2 * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 * @author Piotr Marcinkiewicz(p.marcinkiew@samsung.com)
19 * @file CommonCertValidator.cpp
20 * @brief Common routines for certificate validation over OCSP and CRL
23 #include "RevocationCheckerBase.h"
27 #include <openssl/pem.h>
29 #include <dpl/scoped_fclose.h>
31 #include "Certificate.h"
32 #include "CertificateCollection.h"
35 const char DefaultBundlePatch[] = "/opt/etc/ssl/certs/ca-certificates.crt";
36 } //Anonymous name space
38 namespace ValidationCore {
39 CertificatePtr RevocationCheckerBase::loadPEMFile(const char* fileName)
41 VcoreDPL::ScopedFClose fd(fopen(fileName, "rb"));
43 // no such file, return NULL
45 return CertificatePtr();
48 // create a new X509 certificate basing on file
49 CertificatePtr cert(new Certificate(PEM_read_X509(fd.Get(),
56 bool RevocationCheckerBase::sortCertList(CertificateList &lCertificates)
58 CertificateCollection collection;
59 collection.load(lCertificates);
61 if (collection.sort()) {
62 lCertificates = collection.getChain();