X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;ds=sidebyside;f=src%2Fcrypto%2FsslUtil.cpp;h=753981c91195800dfd42cdee0b426a18658f08d7;hb=3ea4de25c712971a35dbad27d8834d75933daa08;hp=fd00e8fb85a94db8367299a6d52e676c5cd278bb;hpb=9e866a1a2facc8cb1565cd660c6b6d482f18ecb1;p=cassiopeia.git

diff --git a/src/crypto/sslUtil.cpp b/src/crypto/sslUtil.cpp
index fd00e8f..753981c 100644
--- a/src/crypto/sslUtil.cpp
+++ b/src/crypto/sslUtil.cpp
@@ -3,8 +3,11 @@
 #include <sys/types.h>
 #include <termios.h>
 #include <unistd.h>
+
 #include <iostream>
 
+#include "crypto/CRL.h"
+
 std::shared_ptr<int> ssl_lib_ref(
     new int( SSL_library_init() ),
     []( int* ref ) {
@@ -14,7 +17,7 @@ std::shared_ptr<int> ssl_lib_ref(
         CRYPTO_cleanup_all_ex_data();
     } );
 
-std::shared_ptr<X509> loadX509FromFile( std::string filename ) {
+std::shared_ptr<X509> loadX509FromFile( const std::string& filename ) {
     FILE* f = fopen( filename.c_str(), "r" );
 
     if( !f ) {
@@ -35,7 +38,7 @@ std::shared_ptr<X509> loadX509FromFile( std::string filename ) {
         } );
 }
 
-std::shared_ptr<EVP_PKEY> loadPkeyFromFile( std::string filename ) {
+std::shared_ptr<EVP_PKEY> loadPkeyFromFile( const std::string& filename ) {
     FILE* f = fopen( filename.c_str(), "r" );
 
     if( !f ) {
@@ -159,7 +162,7 @@ void setupSerial( FILE* f ) {
     }
 }
 
-std::shared_ptr<BIO> openSerial( const std::string name ) {
+std::shared_ptr<BIO> openSerial( const std::string& name ) {
     FILE* f = fopen( name.c_str(), "r+" );
 
     if( !f ) {
@@ -168,14 +171,34 @@ std::shared_ptr<BIO> openSerial( const std::string name ) {
     }
 
     setupSerial( f );
-
     std::shared_ptr<BIO> b( BIO_new_fd( fileno( f ), 0 ), BIO_free );
     return b;
 }
 
-CAConfig::CAConfig( std::string name ) {
-    this->name = name;
-    this->path = "ca/" + name;
+CAConfig::CAConfig( const std::string& name ) : path( "ca/" + name ), name( name ) {
     ca = loadX509FromFile( path + "/ca.crt" );
     caKey = loadPkeyFromFile( path + "/ca.key" );
+    ASN1_TIME* tm = X509_get_notBefore( ca );
+    notBefore = std::shared_ptr<ASN1_TIME>( tm, ASN1_TIME_free );
+}
+
+std::string timeToString( std::shared_ptr<ASN1_TIME> time ) {
+    std::shared_ptr<ASN1_GENERALIZEDTIME> gtime( ASN1_TIME_to_generalizedtime( time.get(), 0 ) );
+    std::string strdate( ( char* ) ASN1_STRING_data( gtime.get() ), ASN1_STRING_length( gtime.get() ) );
+
+    if( strdate[strdate.size() - 1] != 'Z' ) {
+        throw "Got invalid date?";
+    }
+
+    return strdate.substr( 0, strdate.size() - 1 );
+}
+
+void extractTimes( std::shared_ptr<X509> target,  std::shared_ptr<SignedCertificate> cert ) {
+    cert->before = timeToString( std::shared_ptr<ASN1_TIME>( X509_get_notBefore( target.get() ), ASN1_TIME_free ) );
+    cert->after = timeToString( std::shared_ptr<ASN1_TIME>( X509_get_notAfter( target.get() ), ASN1_TIME_free ) );
+}
+
+bool CAConfig::crlNeedsResign() {
+    std::shared_ptr<CRL> crl( new CRL( path + "/ca.crl" ) );
+    return crl->needsResign();
 }