A class representing a certificate signing request. More...

#include <AsyncSslCertSigningReq.h>

Public Types
enum	: long { VERSION_1 = 0 }

Public Member Functions
	SslCertSigningReq (void)
	Default constructor.

	SslCertSigningReq (X509_REQ *req)
	Constructor using existing X509_REQ.

	SslCertSigningReq (SslCertSigningReq &&other)
	Move constructor.

	SslCertSigningReq (SslCertSigningReq &other)
	Copy constructor.

	~SslCertSigningReq (void)
	Constructor taking PEM data.

SslCertSigningReq &	operator= (SslCertSigningReq &other)
	Copy assignment operator.

SslCertSigningReq &	operator= (SslCertSigningReq &&other)
	Move assigned operator.

	operator const X509_REQ * () const
	Cast to a pointer to a X509_REQ object.

void	set (X509_REQ *req)
	Initialize this object from an existing X509_REQ object.

void	clear (void)
	Remove all information in this object.

bool	isNull (void) const
	Check if this object is empty.

bool	setVersion (long version)
	Set the version of the request.

long	version (void) const
	Get the version of this CSR.

bool	addSubjectName (const std::string &field, const std::string &value)
	Add a subject name component.

bool	setSubjectName (X509_NAME *name)
	Set the subject name from a X509_NAME pointer.

const X509_NAME *	subjectName (void) const
	Return the subject name as a X509_NAME pointer.

std::vector< unsigned char >	subjectDigest (void) const
	Get the subject digest.

std::string	subjectNameString (void) const
	Get the subject DN as a string.

std::string	commonName (void) const
	Get the subject common name.

void	addExtensions (SslX509Extensions &exts)
	Add extensions to this CSR.

SslX509Extensions	extensions (void) const
	Get the extensions in this CSR.

SslKeypair	publicKey (void) const
	Get the public key.

bool	setPublicKey (SslKeypair &pubkey)
	Set the public key.

bool	sign (SslKeypair &privkey)
	Sign the CSR using the given private key.

bool	verify (SslKeypair &pubkey) const
	Verify the signature of this CSR.

std::vector< unsigned char >	digest (void) const
	Get the sha256 digest of this CSR.

bool	readPem (const std::string &pem)
	Read PEM formatted CSR data into this object.

bool	readPemFile (const std::string &filename)
	Read PEM formatted CSR data from file into this object.

const std::string &	filePath (void) const
	Get the file path associated with this CSR.

bool	writePemFile (FILE *f)
	Write the CSR data to a PEM file.

bool	writePemFile (const std::string &filename)
	Write the CSR data to a PEM file.

bool	appendPemFile (const std::string &filename)
	Append the CSR data to a PEM file.

std::string	pem (void) const
	Get the data in this CSR as a PEM string.

void	print (const std::string &prefix="") const
	Print the info in this CSR to std::cout.

Detailed Description

A class representing a certificate signing request.

Author: Tobias Blomberg / SM0SVX

Date: 2020-08-03

#include <AsyncSslContext.h>
#include <AsyncSslKeypair.h>
#include <AsyncSslCertSigningReq.h>
#include <AsyncSslX509.h>
 
int main(void)
{
    // Create a key pair for the CA
  Async::SslKeypair ca_pkey;
  if (!ca_pkey.generate(2048))
  {
    std::cout << "*** ERROR: Failed to generate CA key" << std::endl;
    return 1;
  }
  if (!ca_pkey.writePrivateKeyFile("demo_ca.key"))
  {
    std::cout << "*** WARNING: Failed to write CA key file" << std::endl;
  }
 
