add CyaSSL_X509_get_der(cert) with EXTRA
This commit is contained in:
parent
b32bc2ce9f
commit
bb53240fdf
@ -199,7 +199,7 @@ AC_ARG_ENABLE(bump,
|
||||
|
||||
if test "$ENABLED_BUMP" = "yes"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS -DLARGE_STATIC_BUFFERS -DCYASSL_CERT_GEN -DCYASSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192"
|
||||
AM_CFLAGS="$AM_CFLAGS -DLARGE_STATIC_BUFFERS -DCYASSL_CERT_GEN -DCYASSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192"
|
||||
fi
|
||||
|
||||
# fastmath
|
||||
|
@ -967,6 +967,7 @@ struct CYASSL_X509 {
|
||||
int serialSz;
|
||||
byte serial[EXTERNAL_SERIAL_SIZE];
|
||||
char subjectCN[ASN_NAME_MAX]; /* common name short cut */
|
||||
buffer derCert; /* may need */
|
||||
};
|
||||
|
||||
|
||||
|
@ -669,6 +669,7 @@ CYASSL_API int CyaSSL_get_chain_cert_pem(CYASSL_X509_CHAIN*, int idx,
|
||||
CYASSL_API const unsigned char* CyaSSL_get_sessionID(const CYASSL_SESSION* s);
|
||||
CYASSL_API int CyaSSL_X509_get_serial_number(CYASSL_X509*,unsigned char*,int*);
|
||||
CYASSL_API char* CyaSSL_X509_get_subjectCN(CYASSL_X509*);
|
||||
CYASSL_API const unsigned char* CyaSSL_X509_get_der(CYASSL_X509*, int*);
|
||||
|
||||
/* connect enough to get peer cert */
|
||||
CYASSL_API int CyaSSL_connect_cert(CYASSL* ssl);
|
||||
|
@ -690,6 +690,10 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
|
||||
ssl->buffers.prevSent = 0;
|
||||
ssl->buffers.plainSz = 0;
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
ssl->peerCert.derCert.buffer = 0;
|
||||
#endif
|
||||
|
||||
ssl->rfd = -1; /* set to invalid descriptor */
|
||||
ssl->wfd = -1;
|
||||
ssl->biord = 0;
|
||||
@ -876,6 +880,7 @@ void SSL_ResourceFree(CYASSL* ssl)
|
||||
if (ssl->buffers.outputBuffer.dynamicFlag)
|
||||
ShrinkOutputBuffer(ssl);
|
||||
#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS)
|
||||
XFREE(ssl->peerCert.derCert.buffer, ssl->heap, DYNAMIC_TYPE_CERT);
|
||||
CyaSSL_BIO_free(ssl->biord);
|
||||
if (ssl->biord != ssl->biowr) /* in case same as write */
|
||||
CyaSSL_BIO_free(ssl->biowr);
|
||||
@ -1604,6 +1609,14 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx)
|
||||
}
|
||||
else
|
||||
ssl->peerCert.subjectCN[0] = '\0';
|
||||
|
||||
/* store cert for potential retrieval */
|
||||
ssl->peerCert.derCert.buffer = (byte*)XMALLOC(myCert.length, ssl->heap,
|
||||
DYNAMIC_TYPE_CERT);
|
||||
if (ssl->peerCert.derCert.buffer == NULL)
|
||||
return MEMORY_E;
|
||||
XMEMCPY(ssl->peerCert.derCert.buffer, myCert.buffer, myCert.length);
|
||||
ssl->peerCert.derCert.length = myCert.length;
|
||||
#endif
|
||||
|
||||
/* store for callback use */
|
||||
|
44
src/ssl.c
44
src/ssl.c
@ -382,6 +382,22 @@ int CyaSSL_CTX_set_group_messages(CYASSL_CTX* ctx)
|
||||
}
|
||||
|
||||
|
||||
/* connect enough to get peer cert chain */
|
||||
int CyaSSL_connect_cert(CYASSL* ssl)
|
||||
{
|
||||
int ret;
|
||||
|
||||
if (ssl == NULL)
|
||||
return SSL_FAILURE;
|
||||
|
||||
ssl->options.certOnly = 1;
|
||||
ret = CyaSSL_connect(ssl);
|
||||
ssl->options.certOnly = 0;
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
/* trun on handshake group messages for ssl object */
|
||||
int CyaSSL_set_group_messages(CYASSL* ssl)
|
||||
{
|
||||
@ -4495,6 +4511,19 @@ int CyaSSL_set_compression(CYASSL* ssl)
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
const byte* CyaSSL_X509_get_der(CYASSL_X509* x509, int* outSz)
|
||||
{
|
||||
CYASSL_ENTER("CyaSSL_X509_get_der");
|
||||
|
||||
if (x509 == NULL || outSz == NULL)
|
||||
return NULL;
|
||||
|
||||
*outSz = (int)x509->derCert.length;
|
||||
return x509->derCert.buffer;
|
||||
}
|
||||
|
||||
|
||||
char* CyaSSL_X509_get_subjectCN(CYASSL_X509* x509)
|
||||
{
|
||||
if (x509 == NULL)
|
||||
@ -4603,20 +4632,5 @@ const byte* CyaSSL_get_sessionID(const CYASSL_SESSION* session)
|
||||
}
|
||||
|
||||
|
||||
/* connect enough to get peer cert chain */
|
||||
int CyaSSL_connect_cert(CYASSL* ssl)
|
||||
{
|
||||
int ret;
|
||||
|
||||
if (ssl == NULL)
|
||||
return SSL_FAILURE;
|
||||
|
||||
ssl->options.certOnly = 1;
|
||||
ret = CyaSSL_connect(ssl);
|
||||
ssl->options.certOnly = 0;
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#endif /* SESSION_CERTS */
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user