37 : _initialized(false), _cert(NULL), _privateKey(NULL)
61 return _trustedCAPath;
76 fp = fopen(certificate.
getPath().c_str(),
"r");
77 if(!fp || !PEM_read_X509(fp, &cert, NULL, NULL)){
87 fp = fopen(privateKey.
getPath().c_str(),
"r");
88 if(!fp || !PEM_read_PrivateKey(fp, &key, NULL, NULL)){
105 _trustedCAPath = trustedCAPath;
150 if(!certificate || cn.empty()){
154 X509_NAME *cert_name;
155 X509_NAME_ENTRY *name_entry;
156 ASN1_STRING *eid_string;
158 unsigned char *utf8_eid;
162 if(!(cert_name = X509_get_subject_name(certificate))){
167 eid_string = ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING);
173 ASN1_STRING_set(eid_string, cn.c_str(), -1);
175 utf8_eid_len = ASN1_STRING_to_UTF8(&utf8_eid, eid_string);
176 if(utf8_eid_len <= 0){
177 std::stringstream ss; ss <<
"ASN1_STRING_to_UTF8() returned " << utf8_eid_len <<
".";
183 lastpos = X509_NAME_get_index_by_NID(cert_name, NID_commonName, lastpos);
189 name_entry = X509_NAME_get_entry(cert_name, lastpos);
196 ASN1_STRING *asn1 = X509_NAME_ENTRY_get_data(name_entry);
202 unsigned char *utf8_cert_name;
204 utf8_cert_len = ASN1_STRING_to_UTF8(&utf8_cert_name, asn1);
205 if(utf8_cert_len <= 0){
211 if(utf8_cert_len != utf8_eid_len){
214 if(memcmp(utf8_eid, utf8_cert_name, utf8_eid_len) == 0){
215 OPENSSL_free(utf8_cert_name);
216 OPENSSL_free(utf8_eid);
219 OPENSSL_free(utf8_cert_name);
222 OPENSSL_free(utf8_eid);
224 char *subject_line = X509_NAME_oneline(cert_name, NULL, 0);
225 std::stringstream ss;
228 ss <<
"Certificate does not fit. Expected: " << cn <<
", Certificate Subject: " << subject_line <<
".";