles[0].cert );
+ caKey = loadPkeyFromFile( profiles[0].key );
+}
-std::shared_ptr<EVP_PKEY> SimpleOpensslSigner::caKey = loadPkeyFromFile( "assured.key" );
+int serial = 10;
std::shared_ptr<SignedCertificate> SimpleOpensslSigner::sign( std::shared_ptr<TBSCertificate> cert ) {
if( !caKey ) {
throw "CA-key not found";
}
- std::shared_ptr<X509Req> req = X509Req::parse( cert->csr_content );
+ std::shared_ptr<X509Req> req;
+
+ if( cert->csr_type == "SPKAC" ) {
+ req = X509Req::parseSPKAC( cert->csr_content );
+ } else if( cert->csr_type == "CSR" ) {
+ req = X509Req::parse( cert->csr_content );
+ } else {
+ throw "Error, unknown REQ rype " + ( cert->csr_type );
+ }
int i = req->verify();
c.setIssuerNameFrom( caCert );
c.setPubkeyFrom( req );
- c.setSerialNumber( 4711 );
+ c.setSerialNumber( serial++ );
c.setTimes( 0, 60 * 60 * 24 * 10 );
c.setExtensions( caCert, cert->SANs );
- std::string output = c.sign( caKey );
-
std::shared_ptr<SignedCertificate> output = c.sign( caKey );
return output;