    // Create a CA certificate and sign it with the key above
  Async::SslX509 ca_cert;
  ca_cert.setSerialNumber(1);
  ca_cert.setVersion(Async::SslX509::VERSION_3);
  ca_cert.addIssuerName("CN", "Demo Root CA");
  ca_cert.addIssuerName("L", "My City");
  ca_cert.addIssuerName("C", "XX");
  ca_cert.setSubjectName(ca_cert.issuerName());
  Async::SslX509Extensions ca_exts;
  ca_exts.addBasicConstraints("critical, CA:TRUE");
  ca_exts.addKeyUsage("critical, cRLSign, digitalSignature, keyCertSign");
  ca_exts.addSubjectAltNames("email:ca@example.org");
  ca_cert.addExtensions(ca_exts);
  time_t t = time(nullptr);
  ca_cert.setNotBefore(t);
  ca_cert.setNotAfter(t + 24*3600);
  ca_cert.setPublicKey(ca_pkey);
  ca_cert.sign(ca_pkey);
  std::cout << "--------------- CA Certificate ----------------" << std::endl;
  ca_cert.print();
  std::cout << "-----------------------------------------------" << std::endl;
  if (!ca_cert.writePemFile("demo_ca.crt"))
  {
    std::cout << "*** WARNING: Failed to write CA certificate file"
              << std::endl;
  }
 
    // Create a key pair for the server certificate
  Async::SslKeypair cert_pkey;
  if (!cert_pkey.generate(2048))
  {
    std::cout << "*** ERROR: Failed to generate server certificate key"
              << std::endl;
    return 1;
  }
  if (!cert_pkey.writePrivateKeyFile("demo.key"))
  {
    std::cout << "*** WARNING: Failed to write CA key file" << std::endl;
  }
 
    // Create a Certificate Signing Request
  Async::SslCertSigningReq csr;
  csr.setVersion(Async::SslCertSigningReq::VERSION_1);
  csr.addSubjectName("CN", "hostname.example.org");
  csr.addSubjectName("L", "My City");
  csr.addSubjectName("C", "XX");
  Async::SslX509Extensions csr_exts;
  csr_exts.addSubjectAltNames(
      "DNS:hostname.example.org"
      ", DNS:alias.example.org"
      ", DNS:localhost"
      ", IP:127.0.0.1"
      ", email:admin@example.org"
      ", URI:https://www.example.org"
      ", otherName:msUPN;UTF8:sb@sb.local");
  csr.addExtensions(csr_exts);
  csr.setPublicKey(cert_pkey);
  csr.sign(cert_pkey);
  std::cout << "--------- Certificate Signing Request ---------" << std::endl;
  csr.print();
  std::cout << "-----------------------------------------------" << std::endl;
  if (!csr.writePemFile("demo.csr"))
  {
    std::cout << "*** WARNING: Failed to write CSR file" << std::endl;
  }
  std::cout << "The CSR verification "
            << (csr.verify(cert_pkey) ? "PASSED" : "FAILED")
            << std::endl;
 
    // Create the certificate using the CSR then sign it using the CA cert
  Async::SslX509 cert;
  cert.setSerialNumber(2);
  cert.setVersion(Async::SslX509::VERSION_3);
  cert.setIssuerName(ca_cert.subjectName());
  cert.setSubjectName(csr.subjectName());
  cert.setNotBefore(t);
  cert.setNotAfter(t + 3600);
  const Async::SslX509Extensions exts(csr.extensions());
  Async::SslX509Extensions cert_exts;
  cert_exts.addBasicConstraints("critical, CA:FALSE");
  cert_exts.addKeyUsage("critical, nonRepudiation, digitalSignature, keyEncipherment, keyAgreement");
  cert_exts.addExtKeyUsage("serverAuth");
  Async::SslX509ExtSubjectAltName san(exts.subjectAltName());
  cert_exts.addExtension(san);
  cert.addExtensions(cert_exts);
  Async::SslKeypair csr_pkey(csr.publicKey());
  cert.setPublicKey(csr_pkey);
  cert.sign(ca_pkey);
  std::cout << "------------- Server Certificate --------------" << std::endl;
  cert.print();
  std::cout << "-----------------------------------------------" << std::endl;
  if (!cert.writePemFile("demo.crt"))
  {
    std::cout << "*** WARNING: Failed to write certificate file"
              << std::endl;
  }
  std::cout << "The certificate verification "
            << (cert.verify(ca_pkey) ? "PASSED" : "FAILED")
            << std::endl;
 
  return 0;
}

Examples: AsyncSslX509_demo.cpp.

