Added X.509 accessor for signature.
This commit is contained in:
parent
9d5d1cbbc9
commit
4dc30fcde5
@ -1662,6 +1662,8 @@ struct CYASSL_X509 {
|
||||
byte notBefore[MAX_DATE_SZ];
|
||||
int notAfterSz;
|
||||
byte notAfter[MAX_DATE_SZ];
|
||||
int sigOID;
|
||||
buffer sig;
|
||||
buffer pubKey;
|
||||
buffer derCert; /* may need */
|
||||
DNS_entry* altNames; /* alt names list */
|
||||
|
@ -418,6 +418,8 @@ CYASSL_API int CyaSSL_X509_NAME_get_text_by_NID(
|
||||
CYASSL_X509_NAME*, int, char*, int);
|
||||
CYASSL_API int CyaSSL_X509_verify_cert(CYASSL_X509_STORE_CTX*);
|
||||
CYASSL_API const char* CyaSSL_X509_verify_cert_error_string(long);
|
||||
CYASSL_API int CyaSSL_X509_get_signature_type(CYASSL_X509*);
|
||||
CYASSL_API int CyaSSL_X509_get_signature(CYASSL_X509*, unsigned char*, int*);
|
||||
|
||||
CYASSL_API int CyaSSL_X509_LOOKUP_add_dir(CYASSL_X509_LOOKUP*,const char*,long);
|
||||
CYASSL_API int CyaSSL_X509_LOOKUP_load_file(CYASSL_X509_LOOKUP*, const char*,
|
||||
|
@ -1266,6 +1266,7 @@ void InitX509(CYASSL_X509* x509, int dynamicFlag)
|
||||
InitX509Name(&x509->subject, 0);
|
||||
x509->version = 0;
|
||||
x509->pubKey.buffer = NULL;
|
||||
x509->sig.buffer = NULL;
|
||||
x509->derCert.buffer = NULL;
|
||||
x509->altNames = NULL;
|
||||
x509->altNamesNext = NULL;
|
||||
@ -1284,6 +1285,7 @@ void FreeX509(CYASSL_X509* x509)
|
||||
if (x509->pubKey.buffer)
|
||||
XFREE(x509->pubKey.buffer, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
|
||||
XFREE(x509->derCert.buffer, NULL, DYNAMIC_TYPE_SUBJECT_CN);
|
||||
XFREE(x509->sig.buffer, NULL, 0);
|
||||
if (x509->altNames)
|
||||
FreeAltNames(x509->altNames, NULL);
|
||||
if (x509->dynamicMemory)
|
||||
@ -3128,6 +3130,17 @@ int CopyDecodedToX509(CYASSL_X509* x509, DecodedCert* dCert)
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
|
||||
x509->sig.buffer = (byte*)XMALLOC(dCert->sigLength, NULL, 0);
|
||||
if (x509->sig.buffer == NULL) {
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
else {
|
||||
XMEMCPY(x509->sig.buffer,
|
||||
&dCert->source[dCert->sigIndex], dCert->sigLength);
|
||||
x509->sig.length = dCert->sigLength;
|
||||
x509->sigOID = dCert->signatureOID;
|
||||
}
|
||||
|
||||
/* store cert for potential retrieval */
|
||||
x509->derCert.buffer = (byte*)XMALLOC(dCert->maxIdx, NULL,
|
||||
DYNAMIC_TYPE_CERT);
|
||||
|
31
src/ssl.c
31
src/ssl.c
@ -7137,13 +7137,42 @@ int CyaSSL_set_compression(CYASSL* ssl)
|
||||
}
|
||||
|
||||
|
||||
int CyaSSL_X509_get_signature_type(CYASSL_X509* x509)
|
||||
{
|
||||
int type = 0;
|
||||
|
||||
CYASSL_ENTER("CyaSSL_X509_get_signature_type");
|
||||
|
||||
if (x509 != NULL)
|
||||
type = x509->sigOID;
|
||||
|
||||
return type;
|
||||
}
|
||||
|
||||
|
||||
int CyaSSL_X509_get_signature(CYASSL_X509* x509,
|
||||
unsigned char* buf, int* bufSz)
|
||||
{
|
||||
CYASSL_ENTER("CyaSSL_X509_get_signature");
|
||||
if (x509 == NULL || bufSz == NULL || *bufSz < (int)x509->sig.length)
|
||||
return SSL_FATAL_ERROR;
|
||||
|
||||
if (buf != NULL)
|
||||
XMEMCPY(buf, x509->sig.buffer, x509->sig.length);
|
||||
*bufSz = x509->sig.length;
|
||||
|
||||
return SSL_SUCCESS;
|
||||
}
|
||||
|
||||
|
||||
/* write X509 serial number in unsigned binary to buffer
|
||||
buffer needs to be at least EXTERNAL_SERIAL_SIZE (32) for all cases
|
||||
return SSL_SUCCESS on success */
|
||||
int CyaSSL_X509_get_serial_number(CYASSL_X509* x509, byte* in, int* inOutSz)
|
||||
{
|
||||
CYASSL_ENTER("CyaSSL_X509_get_serial_number");
|
||||
if (x509 == NULL || in == NULL || *inOutSz < x509->serialSz)
|
||||
if (x509 == NULL || in == NULL ||
|
||||
inOutSz == NULL || *inOutSz < x509->serialSz)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
XMEMCPY(in, x509->serial, x509->serialSz);
|
||||
|
Loading…
Reference in New Issue
Block a user