upd: move more code to remoteSigner

author Felix Dörre <felix@dogcraft.de>

Tue, 23 Dec 2014 12:47:05 +0000 (13:47 +0100)

committer Benny Baumann <BenBE@geshi.org>

Sat, 24 Jan 2015 16:39:52 +0000 (17:39 +0100)
author Felix Dörre <felix@dogcraft.de>
Tue, 23 Dec 2014 12:47:05 +0000 (13:47 +0100)
committer Benny Baumann <BenBE@geshi.org>
Sat, 24 Jan 2015 16:39:52 +0000 (17:39 +0100)
diff --git a/src/recordHandler.cpp b/src/recordHandler.cpp

index ab9c3229555e93ee84490c20cff36c2bdb09ba2d..7c633d78efab32420782c432194336fbb428b745 100644 (file)
--- a/src/recordHandler.cpp
+++ b/src/recordHandler.cpp
@@ -14,6 +14,7 @@
  #include "database.h"
  #include "record.h"
  #include "opensslBIO.h"
+#include "remoteSigner.h"
  #include "simpleOpensslSigner.h"
  #include "slipBio.h"
  
@@ -47,7 +48,6 @@ std::shared_ptr<SSL_CTX> generateSSLContext( bool server ) {
      std::shared_ptr<STACK_OF( X509_NAME )> cert_names(
          SSL_load_client_CA_file( "testdata/server.crt" ),
          []( STACK_OF( X509_NAME ) *st ) {
-            std::cout << "freeing" << std::endl;
              sk_X509_NAME_free( st );
          } );
  
@@ -266,6 +266,9 @@ void setupSerial( FILE* f ) {
      attr.c_cflag &= ~( CSIZE | PARENB );
      attr.c_cflag |= CS8;
  
+    cfsetispeed( &attr, B115200 );
+    cfsetospeed( &attr, B115200 );
+
      if( tcsetattr( fileno( f ), TCSANOW, &attr ) ) {
          throw "failed to get attrs";
      }
@@ -316,9 +319,18 @@ int handlermain( int argc, const char* argv[] ) {
          cert->csr_content = data;
          cert->md = "sha256";
          cert->profile = "1";
+        std::shared_ptr<AVA> ava( new AVA() );
+        ava->name = "CN";
+        ava->value = "Dummy user certificates";
+        cert->AVAs.push_back( ava );
+        std::shared_ptr<SAN> san( new SAN() );
+        san->type = "DNS";
+        san->content = "n42.example.com";
+        cert->SANs.push_back( san );
  
          auto res = sign->sign( cert );
-        std::cout << "sent things" << std::endl;
+        std::cout << "log: " << res->log << std::endl;
+        std::cout << "cert things: " << res->certificate << std::endl;
  
          return 0;
      }
diff --git a/src/remoteSigner.cpp b/src/remoteSigner.cpp

index 9cc3a2d858c081e8a896443663c47efe3e9fa3d7..3415dcf2427b23cc73edc73664c27fec432e5261 100644 (file)
--- a/src/remoteSigner.cpp
+++ b/src/remoteSigner.cpp
@@ -37,8 +37,25 @@ std::shared_ptr<SignedCertificate> RemoteSigner::sign( std::shared_ptr<TBSCertif
  
      send( conn, head, RecordHeader::SignerCommand::SET_SIGNATURE_TYPE, cert->md );
      send( conn, head, RecordHeader::SignerCommand::SET_PROFILE, cert->profile );
-    send( conn, head, RecordHeader::SignerCommand::ADD_AVA, "CN,commonName" );
-    send( conn, head, RecordHeader::SignerCommand::ADD_SAN, "DNS,*.example.com" );
+
+    for( auto ava : cert->AVAs ) {
+        if( ava->name.find( "," ) != std::string::npos ) {
+            // invalid ava
+            return std::shared_ptr<SignedCertificate>();
+        }
+
+        send( conn, head, RecordHeader::SignerCommand::ADD_AVA, ava->name + "," + ava->value );
+    }
+
+    for( auto san : cert->SANs ) {
+        if( san->type.find( "," ) != std::string::npos ) {
+            // invalid ava
+            return std::shared_ptr<SignedCertificate>();
+        }
+
+        send( conn, head, RecordHeader::SignerCommand::ADD_SAN, san->type + "," + san->content );
+    }
+
      send( conn, head, RecordHeader::SignerCommand::SIGN, "" );
      send( conn, head, RecordHeader::SignerCommand::LOG_SAVED, "" );
      std::shared_ptr<SignedCertificate> result = std::shared_ptr<SignedCertificate>( new SignedCertificate() );
@@ -49,7 +66,16 @@ std::shared_ptr<SignedCertificate> RemoteSigner::sign( std::shared_ptr<TBSCertif
              int length = conn->read( buffer.data(), buffer.size() );
              RecordHeader head;
              std::string payload = parseCommand( head, std::string( buffer.data(), length ) );
-            std::cout << "Data: " << std::endl << payload << std::endl;
+
+            switch( ( RecordHeader::SignerResult ) head.command ) {
+            case RecordHeader::SignerResult::CERTIFICATE:
+                result->certificate = payload;
+                break;
+
+            case RecordHeader::SignerResult::SAVE_LOG:
+                result->log = payload;
+                break;
+            }
          } catch( const char* msg ) {
              std::cout << msg << std::endl;
              return std::shared_ptr<SignedCertificate>();
diff --git a/test/src/slipBioTest.cpp b/test/src/slipBioTest.cpp

index 48578c41ece0a4a0f99afc6baafaec4270d68e7e..eef8fbbcb0370a844948427419a7352a7b048f5f 100644 (file)
--- a/test/src/slipBioTest.cpp
+++ b/test/src/slipBioTest.cpp
@@ -158,16 +158,16 @@ BOOST_AUTO_TEST_CASE( TestSSLThroughSLIP ) {
      BOOST_CHECK_EQUAL( res, 5 );
      BOOST_CHECK_EQUAL_COLLECTIONS( data, data + 5, data2, data2 + 5 );
  
-    BIO_free(c_bio);
-    BIO_free(s_bio);
+    BIO_free( c_bio );
+    BIO_free( s_bio );
  
-    BIO_free(slip1);
-    BIO_free(slip2);
-    SSL_free(c_ssl);
-    SSL_free(s_ssl);
+    BIO_free( slip1 );
+    BIO_free( slip2 );
+    SSL_free( c_ssl );
+    SSL_free( s_ssl );
  
-    SSL_CTX_free(c_ctx);
-    SSL_CTX_free(s_ctx);
+    SSL_CTX_free( c_ctx );
+    SSL_CTX_free( s_ctx );
  }
  
  BOOST_AUTO_TEST_SUITE_END()
author	Felix Dörre <felix@dogcraft.de>
	Tue, 23 Dec 2014 12:47:05 +0000 (13:47 +0100)
committer	Benny Baumann <BenBE@geshi.org>
	Sat, 24 Jan 2015 16:39:52 +0000 (17:39 +0100)
src/recordHandler.cpp		patch \| blob \| history
src/remoteSigner.cpp		patch \| blob \| history
test/src/slipBioTest.cpp		patch \| blob \| history