Definition at line 123 of file AsyncSslCertSigningReq.h.

Member Enumeration Documentation

◆ anonymous enum

anonymous enum : long

Enumerator
VERSION_1

Definition at line 126 of file AsyncSslCertSigningReq.h.

Constructor & Destructor Documentation

◆ SslCertSigningReq() [1/4]

Async::SslCertSigningReq::SslCertSigningReq ( void )

inline

Default constructor.

Definition at line 134 of file AsyncSslCertSigningReq.h.

◆ SslCertSigningReq() [2/4]

Async::SslCertSigningReq::SslCertSigningReq ( X509_REQ * req )

inline

Constructor using existing X509_REQ.

Parameters

req	An existing X509_REQ

This object will take ownership of the X509_REQ and so it will be freed at the destruction of this object.

Definition at line 147 of file AsyncSslCertSigningReq.h.

◆ SslCertSigningReq() [3/4]

Async::SslCertSigningReq::SslCertSigningReq ( SslCertSigningReq && other )

inline

Move constructor.

Parameters

other The other object to move data from

Definition at line 153 of file AsyncSslCertSigningReq.h.

◆ SslCertSigningReq() [4/4]

Async::SslCertSigningReq::SslCertSigningReq ( SslCertSigningReq & other )

inline

Copy constructor.

Parameters

other The other object to copy data from

Definition at line 164 of file AsyncSslCertSigningReq.h.

◆ ~SslCertSigningReq()

Async::SslCertSigningReq::~SslCertSigningReq ( void )

inline

Constructor taking PEM data.

Parameters

pem	The PEM data to parse into a CSR object

Destructor

Definition at line 186 of file AsyncSslCertSigningReq.h.

Member Function Documentation

◆ addExtensions()

void Async::SslCertSigningReq::addExtensions ( SslX509Extensions & exts )

inline

Add extensions to this CSR.

Parameters

exts	The extensions to add

Examples: AsyncSslX509_demo.cpp.

Definition at line 418 of file AsyncSslCertSigningReq.h.

◆ addSubjectName()

bool Async::SslCertSigningReq::addSubjectName	(	const std::string &	field,
		const std::string &	value )

inline

Add a subject name component.

Parameters

field	The name of the field to add
value	The value of the field to add

Ex: addSubjectName("CN", "host.example.org");

Examples: AsyncSslX509_demo.cpp.

Definition at line 292 of file AsyncSslCertSigningReq.h.

◆ appendPemFile()

bool Async::SslCertSigningReq::appendPemFile ( const std::string & filename )

inline

Append the CSR data to a PEM file.

Parameters

filename The path to the file to append PEM data to

Returns: Returns true on success

Definition at line 590 of file AsyncSslCertSigningReq.h.

References writePemFile().

◆ clear()

void Async::SslCertSigningReq::clear ( void )

inline

Remove all information in this object.

After calling this function the isNull method will return true.

Definition at line 250 of file AsyncSslCertSigningReq.h.

◆ commonName()

std::string Async::SslCertSigningReq::commonName ( void ) const

inline

Get the subject common name.

Returns: Returns the common name (CN)

Definition at line 386 of file AsyncSslCertSigningReq.h.

References subjectName().

◆ digest()

std::vector< unsigned char > Async::SslCertSigningReq::digest ( void ) const

inline

Get the sha256 digest of this CSR.

Returns: Returns the sha256 digest of this CSR

Definition at line 492 of file AsyncSslCertSigningReq.h.

◆ extensions()

SslX509Extensions Async::SslCertSigningReq::extensions ( void ) const

inline

Get the extensions in this CSR.

Returns: Returns an object representing the extensions in this object

Examples: AsyncSslX509_demo.cpp.

Definition at line 434 of file AsyncSslCertSigningReq.h.

Referenced by print().

◆ filePath()

const std::string & Async::SslCertSigningReq::filePath ( void ) const

inline

Get the file path associated with this CSR.

