add CyaSSL_X509_get_serial_number()
This commit is contained in:
parent
f874bf9b76
commit
b9ff110b2e
@ -41,6 +41,8 @@ enum {
|
||||
ISSUER = 0,
|
||||
SUBJECT = 1,
|
||||
|
||||
SERIAL_SIZE = 8,
|
||||
|
||||
BEFORE = 0,
|
||||
AFTER = 1
|
||||
};
|
||||
@ -171,6 +173,7 @@ typedef struct DecodedCert {
|
||||
byte* source; /* byte buffer holder cert, NOT owner */
|
||||
word32 srcIdx; /* current offset into buffer */
|
||||
void* heap; /* for user memory overrides */
|
||||
byte serial[SERIAL_SIZE]; /* raw serial number */
|
||||
#ifdef CYASSL_CERT_GEN
|
||||
/* easy access to sujbect info for other sign */
|
||||
char* subjectSN;
|
||||
@ -250,7 +253,6 @@ int DerToPem(const byte* der, word32 derSz, byte* output, word32 outputSz,
|
||||
#ifdef CYASSL_CERT_GEN
|
||||
|
||||
enum cert_enums {
|
||||
SERIAL_SIZE = 8,
|
||||
NAME_SIZE = 64,
|
||||
NAME_ENTRIES = 8,
|
||||
JOINT_LEN = 2,
|
||||
|
@ -668,6 +668,7 @@ void InitDecodedCert(DecodedCert* cert, byte* source, void* heap)
|
||||
cert->source = source; /* don't own */
|
||||
cert->srcIdx = 0;
|
||||
cert->heap = heap;
|
||||
XMEMSET(cert->serial, 0, SERIAL_SIZE);
|
||||
#ifdef CYASSL_CERT_GEN
|
||||
cert->subjectSN = 0;
|
||||
cert->subjectSNLen = 0;
|
||||
@ -718,6 +719,12 @@ static int GetCertHeader(DecodedCert* cert, word32 inSz)
|
||||
if (GetInt(&mpi, cert->source, &cert->srcIdx) < 0)
|
||||
ret = ASN_PARSE_E;
|
||||
|
||||
len = mp_unsigned_bin_size(&mpi);
|
||||
if (len > SERIAL_SIZE)
|
||||
ret = MP_TO_E;
|
||||
if (mp_to_unsigned_bin(&mpi, cert->serial + (SERIAL_SIZE - len)) != MP_OKAY)
|
||||
ret = MP_TO_E;
|
||||
|
||||
mp_clear(&mpi);
|
||||
return ret;
|
||||
}
|
||||
|
@ -924,6 +924,7 @@ struct X509_NAME {
|
||||
struct X509 {
|
||||
X509_NAME issuer;
|
||||
X509_NAME subject;
|
||||
byte serial[SERIAL_SIZE];
|
||||
};
|
||||
|
||||
|
||||
|
@ -174,9 +174,20 @@ static INLINE void showPeer(SSL* ssl)
|
||||
if (peer) {
|
||||
char* issuer = X509_NAME_oneline(X509_get_issuer_name(peer), 0, 0);
|
||||
char* subject = X509_NAME_oneline(X509_get_subject_name(peer), 0, 0);
|
||||
byte serial[SERIAL_SZ];
|
||||
int ret;
|
||||
|
||||
printf("peer's cert info:\n issuer : %s\n subject: %s\n", issuer,
|
||||
subject);
|
||||
ret = CyaSSL_X509_get_serial_number(peer, serial);
|
||||
if (ret == 0) {
|
||||
int i;
|
||||
printf(" serial number");
|
||||
for (i = 0; i < sizeof(serial); i++)
|
||||
printf(":%02x", serial[i]);
|
||||
printf("\n");
|
||||
}
|
||||
|
||||
XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
|
||||
XFREE(issuer, 0, DYNAMIC_TYPE_OPENSSL);
|
||||
}
|
||||
|
@ -385,6 +385,7 @@ enum {
|
||||
OCSP_BASICRESP = 16,
|
||||
|
||||
ASN1_GENERALIZEDTIME = 4,
|
||||
SERIAL_SZ = 8,
|
||||
|
||||
SSL_OP_MICROSOFT_SESS_ID_BUG = 1,
|
||||
SSL_OP_NETSCAPE_CHALLENGE_BUG = 2,
|
||||
@ -622,6 +623,7 @@ unsigned char* CyaSSL_get_chain_cert(X509_CHAIN*, int idx); /* index cert */
|
||||
int CyaSSL_get_chain_cert_pem(X509_CHAIN*, int idx, unsigned char* buffer,
|
||||
int inLen, int* outLen); /* get index cert in PEM */
|
||||
const unsigned char* CyaSSL_get_sessionID(const SSL_SESSION* session);
|
||||
int CyaSSL_X509_get_serial_number(X509*, unsigned char*);
|
||||
|
||||
#ifndef _WIN32
|
||||
#ifndef NO_WRITEV
|
||||
|
@ -1446,6 +1446,7 @@ static int DoCertificate(SSL* ssl, byte* input, word32* inOutIdx)
|
||||
XSTRNCPY(ssl->peerCert.issuer.name, dCert.issuer, ASN_NAME_MAX);
|
||||
ssl->peerCert.subject.sz = (int)XSTRLEN(dCert.subject) + 1;
|
||||
XSTRNCPY(ssl->peerCert.subject.name, dCert.subject, ASN_NAME_MAX);
|
||||
XMEMCPY(ssl->peerCert.serial, dCert.serial, SERIAL_SIZE);
|
||||
#endif
|
||||
|
||||
XMEMCPY(domain, dCert.subjectCN, dCert.subjectCNLen);
|
||||
|
12
src/ssl.c
12
src/ssl.c
@ -3404,6 +3404,18 @@ int CyaSSL_set_compression(SSL* ssl)
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* write X509 serial number in unsigned binary to buffer
|
||||
buffer needs to be at least SERIAL_SIZE
|
||||
return 0 on success */
|
||||
int CyaSSL_X509_get_serial_number(X509* x509, byte* buffer)
|
||||
{
|
||||
if (x509 == NULL || buffer == NULL)
|
||||
return -1;
|
||||
|
||||
XMEMCPY(buffer, x509->serial, SERIAL_SIZE);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user