r3359 - in trunk/libmcrypto: include/libmcrypto source source/openssl

erik at minisip.org erik at minisip.org
Thu Aug 9 15:06:49 CEST 2007 

Author: erik
Date: 2007-08-09 15:06:49 +0200 (Thu, 09 Aug 2007)
New Revision: 3359

Modified:
   trunk/libmcrypto/include/libmcrypto/cert.h
   trunk/libmcrypto/source/cert.cxx
   trunk/libmcrypto/source/openssl/cert.cxx
Log:

 * Added a verifiySignedBy to check whether a certificate is signed by
   another.

   It treats the argument as a CA by creating a certificate set with it
   and runs the Certificate::control method with it.

   (not properly tested yet)



Modified: trunk/libmcrypto/include/libmcrypto/cert.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/cert.h	2007-08-08 15:45:06 UTC (rev 3358)
+++ trunk/libmcrypto/include/libmcrypto/cert.h	2007-08-09 13:06:49 UTC (rev 3359)
@@ -256,6 +256,9 @@
 		virtual std::string getIssuer()=0;
 		virtual std::string getIssuerCn()=0;
 
+
+		bool verifySignedBy(MRef<Certificate*> cert);
+
 		/**
 		 * Returns whether or not at least one of the certificate's subjectAltNames
 		 * are equal to \p uri.

Modified: trunk/libmcrypto/source/cert.cxx
===================================================================
--- trunk/libmcrypto/source/cert.cxx	2007-08-08 15:45:06 UTC (rev 3358)
+++ trunk/libmcrypto/source/cert.cxx	2007-08-09 13:06:49 UTC (rev 3359)
@@ -121,6 +121,15 @@
 	return m_pk->privateDecrypt( data, size, retdata, retsize );
 }
 
+
+bool Certificate::verifySignedBy( MRef<Certificate*> cert ){
+	massert(cert);
+	MRef<CertificateSet*> set = CertificateSet::create();;
+	set->addCertificate(cert);
+	return cert->control(*set);
+}
+
+
 bool Certificate::hasPk(){
 	return !m_pk.isNull();
 }

Modified: trunk/libmcrypto/source/openssl/cert.cxx
===================================================================
--- trunk/libmcrypto/source/openssl/cert.cxx	2007-08-08 15:45:06 UTC (rev 3358)
+++ trunk/libmcrypto/source/openssl/cert.cxx	2007-08-09 13:06:49 UTC (rev 3359)
@@ -680,7 +680,6 @@
    pk_file=path;
 }
 
-
 int OsslCertificate::control( CertificateSet * cert_db ){
 	int result;
 	X509_STORE_CTX cert_store_ctx;

More information about the Minisip-devel mailing list