From b16ce1e4d9092ad24496c4281dc708fb98ea3162 Mon Sep 17 00:00:00 2001 From: Pascal Bach Date: Tue, 28 Mar 2017 17:18:22 +0200 Subject: [PATCH] Add addtional NIDs to be extracted from X.509 certificates. - SerialNumber is especially useful on embedded devices - email is commonly found in certificates Signed-off-by: Pascal Bach --- Crypto/include/Poco/Crypto/X509Certificate.h | 4 +++- Crypto/testsuite/src/CryptoTest.cpp | 4 ++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/Crypto/include/Poco/Crypto/X509Certificate.h b/Crypto/include/Poco/Crypto/X509Certificate.h index f4e09cdbf..ae207299c 100644 --- a/Crypto/include/Poco/Crypto/X509Certificate.h +++ b/Crypto/include/Poco/Crypto/X509Certificate.h @@ -46,7 +46,9 @@ public: NID_LOCALITY_NAME = 15, NID_STATE_OR_PROVINCE = 16, NID_ORGANIZATION_NAME = 17, - NID_ORGANIZATION_UNIT_NAME = 18 + NID_ORGANIZATION_UNIT_NAME = 18, + NID_PKCS9_EMAIL_ADDRESS = 48, + NID_SERIAL_NUMBER = 105 }; explicit X509Certificate(std::istream& istr); diff --git a/Crypto/testsuite/src/CryptoTest.cpp b/Crypto/testsuite/src/CryptoTest.cpp index ae3c58525..74a9b90aa 100644 --- a/Crypto/testsuite/src/CryptoTest.cpp +++ b/Crypto/testsuite/src/CryptoTest.cpp @@ -292,6 +292,8 @@ void CryptoTest::testCertificate() std::string stateOrProvince(cert.subjectName(X509Certificate::NID_STATE_OR_PROVINCE)); std::string organizationName(cert.subjectName(X509Certificate::NID_ORGANIZATION_NAME)); std::string organizationUnitName(cert.subjectName(X509Certificate::NID_ORGANIZATION_UNIT_NAME)); + std::string emailAddress(cert.subjectName(X509Certificate::NID_PKCS9_EMAIL_ADDRESS)); + std::string serialNumber(cert.subjectName(X509Certificate::NID_SERIAL_NUMBER)); assert (subjectName == "/CN=appinf.com/O=Applied Informatics Software Engineering GmbH/OU=Development/ST=Carinthia/C=AT/L=St. Jakob im Rosental/emailAddress=guenter.obiltschnig@appinf.com"); assert (issuerName == subjectName); @@ -301,6 +303,8 @@ void CryptoTest::testCertificate() assert (stateOrProvince == "Carinthia"); assert (organizationName == "Applied Informatics Software Engineering GmbH"); assert (organizationUnitName == "Development"); + assert (emailAddress == "guenter.obiltschnig@appinf.com"); + assert (serialNumber == ""); // fails with recent OpenSSL versions: // assert (cert.issuedBy(cert));