From e9be6f9bb696da4e1bcf750afd7015de4fe9220a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Remko=20Tron=C3=A7on?= Date: Tue, 9 Nov 2010 21:25:49 +0100 Subject: Implement DER conversion to/from certificates. diff --git a/Swiften/QA/OpenSSLTest/.gitignore b/Swiften/QA/OpenSSLTest/.gitignore new file mode 100644 index 0000000..27154e7 --- /dev/null +++ b/Swiften/QA/OpenSSLTest/.gitignore @@ -0,0 +1 @@ +OpenSSLTest diff --git a/Swiften/QA/OpenSSLTest/OpenSSLCertificateTest.cpp b/Swiften/QA/OpenSSLTest/OpenSSLCertificateTest.cpp new file mode 100644 index 0000000..43519d7 --- /dev/null +++ b/Swiften/QA/OpenSSLTest/OpenSSLCertificateTest.cpp @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2010 Remko Tronçon + * Licensed under the GNU General Public License v3. + * See Documentation/Licenses/GPLv3.txt for more information. + */ + +#include +#include +#include + +#include "Swiften/TLS/OpenSSL/OpenSSLCertificate.h" +#include "SwifTools/Application/PlatformApplicationPathProvider.h" + +using namespace Swift; + +class OpenSSLCertificateTest : public CppUnit::TestFixture { + CPPUNIT_TEST_SUITE(OpenSSLCertificateTest); + CPPUNIT_TEST(testConstructFromDER); + CPPUNIT_TEST(testToDER); + CPPUNIT_TEST_SUITE_END(); + + public: + void setUp() { + pathProvider = new PlatformApplicationPathProvider("FileReadBytestreamTest"); + } + + void tearDown() { + delete pathProvider; + } + + void testConstructFromDER() { + ByteArray in; + in.readFromFile((pathProvider->getExecutableDir() / "jabber_org.crt").string()); + OpenSSLCertificate testling(in); + + CPPUNIT_ASSERT_EQUAL(String("*.jabber.org"), testling.getCommonName()); + } + + void testToDER() { + ByteArray in; + in.readFromFile((pathProvider->getExecutableDir() / "jabber_org.crt").string()); + OpenSSLCertificate testling(in); + + CPPUNIT_ASSERT_EQUAL(in, testling.toDER()); + } + + private: + PlatformApplicationPathProvider* pathProvider; +}; + +CPPUNIT_TEST_SUITE_REGISTRATION(OpenSSLCertificateTest); diff --git a/Swiften/QA/OpenSSLTest/SConscript b/Swiften/QA/OpenSSLTest/SConscript new file mode 100644 index 0000000..a3309f2 --- /dev/null +++ b/Swiften/QA/OpenSSLTest/SConscript @@ -0,0 +1,18 @@ +import os + +Import("env") + +if env["TEST"] : + myenv = env.Clone() + myenv.MergeFlags(myenv["CHECKER_FLAGS"]) + myenv.MergeFlags(myenv["SWIFTOOLS_FLAGS"]) + myenv.MergeFlags(myenv["SWIFTEN_FLAGS"]) + myenv.MergeFlags(myenv["CPPUNIT_FLAGS"]) + myenv.MergeFlags(myenv["BOOST_FLAGS"]) + myenv.MergeFlags(myenv["LIBIDN_FLAGS"]) + myenv.MergeFlags(myenv["OPENSSL_FLAGS"]) + + tester = myenv.Program("OpenSSLTest", [ + "OpenSSLCertificateTest.cpp", + ]) + myenv.Test(tester, "system") diff --git a/Swiften/QA/OpenSSLTest/jabber_org.crt b/Swiften/QA/OpenSSLTest/jabber_org.crt new file mode 100644 index 0000000..5a9ddaa Binary files /dev/null and b/Swiften/QA/OpenSSLTest/jabber_org.crt differ diff --git a/Swiften/QA/SConscript b/Swiften/QA/SConscript index 8fb7c24..97b6ed0 100644 --- a/Swiften/QA/SConscript +++ b/Swiften/QA/SConscript @@ -1,3 +1,5 @@ +Import("swiften_env") + SConscript(dirs = [ "NetworkTest", # "ReconnectTest", @@ -5,3 +7,6 @@ SConscript(dirs = [ # "DNSSDTest", "StorageTest", ]) + +if swiften_env.get("HAVE_OPENSSL", False) : + SConscript(dirs = ["OpenSSLTest"]) diff --git a/Swiften/TLS/Certificate.h b/Swiften/TLS/Certificate.h index 3a812a8..6b62457 100644 --- a/Swiften/TLS/Certificate.h +++ b/Swiften/TLS/Certificate.h @@ -9,6 +9,7 @@ #include #include "Swiften/Base/String.h" +#include "Swiften/Base/ByteArray.h" namespace Swift { class Certificate { @@ -22,6 +23,8 @@ namespace Swift { virtual std::vector getDNSNames() const = 0; virtual std::vector getXMPPAddresses() const = 0; + virtual ByteArray toDER() const = 0; + protected: static const char* ID_ON_XMPPADDR_OID; static const char* ID_ON_DNSSRV_OID; diff --git a/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp b/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp index 3f134e7..7f13f88 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLCertificate.cpp @@ -16,6 +16,25 @@ namespace Swift { OpenSSLCertificate::OpenSSLCertificate(boost::shared_ptr cert) : cert(cert) { + parse(); +} + + +OpenSSLCertificate::OpenSSLCertificate(const ByteArray& der) { + const unsigned char* p = reinterpret_cast(der.getData()); + cert = boost::shared_ptr(d2i_X509(NULL, &p, der.getSize()), X509_free); + parse(); +} + +ByteArray OpenSSLCertificate::toDER() const { + ByteArray result; + result.resize(i2d_X509(cert.get(), NULL)); + unsigned char* p = reinterpret_cast(result.getData()); + i2d_X509(cert.get(), &p); + return result; +} + +void OpenSSLCertificate::parse() { // Common name X509_NAME* subjectName = X509_get_subject_name(cert.get()); if (subjectName) { diff --git a/Swiften/TLS/OpenSSL/OpenSSLCertificate.h b/Swiften/TLS/OpenSSL/OpenSSLCertificate.h index 4708120..fe2cddf 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLCertificate.h +++ b/Swiften/TLS/OpenSSL/OpenSSLCertificate.h @@ -16,6 +16,7 @@ namespace Swift { class OpenSSLCertificate : public Certificate { public: OpenSSLCertificate(boost::shared_ptr); + OpenSSLCertificate(const ByteArray& der); String getCommonName() const { return commonName; @@ -33,7 +34,11 @@ namespace Swift { return xmppAddresses; } + ByteArray toDER() const; + private: + void parse(); + void addSRVName(const String& name) { srvNames.push_back(name); } -- cgit v0.10.2-6-g49f6