Returns: Returns the path

This CSR is considered associated to a file if the readPemFile method was used to populate it with data.

Definition at line 556 of file AsyncSslCertSigningReq.h.

◆ isNull()

bool Async::SslCertSigningReq::isNull ( void ) const

inline

Check if this object is empty.

Returns: Returns true if this object is empty

Definition at line 263 of file AsyncSslCertSigningReq.h.

◆ operator const X509_REQ *()

Async::SslCertSigningReq::operator const X509_REQ * ( ) const

inline

Cast to a pointer to a X509_REQ object.

Returns: Returns a pointer to a X509_REQ object

Definition at line 230 of file AsyncSslCertSigningReq.h.

◆ operator=() [1/2]

SslCertSigningReq & Async::SslCertSigningReq::operator= ( SslCertSigningReq && other )

inline

Move assigned operator.

Parameters

other The object to move from

Returns: Returns a reference to this object

Definition at line 217 of file AsyncSslCertSigningReq.h.

◆ operator=() [2/2]

SslCertSigningReq & Async::SslCertSigningReq::operator= ( SslCertSigningReq & other )

inline

Copy assignment operator.

Parameters

other The object to copy

Returns: Returns a reference to this object

Definition at line 201 of file AsyncSslCertSigningReq.h.

◆ pem()

std::string Async::SslCertSigningReq::pem ( void ) const

inline

Get the data in this CSR as a PEM string.

Returns: Returns the PEM data as a string

Definition at line 599 of file AsyncSslCertSigningReq.h.

Referenced by readPem().

◆ print()

void Async::SslCertSigningReq::print ( const std::string & prefix = "" ) const

inline

Print the info in this CSR to std::cout.

Parameters

prefix A string to prefix each printed row with

Examples: AsyncSslX509_demo.cpp.

Definition at line 616 of file AsyncSslCertSigningReq.h.

References extensions(), Async::SslX509Extensions::subjectAltName(), subjectNameString(), and Async::SslX509ExtSubjectAltName::toString().

◆ publicKey()

SslKeypair Async::SslCertSigningReq::publicKey ( void ) const

inline

Get the public key.

Returns: Returns the public key as a SslKeypair object

Examples: AsyncSslX509_demo.cpp.

Definition at line 444 of file AsyncSslCertSigningReq.h.

◆ readPem()

bool Async::SslCertSigningReq::readPem ( const std::string & pem )

inline

Read PEM formatted CSR data into this object.

Parameters

pem	The PEM data

Returns: Returns true on success

Definition at line 513 of file AsyncSslCertSigningReq.h.

References pem().

◆ readPemFile()

bool Async::SslCertSigningReq::readPemFile ( const std::string & filename )

inline

Read PEM formatted CSR data from file into this object.

Parameters

filename The name of a file containing a CSR in PEM format

Returns: Returns true on success

Definition at line 531 of file AsyncSslCertSigningReq.h.

◆ set()

void Async::SslCertSigningReq::set ( X509_REQ * req )

inline

Initialize this object from an existing X509_REQ object.

Parameters

req	Pointer to an existing X509_REQ object

Definition at line 236 of file AsyncSslCertSigningReq.h.

◆ setPublicKey()

bool Async::SslCertSigningReq::setPublicKey ( SslKeypair & pubkey )

inline

Set the public key.

Parameters

pubkey The public key to set given as a SslKeypair object

Returns: Returns true on success

Examples: AsyncSslX509_demo.cpp.

Definition at line 455 of file AsyncSslCertSigningReq.h.

◆ setSubjectName()

bool Async::SslCertSigningReq::setSubjectName ( X509_NAME * name )

inline

Set the subject name from a X509_NAME pointer.

Parameters

name	The X509_NAME pointer

Returns: Returns true on success

Definition at line 314 of file AsyncSslCertSigningReq.h.

◆ setVersion()

bool Async::SslCertSigningReq::setVersion ( long version )

inline

Set the version of the request.

Parameters

version The version to set

The version indicate what information the request can contain.

