add CyaSSL_X509_get_der(cert) with EXTRA

This commit is contained in:
toddouska 2012-01-25 14:13:05 -08:00
parent b32bc2ce9f
commit bb53240fdf
5 changed files with 45 additions and 16 deletions

View File

@ -199,7 +199,7 @@ AC_ARG_ENABLE(bump,
if test "$ENABLED_BUMP" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS -DLARGE_STATIC_BUFFERS -DCYASSL_CERT_GEN -DCYASSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192"
AM_CFLAGS="$AM_CFLAGS -DLARGE_STATIC_BUFFERS -DCYASSL_CERT_GEN -DCYASSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192"
fi
# fastmath

View File

@ -967,6 +967,7 @@ struct CYASSL_X509 {
int serialSz;
byte serial[EXTERNAL_SERIAL_SIZE];
char subjectCN[ASN_NAME_MAX]; /* common name short cut */
buffer derCert; /* may need */
};

View File

@ -669,6 +669,7 @@ CYASSL_API int CyaSSL_get_chain_cert_pem(CYASSL_X509_CHAIN*, int idx,
CYASSL_API const unsigned char* CyaSSL_get_sessionID(const CYASSL_SESSION* s);
CYASSL_API int CyaSSL_X509_get_serial_number(CYASSL_X509*,unsigned char*,int*);
CYASSL_API char* CyaSSL_X509_get_subjectCN(CYASSL_X509*);
CYASSL_API const unsigned char* CyaSSL_X509_get_der(CYASSL_X509*, int*);
/* connect enough to get peer cert */
CYASSL_API int CyaSSL_connect_cert(CYASSL* ssl);

View File

@ -690,6 +690,10 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
ssl->buffers.prevSent = 0;
ssl->buffers.plainSz = 0;
#ifdef OPENSSL_EXTRA
ssl->peerCert.derCert.buffer = 0;
#endif
ssl->rfd = -1; /* set to invalid descriptor */
ssl->wfd = -1;
ssl->biord = 0;
@ -876,6 +880,7 @@ void SSL_ResourceFree(CYASSL* ssl)
if (ssl->buffers.outputBuffer.dynamicFlag)
ShrinkOutputBuffer(ssl);
#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
XFREE(ssl->peerCert.derCert.buffer, ssl->heap, DYNAMIC_TYPE_CERT);
CyaSSL_BIO_free(ssl->biord);
if (ssl->biord != ssl->biowr) /* in case same as write */
CyaSSL_BIO_free(ssl->biowr);
@ -1604,6 +1609,14 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx)
}
else
ssl->peerCert.subjectCN[0] = '\0';
/* store cert for potential retrieval */
ssl->peerCert.derCert.buffer = (byte*)XMALLOC(myCert.length, ssl->heap,
DYNAMIC_TYPE_CERT);
if (ssl->peerCert.derCert.buffer == NULL)
return MEMORY_E;
XMEMCPY(ssl->peerCert.derCert.buffer, myCert.buffer, myCert.length);
ssl->peerCert.derCert.length = myCert.length;
#endif
/* store for callback use */

View File

@ -382,6 +382,22 @@ int CyaSSL_CTX_set_group_messages(CYASSL_CTX* ctx)
}
/* connect enough to get peer cert chain */
int CyaSSL_connect_cert(CYASSL* ssl)
{
int ret;
if (ssl == NULL)
return SSL_FAILURE;
ssl->options.certOnly = 1;
ret = CyaSSL_connect(ssl);
ssl->options.certOnly = 0;
return ret;
}
/* trun on handshake group messages for ssl object */
int CyaSSL_set_group_messages(CYASSL* ssl)
{
@ -4495,6 +4511,19 @@ int CyaSSL_set_compression(CYASSL* ssl)
return 0;
}
const byte* CyaSSL_X509_get_der(CYASSL_X509* x509, int* outSz)
{
CYASSL_ENTER("CyaSSL_X509_get_der");
if (x509 == NULL || outSz == NULL)
return NULL;
*outSz = (int)x509->derCert.length;
return x509->derCert.buffer;
}
char* CyaSSL_X509_get_subjectCN(CYASSL_X509* x509)
{
if (x509 == NULL)
@ -4603,20 +4632,5 @@ const byte* CyaSSL_get_sessionID(const CYASSL_SESSION* session)
}
/* connect enough to get peer cert chain */
int CyaSSL_connect_cert(CYASSL* ssl)
{
int ret;
if (ssl == NULL)
return SSL_FAILURE;
ssl->options.certOnly = 1;
ret = CyaSSL_connect(ssl);
ssl->options.certOnly = 0;
return ret;
}
#endif /* SESSION_CERTS */