X509_EXTENSION_free( ext );
}
-std::shared_ptr<SignedCertificate> X509Cert::sign( std::shared_ptr<EVP_PKEY> caKey ) {
+std::shared_ptr<SignedCertificate> X509Cert::sign( std::shared_ptr<EVP_PKEY> caKey, std::string signAlg ) {
if( !X509_set_subject_name( target.get(), subject.get() ) ) {
throw "error setting subject";
}
- if( !X509_sign( target.get(), caKey.get(), EVP_sha512() ) ) {
+ const EVP_MD* md;
+
+ if( signAlg == "sha512" ) {
+ md = EVP_sha512();
+ } else if( signAlg == "sha384" ) {
+ md = EVP_sha384();
+ } else if( signAlg == "sha256" ) {
+ md = EVP_sha256();
+ } else if( signAlg == "sha1" ) {
+ md = EVP_sha1();
+ } else {
+ throw "Unknown md-type";
+ }
+
+ if( !X509_sign( target.get(), caKey.get(), md ) ) {
throw "Signing failed.";
}
void setSerialNumber( BIGNUM* num );
void setExtensions( std::shared_ptr<X509> caCert, std::vector<std::shared_ptr<SAN>>& sans );
void setTimes( uint32_t before, uint32_t after );
- std::shared_ptr<SignedCertificate> sign( std::shared_ptr<EVP_PKEY> caKey );
+ std::shared_ptr<SignedCertificate> sign( std::shared_ptr<EVP_PKEY> caKey, std::string signAlg );
};
c.setTimes( 0, 60 * 60 * 24 * 10 );
c.setExtensions( caCert, cert->SANs );
- std::shared_ptr<SignedCertificate> output = c.sign( caKey );
+ std::shared_ptr<SignedCertificate> output = c.sign( caKey, cert->md );
return output;
}