diff options
author | Jack Lloyd <[email protected]> | 2018-01-23 12:38:38 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-01-23 12:38:38 -0500 |
commit | bf1548695aea625c3af91e53c294aabeeb03f873 (patch) | |
tree | 25a4204495382930a12700dc5dd3ead2a5bb4eb0 /src/lib/x509/x509_ext.h | |
parent | 65f375348c0773af6e9bbe3a005aef177dfd4ac3 (diff) |
Allow applications to easily override extensions in cert requests
Refactor the code so it's possible to create a cert request without
going through x509self.h (PKCS10_Request::create).
Add Extensions::add_new, so we can add an extension to a PKCS10
request without stomping on one already included by the application.
Refactor the X509 unit tests to avoid (some) duplicated key creations.
Just create a key once at the start and use it for all of the tests.
GH #1428
Diffstat (limited to 'src/lib/x509/x509_ext.h')
-rw-r--r-- | src/lib/x509/x509_ext.h | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/lib/x509/x509_ext.h b/src/lib/x509/x509_ext.h index 8e702daf1..7c8a8569c 100644 --- a/src/lib/x509/x509_ext.h +++ b/src/lib/x509/x509_ext.h @@ -155,6 +155,16 @@ class BOTAN_PUBLIC_API(2,0) Extensions final : public ASN1_Object void add(Certificate_Extension* extn, bool critical = false); /** + * Adds a new extension to the list unless it already exists. If the extension + * already exists within the Extensions object, the extn pointer will be deleted. + * + * @param extn pointer to the certificate extension (Extensions takes ownership) + * @param critical whether this extension should be marked as critical + * @return true if the object was added false if the extension was already used + */ + bool add_new(Certificate_Extension* extn, bool critical = false); + + /** * Adds an extension to the list or replaces it. * @param extn the certificate extension * @param critical whether this extension should be marked as critical |