add CyaSSL_X509_get_serial_number()

This commit is contained in:
Todd A Ouska 2011-03-11 15:22:16 -08:00
parent f874bf9b76
commit b9ff110b2e
7 changed files with 37 additions and 1 deletions

View File

@ -41,6 +41,8 @@ enum {
ISSUER = 0,
SUBJECT = 1,
SERIAL_SIZE = 8,
BEFORE = 0,
AFTER = 1
};
@ -171,6 +173,7 @@ typedef struct DecodedCert {
byte* source; /* byte buffer holder cert, NOT owner */
word32 srcIdx; /* current offset into buffer */
void* heap; /* for user memory overrides */
byte serial[SERIAL_SIZE]; /* raw serial number */
#ifdef CYASSL_CERT_GEN
/* easy access to sujbect info for other sign */
char* subjectSN;
@ -250,7 +253,6 @@ int DerToPem(const byte* der, word32 derSz, byte* output, word32 outputSz,
#ifdef CYASSL_CERT_GEN
enum cert_enums {
SERIAL_SIZE = 8,
NAME_SIZE = 64,
NAME_ENTRIES = 8,
JOINT_LEN = 2,

View File

@ -668,6 +668,7 @@ void InitDecodedCert(DecodedCert* cert, byte* source, void* heap)
cert->source = source; /* don't own */
cert->srcIdx = 0;
cert->heap = heap;
XMEMSET(cert->serial, 0, SERIAL_SIZE);
#ifdef CYASSL_CERT_GEN
cert->subjectSN = 0;
cert->subjectSNLen = 0;
@ -718,6 +719,12 @@ static int GetCertHeader(DecodedCert* cert, word32 inSz)
if (GetInt(&mpi, cert->source, &cert->srcIdx) < 0)
ret = ASN_PARSE_E;
len = mp_unsigned_bin_size(&mpi);
if (len > SERIAL_SIZE)
ret = MP_TO_E;
if (mp_to_unsigned_bin(&mpi, cert->serial + (SERIAL_SIZE - len)) != MP_OKAY)
ret = MP_TO_E;
mp_clear(&mpi);
return ret;
}

View File

@ -924,6 +924,7 @@ struct X509_NAME {
struct X509 {
X509_NAME issuer;
X509_NAME subject;
byte serial[SERIAL_SIZE];
};

View File

@ -174,9 +174,20 @@ static INLINE void showPeer(SSL* ssl)
if (peer) {
char* issuer = X509_NAME_oneline(X509_get_issuer_name(peer), 0, 0);
char* subject = X509_NAME_oneline(X509_get_subject_name(peer), 0, 0);
byte serial[SERIAL_SZ];
int ret;
printf("peer's cert info:\n issuer : %s\n subject: %s\n", issuer,
subject);
ret = CyaSSL_X509_get_serial_number(peer, serial);
if (ret == 0) {
int i;
printf(" serial number");
for (i = 0; i < sizeof(serial); i++)
printf(":%02x", serial[i]);
printf("\n");
}
XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
XFREE(issuer, 0, DYNAMIC_TYPE_OPENSSL);
}

View File

@ -385,6 +385,7 @@ enum {
OCSP_BASICRESP = 16,
ASN1_GENERALIZEDTIME = 4,
SERIAL_SZ = 8,
SSL_OP_MICROSOFT_SESS_ID_BUG = 1,
SSL_OP_NETSCAPE_CHALLENGE_BUG = 2,
@ -622,6 +623,7 @@ unsigned char* CyaSSL_get_chain_cert(X509_CHAIN*, int idx); /* index cert */
int CyaSSL_get_chain_cert_pem(X509_CHAIN*, int idx, unsigned char* buffer,
int inLen, int* outLen); /* get index cert in PEM */
const unsigned char* CyaSSL_get_sessionID(const SSL_SESSION* session);
int CyaSSL_X509_get_serial_number(X509*, unsigned char*);
#ifndef _WIN32
#ifndef NO_WRITEV

View File

@ -1446,6 +1446,7 @@ static int DoCertificate(SSL* ssl, byte* input, word32* inOutIdx)
XSTRNCPY(ssl->peerCert.issuer.name, dCert.issuer, ASN_NAME_MAX);
ssl->peerCert.subject.sz = (int)XSTRLEN(dCert.subject) + 1;
XSTRNCPY(ssl->peerCert.subject.name, dCert.subject, ASN_NAME_MAX);
XMEMCPY(ssl->peerCert.serial, dCert.serial, SERIAL_SIZE);
#endif
XMEMCPY(domain, dCert.subjectCN, dCert.subjectCNLen);

View File

@ -3404,6 +3404,18 @@ int CyaSSL_set_compression(SSL* ssl)
return 0;
}
/* write X509 serial number in unsigned binary to buffer
buffer needs to be at least SERIAL_SIZE
return 0 on success */
int CyaSSL_X509_get_serial_number(X509* x509, byte* buffer)
{
if (x509 == NULL || buffer == NULL)
return -1;
XMEMCPY(buffer, x509->serial, SERIAL_SIZE);
return 0;
}
#endif /* OPENSSL_EXTRA */