aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/x509/x509_ext.h
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2018-01-23 12:38:38 -0500
committerJack Lloyd <[email protected]>2018-01-23 12:38:38 -0500
commitbf1548695aea625c3af91e53c294aabeeb03f873 (patch)
tree25a4204495382930a12700dc5dd3ead2a5bb4eb0 /src/lib/x509/x509_ext.h
parent65f375348c0773af6e9bbe3a005aef177dfd4ac3 (diff)
Allow applications to easily override extensions in cert requests
Refactor the code so it's possible to create a cert request without going through x509self.h (PKCS10_Request::create). Add Extensions::add_new, so we can add an extension to a PKCS10 request without stomping on one already included by the application. Refactor the X509 unit tests to avoid (some) duplicated key creations. Just create a key once at the start and use it for all of the tests. GH #1428
Diffstat (limited to 'src/lib/x509/x509_ext.h')
-rw-r--r--src/lib/x509/x509_ext.h10
1 files changed, 10 insertions, 0 deletions
diff --git a/src/lib/x509/x509_ext.h b/src/lib/x509/x509_ext.h
index 8e702daf1..7c8a8569c 100644
--- a/src/lib/x509/x509_ext.h
+++ b/src/lib/x509/x509_ext.h
@@ -155,6 +155,16 @@ class BOTAN_PUBLIC_API(2,0) Extensions final : public ASN1_Object
void add(Certificate_Extension* extn, bool critical = false);
/**
+ * Adds a new extension to the list unless it already exists. If the extension
+ * already exists within the Extensions object, the extn pointer will be deleted.
+ *
+ * @param extn pointer to the certificate extension (Extensions takes ownership)
+ * @param critical whether this extension should be marked as critical
+ * @return true if the object was added false if the extension was already used
+ */
+ bool add_new(Certificate_Extension* extn, bool critical = false);
+
+ /**
* Adds an extension to the list or replaces it.
* @param extn the certificate extension
* @param critical whether this extension should be marked as critical