Add expire date to label

Signed-off-by: Raul Metsma <[email protected]>

Author: metsma

cdoc/Certificate.cpp

@@ -74,6 +74,21 @@ Certificate::getSerialNumber() const
 	return getName(cert, NID_serialNumber);
 }
 
+time_t
+Certificate::getNotAfter() const
+{
+    if(!cert)
+        return 0;
+    tm tm{};
+    if(ASN1_TIME_to_tm(X509_get0_notAfter(cert.get()), &tm) != 1)
+        return 0;
+#ifdef _WIN32
+    return _mkgmtime(&tm);
+#else
+    return timegm(&tm);
+#endif
+}
+
 
 
 std::vector<std::string>
@@ -85,8 +100,8 @@ Certificate::policies() const
     if(!cert)
         return list;
 
-    auto p = static_cast<CERTIFICATEPOLICIES *>(X509_get_ext_d2i(cert.get(), NID_certificate_policies, nullptr, nullptr));
-    auto cp = std::unique_ptr<CERTIFICATEPOLICIES,decltype(&CERTIFICATEPOLICIES_free)>(p,CERTIFICATEPOLICIES_free);
+    auto cp = make_unique_cast<CERTIFICATEPOLICIES_free>(X509_get_ext_d2i(
+        cert.get(), NID_certificate_policies, nullptr, nullptr));
     if(!cp)
         return list;
 

cdoc/Certificate.h

@@ -50,6 +50,7 @@ class Certificate {
 
 	std::vector<uint8_t> getPublicKey() const;
     Algorithm getAlgorithm() const;
+    time_t getNotAfter() const;
 
     std::vector<uint8_t> getDigest();
 };

cdoc/Io.h

@@ -26,7 +26,7 @@
 
 namespace libcdoc {
 
-class DataSource;
+struct DataSource;
 
 /**
  * @brief The DataConsumer class

cdoc/Recipient.cpp

@@ -106,7 +106,7 @@ Recipient
 Recipient::makeEIDServer(std::vector<uint8_t> cert, std::string server_id)
 {
     Certificate x509(cert);
-    auto label = BuildLabelEID(cert);
+    auto label = BuildLabelEID(cert, time(nullptr) + 60 * 60 * 24 * 31 * 6); // 6 months
     return makeServer(std::move(label),
         x509.getPublicKey(), x509.getAlgorithm() == Certificate::Algorithm::RSA ? RSA : ECC, std::move(server_id));
 }
@@ -145,7 +145,7 @@ static constexpr std::string_view type_strs[] = {
 };
 
 std::string
-Recipient::buildLabel(std::vector<std::pair<std::string_view, std::string_view>> components)
+Recipient::buildLabel(const std::vector<std::pair<std::string_view, std::string_view>> &components, time_t exp)
 {
     std::ostringstream ofs;
     ofs << LABELPREFIX;
@@ -157,11 +157,14 @@ Recipient::buildLabel(std::vector<std::pair<std::string_view, std::string_view>>
             first = false;
         }
     }
+    if(exp > 0) {
+        ofs << "&server_exp=" << exp;
+    }
     return ofs.str();
 }
 
 std::string
-Recipient::BuildLabelEID(int version, EIDType type, std::string_view cn, std::string_view serial_number, std::string_view last_name, std::string_view first_name)
+Recipient::BuildLabelEID(int version, EIDType type, std::string_view cn, std::string_view serial_number, std::string_view last_name, std::string_view first_name, time_t exp)
 {
     // In case of cards issued to an organization the first name (and last name) are missing. We ommit these parts.
     if (first_name.empty()) {
@@ -170,7 +173,7 @@ Recipient::BuildLabelEID(int version, EIDType type, std::string_view cn, std::st
             {"type", type_strs[type]},
             {"cn", cn},
             {"serial_number", serial_number}
-        });
+        }, exp);
     } else {
         return buildLabel({
             {"v", std::to_string(version)},
@@ -179,15 +182,15 @@ Recipient::BuildLabelEID(int version, EIDType type, std::string_view cn, std::st
             {"serial_number", serial_number},
             {"last_name", last_name},
             {"first_name", first_name}
-        });
+        }, exp);
     }
 }
 
 std::string
-Recipient::BuildLabelEID(const std::vector<uint8_t>& cert)
+Recipient::BuildLabelEID(const std::vector<uint8_t>& cert, time_t exp)
 {
     Certificate x509(cert);
-    return BuildLabelEID(CDoc2::KEYLABELVERSION, getEIDType(x509.policies()), x509.getCommonName(), x509.getSerialNumber(), x509.getSurname(), x509.getGivenName());
+    return BuildLabelEID(CDoc2::KEYLABELVERSION, getEIDType(x509.policies()), x509.getCommonName(), x509.getSerialNumber(), x509.getSurname(), x509.getGivenName(), exp ? exp : x509.getNotAfter());
 }
 
 std::string

cdoc/Recipient.h

@@ -223,9 +223,10 @@ struct CDOC_EXPORT Recipient {
     /**
      * @brief build machine-readable CDoc2 label
      * @param components a list of string pairs
+     * @param exp a expire date to added to label (if 0, no expire date is added)
      * @return a composed label
      */
-    static std::string buildLabel(std::vector<std::pair<std::string_view, std::string_view>> components);
+    static std::string buildLabel(const std::vector<std::pair<std::string_view, std::string_view>> &components, time_t exp = 0);
     /**
      * @brief build machine-readable CDoc2 label for EID recipient
      * @param version the label version
@@ -234,16 +235,18 @@ struct CDOC_EXPORT Recipient {
      * @param serial_number the serial number
      * @param last_name the last name
      * @param first_name the first name
+     * @param exp a expire date to added to label (if 0, no expire date is added)
      * @return a composed label
      */
-    static std::string BuildLabelEID(int version, EIDType type, std::string_view cn, std::string_view serial_number, std::string_view last_name, std::string_view first_name);
+    static std::string BuildLabelEID(int version, EIDType type, std::string_view cn, std::string_view serial_number, std::string_view last_name, std::string_view first_name, time_t exp = 0);
     /**
      * @brief build machine-readable CDoc2 label for EID recipient filling info from certificate
      * @see BuildLabelEID
      * @param cert the certificate value (der-encoded)
+     * @param exp a expire date to added to label (if 0, expire date is taken from certificate)
      * @return a composed label
      */
-    static std::string BuildLabelEID(const std::vector<uint8_t> &cert);
+    static std::string BuildLabelEID(const std::vector<uint8_t> &cert, time_t exp = 0);
     /**
      * @brief build machine-readable CDoc2 label for certificate-based recipient
      * @param version the label version

cdoc/utils/memory.h

@@ -38,6 +38,11 @@ struct free_argument<R (*)(T *)>
 {
     using type = T;
 };
+template<class T, class R>
+struct free_argument<R (&)(T *)>
+{
+    using type = T;
+};
 
 template <class T>
 using unique_free_t = std::unique_ptr<T, void(*)(T*)>;