X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;ds=sidebyside;f=src%2Fcrypto%2FsslUtil.h;h=87e908c1cbb3ea64022908d62078ab43ca54a1f5;hb=2fc4b5f8d5400f6ebd284a0e6fbaad23a345b585;hp=7a6850451f81566477930f14791a7223b7e34686;hpb=9e866a1a2facc8cb1565cd660c6b6d482f18ecb1;p=cassiopeia.git diff --git a/src/crypto/sslUtil.h b/src/crypto/sslUtil.h index 7a68504..87e908c 100644 --- a/src/crypto/sslUtil.h +++ b/src/crypto/sslUtil.h @@ -1,20 +1,29 @@ #pragma once -#include + #include #include +#include #include +#include + +#include -class CAConfig { -public: +#include "db/database.h" + +struct CAConfig { std::string path; std::string name; + std::string crlURL; + std::string crtURL; std::shared_ptr ca; std::shared_ptr caKey; - CAConfig( std::string name ); + std::shared_ptr notBefore; -}; + CAConfig( const std::string& name ); + bool crlNeedsResign(); +}; struct Profile { uint16_t id; @@ -22,13 +31,33 @@ struct Profile { std::string eku; std::string ku; - std::shared_ptr ca; + std::vector> ca; + std::time_t maxValidity; + std::shared_ptr getCA() { + std::shared_ptr min = nullptr; + for( auto it = ca.rbegin(); it != ca.rend(); it++ ) { + if( X509_cmp_current_time( ( *it )->notBefore.get() ) < 0) { + if(min != nullptr){ + if(strcmp(min->name.c_str(), (*it)->name.c_str()) < 0){ + min = *it; + } + }else{ + min=*it; + } + } + } + + return min == nullptr ? ca[0] : min; + } }; extern std::shared_ptr ssl_lib_ref; -std::shared_ptr loadX509FromFile( std::string filename ); -std::shared_ptr loadPkeyFromFile( std::string filename ); +std::shared_ptr loadX509FromFile( const std::string& filename ); +std::shared_ptr loadPkeyFromFile( const std::string& filename ); std::shared_ptr generateSSLContext( bool server ); -std::shared_ptr openSerial( const std::string name ); +std::shared_ptr openSerial( const std::string& name ); +std::string timeToString( std::shared_ptr time ); + +void extractTimes( std::shared_ptr source, std::shared_ptr cert );