From b14903fa5cded58b70beb4e84fb0409011b6e7aa Mon Sep 17 00:00:00 2001 From: =?utf8?q?Felix=20D=C3=B6rre?= Date: Tue, 20 Jan 2015 16:36:43 +0100 Subject: [PATCH] upd: Add max validity period to profile configurations --- src/config.cpp | 1 + src/crypto/simpleOpensslSigner.cpp | 8 +------- src/crypto/sslUtil.h | 2 ++ test/genTestData.sh | 1 + 4 files changed, 5 insertions(+), 7 deletions(-) diff --git a/src/config.cpp b/src/config.cpp index e88ec2b..ce78f41 100644 --- a/src/config.cpp +++ b/src/config.cpp @@ -87,6 +87,7 @@ int parseProfiles() { prof.id = std::stoi( id ); prof.eku = map->at( "eku" ); prof.ku = map->at( "ku" ); + prof.maxValidity = std::stoi( map->at( "days" ) ) * /* DAYS */24 * 60 * 60; std::string cas = map->at( "ca" ); diff --git a/src/crypto/simpleOpensslSigner.cpp b/src/crypto/simpleOpensslSigner.cpp index 22687be..dce6025 100644 --- a/src/crypto/simpleOpensslSigner.cpp +++ b/src/crypto/simpleOpensslSigner.cpp @@ -109,12 +109,6 @@ std::shared_ptr SimpleOpensslSigner::sign( std::shared_ptr retsh = std::shared_ptr( X509_new(), X509_free ); - X509* ret = retsh.get(); - - if( !ret ) { - throw "Creating X509 failed."; - } X509_NAME* subjectP = X509_NAME_new(); @@ -184,7 +178,7 @@ std::shared_ptr SimpleOpensslSigner::sign( std::shared_ptr limit || to - from < 0 ) { to = from + limit; diff --git a/src/crypto/sslUtil.h b/src/crypto/sslUtil.h index dddfdaf..c4193fe 100644 --- a/src/crypto/sslUtil.h +++ b/src/crypto/sslUtil.h @@ -4,6 +4,7 @@ #include #include #include +#include #include @@ -28,6 +29,7 @@ struct Profile { std::string ku; std::vector> ca; + std::time_t maxValidity; std::shared_ptr getCA() { for( auto it = ca.rbegin(); it != ca.rend(); it++ ) { if( X509_cmp_current_time( ( *it )->notBefore.get() ) < 0 ) { diff --git a/test/genTestData.sh b/test/genTestData.sh index 9d0c4ff..7eb3e83 100755 --- a/test/genTestData.sh +++ b/test/genTestData.sh @@ -25,6 +25,7 @@ cat > profiles/0001-type1.cfg <