mirror of
https://github.com/PurpleI2P/i2pd.git
synced 2025-01-22 21:37:17 +01:00
initial parsin of X.509 certificate
This commit is contained in:
parent
8b61aedc3f
commit
366b160727
63
Reseed.cpp
63
Reseed.cpp
|
@ -1,8 +1,11 @@
|
||||||
|
#include <string.h>
|
||||||
#include <fstream>
|
#include <fstream>
|
||||||
#include <sstream>
|
#include <sstream>
|
||||||
#include <boost/regex.hpp>
|
#include <boost/regex.hpp>
|
||||||
#include <boost/filesystem.hpp>
|
#include <boost/filesystem.hpp>
|
||||||
#include <cryptopp/osrng.h>
|
#include <cryptopp/osrng.h>
|
||||||
|
#include <cryptopp/asn.h>
|
||||||
|
#include <cryptopp/base64.h>
|
||||||
#include <cryptopp/zinflate.h>
|
#include <cryptopp/zinflate.h>
|
||||||
#include "I2PEndian.h"
|
#include "I2PEndian.h"
|
||||||
#include "Reseed.h"
|
#include "Reseed.h"
|
||||||
|
@ -326,6 +329,66 @@ namespace data
|
||||||
return s;
|
return s;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const char CERTIFICATE_HEADER[] = "-----BEGIN CERTIFICATE-----";
|
||||||
|
const char CERTIFICATE_FOOTER[] = "-----END CERTIFICATE-----";
|
||||||
|
void Reseeder::LoadCertificate (const std::string& filename)
|
||||||
|
{
|
||||||
|
std::ifstream s(filename, std::ifstream::binary);
|
||||||
|
if (s.is_open ())
|
||||||
|
{
|
||||||
|
std::string cert;
|
||||||
|
s >> cert;
|
||||||
|
// assume file in pem format
|
||||||
|
auto pos1 = cert.find (CERTIFICATE_HEADER);
|
||||||
|
auto pos2 = cert.find (CERTIFICATE_FOOTER);
|
||||||
|
if (pos1 == std::string::npos || pos2 == std::string::npos)
|
||||||
|
{
|
||||||
|
LogPrint (eLogError, "Malformed certificate file");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
pos1 += strlen (CERTIFICATE_HEADER);
|
||||||
|
pos2 -= pos1;
|
||||||
|
std::string base64 = cert.substr (pos1, pos2);
|
||||||
|
|
||||||
|
CryptoPP::ByteQueue queue;
|
||||||
|
CryptoPP::Base64Decoder decoder; // regular base64 rather than I2P
|
||||||
|
decoder.Attach (new CryptoPP::Redirector (queue));
|
||||||
|
decoder.Put ((const uint8_t *)base64.data(), base64.length());
|
||||||
|
decoder.MessageEnd ();
|
||||||
|
|
||||||
|
// extract X.509
|
||||||
|
CryptoPP::BERSequenceDecoder x509Cert (queue);
|
||||||
|
CryptoPP::BERSequenceDecoder tbsCert (x509Cert);
|
||||||
|
// version
|
||||||
|
uint32_t ver;
|
||||||
|
CryptoPP::BERGeneralDecoder context (tbsCert, 0xa0);
|
||||||
|
CryptoPP::BERDecodeUnsigned<uint32_t>(context, ver, CryptoPP::INTEGER, 2, 2);
|
||||||
|
// serial
|
||||||
|
CryptoPP::Integer serial;
|
||||||
|
serial.BERDecode(tbsCert);
|
||||||
|
// signature
|
||||||
|
CryptoPP::BERSequenceDecoder signature (tbsCert);
|
||||||
|
signature.SkipAll();
|
||||||
|
// issuer
|
||||||
|
CryptoPP::BERSequenceDecoder issuer (tbsCert);
|
||||||
|
issuer.SkipAll();
|
||||||
|
// validity
|
||||||
|
CryptoPP::BERSequenceDecoder validity (tbsCert);
|
||||||
|
validity.SkipAll();
|
||||||
|
// subject
|
||||||
|
CryptoPP::BERSequenceDecoder subject (tbsCert);
|
||||||
|
subject.SkipAll();
|
||||||
|
// public key
|
||||||
|
CryptoPP::BERSequenceDecoder publicKey (tbsCert);
|
||||||
|
publicKey.SkipAll();
|
||||||
|
|
||||||
|
tbsCert.SkipAll();
|
||||||
|
x509Cert.SkipAll();
|
||||||
|
}
|
||||||
|
else
|
||||||
|
LogPrint (eLogError, "Can't open certificate file ", filename);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
2
Reseed.h
2
Reseed.h
|
@ -19,6 +19,8 @@ namespace data
|
||||||
bool reseedNow(); // depreacted
|
bool reseedNow(); // depreacted
|
||||||
int ReseedNowSU3 ();
|
int ReseedNowSU3 ();
|
||||||
|
|
||||||
|
void LoadCertificate (const std::string& filename);
|
||||||
|
|
||||||
private:
|
private:
|
||||||
|
|
||||||
int ReseedFromSU3 (const std::string& host);
|
int ReseedFromSU3 (const std::string& host);
|
||||||
|
|
Loading…
Reference in a new issue