Ex: setVersion(Async::SslCertSigningReq::VERSION_1);

Examples: AsyncSslX509_demo.cpp.

Definition at line 273 of file AsyncSslCertSigningReq.h.

References version().

◆ sign()

bool Async::SslCertSigningReq::sign ( SslKeypair & privkey )

inline

Sign the CSR using the given private key.

Parameters

The	private key to sign the CSR with

Returns: Returns true on sucess

Examples: AsyncSslX509_demo.cpp.

Definition at line 466 of file AsyncSslCertSigningReq.h.

◆ subjectDigest()

std::vector< unsigned char > Async::SslCertSigningReq::subjectDigest ( void ) const

inline

Get the subject digest.

Returns: A sha256 digest of the subject

Definition at line 334 of file AsyncSslCertSigningReq.h.

References subjectName().

◆ subjectName()

const X509_NAME * Async::SslCertSigningReq::subjectName ( void ) const

inline

Return the subject name as a X509_NAME pointer.

Returns: Returns the internal X509_NAME pointer

Examples: AsyncSslX509_demo.cpp.

Definition at line 324 of file AsyncSslCertSigningReq.h.

Referenced by commonName(), subjectDigest(), and subjectNameString().

◆ subjectNameString()

std::string Async::SslCertSigningReq::subjectNameString ( void ) const

inline

Get the subject DN as a string.

Returns: Returns a string representation of the subject DN

Definition at line 357 of file AsyncSslCertSigningReq.h.

References subjectName().

Referenced by print().

◆ verify()

bool Async::SslCertSigningReq::verify ( SslKeypair & pubkey ) const

inline

Verify the signature of this CSR.

Parameters

pubkey The public key to use in the verification

Verify that this CSR was signed using the private key matching the given public key.

Examples: AsyncSslX509_demo.cpp.

Definition at line 482 of file AsyncSslCertSigningReq.h.

◆ version()

long Async::SslCertSigningReq::version ( void ) const

inline

Get the version of this CSR.

Returns: Returns the version of this CSR

Definition at line 283 of file AsyncSslCertSigningReq.h.

Referenced by setVersion().

◆ writePemFile() [1/2]

bool Async::SslCertSigningReq::writePemFile ( const std::string & filename )

inline

Write the CSR data to a PEM file.

Parameters

filename The path to the file to write PEM data to

Returns: Returns true on success

Definition at line 580 of file AsyncSslCertSigningReq.h.

References writePemFile().

◆ writePemFile() [2/2]

bool Async::SslCertSigningReq::writePemFile ( FILE * f )

inline

Write the CSR data to a PEM file.

Parameters

f	An opened file object to write the PEM data to

Returns: Returns true on success

Examples: AsyncSslX509_demo.cpp.

Definition at line 563 of file AsyncSslCertSigningReq.h.

Referenced by appendPemFile(), and writePemFile().

The documentation for this class was generated from the following file:

AsyncSslCertSigningReq.h

Public Types

Public Member Functions

Detailed Description

Member Enumeration Documentation

◆ anonymous enum

Constructor & Destructor Documentation

◆ SslCertSigningReq() [1/4]

◆ SslCertSigningReq() [2/4]

◆ SslCertSigningReq() [3/4]

◆ SslCertSigningReq() [4/4]

◆ ~SslCertSigningReq()

Member Function Documentation

◆ addExtensions()

◆ addSubjectName()

◆ appendPemFile()

◆ clear()

◆ commonName()

◆ digest()

◆ extensions()

◆ filePath()

◆ isNull()

◆ operator const X509_REQ *()

◆ operator=() [1/2]

◆ operator=() [2/2]

◆ pem()

◆ print()

◆ publicKey()

◆ readPem()

◆ readPemFile()

◆ set()

◆ setPublicKey()

◆ setSubjectName()

◆ setVersion()

◆ sign()

◆ subjectDigest()

◆ subjectName()

◆ subjectNameString()

◆ verify()

◆ version()

◆ writePemFile() [1/2]

◆ writePemFile() [2/2]