TclTLS: Diff

Differences From Artifact [6adf085ff1]:

File generic/tlsX509.c — part of check-in [b921cb3e6e] at 2024-02-20 14:58:09 on branch nijtmans — Move all *.c and *.h files to the /generic/ directory. Update win/makefile.vc from [https://chiselapp.com/user/bohagan/repository/TCLTLS/index] (user: jan.nijtmans, size: 5638) [annotate] [blame] [check-ins using]
File tlsX509.c — part of check-in [9345b54eaa] at 2024-02-16 13:53:02 on branch tls-1.7 — Remove all end-of-line spacing (user: jan.nijtmans, size: 5638) [annotate] [blame] [check-ins using]

To Artifact [54cb39143a]:

File generic/tlsX509.c — part of check-in [6e95e7672d] at 2024-02-23 22:57:27 on branch nijtmans — Use LAPPEND_STR() and friends (user: jan.nijtmans, size: 4660) [annotate] [blame] [check-ins using]

1 2 3 4 5 6 7 8 9 10 11 12	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16	+ + + +	/* * Copyright (C) 1997-2000 Sensus Consulting Ltd. * Matt Newman <[email protected]> * Copyright (C) 2023 Brian O'Hagan / #include "tlsInt.h" / Define maximum certificate size. Max PEM size 100kB and DER size is 24kB. / #define CERT_STR_SIZE 32768 / * Ensure these are not macros - known to be defined on Win32 */ #ifdef min #undef min #endif
︙
31 32 33 34 35 36 37 ~~38 39~~ 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 ~~87 88~~ 89 ~~90 91 92~~ 93 94 95 96 97 98 99 100 101	35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103	- - + + - + - + - + - + - - - - - + + + - +	static char * ASN1_UTCTIME_tostr(ASN1_UTCTIME tm) { static char bp[128]; char v; int gmt=0; static char mon[12]={ ~~"Jan","Feb","Mar","Apr","May","Jun", "Jul","Aug","Sep","Oct","Nov","Dec"};~~ "Jan","Feb","Mar","Apr","May","Jun", "Jul","Aug","Sep","Oct","Nov","Dec"}; int i; int y=0,M=0,d=0,h=0,m=0,s=0; i=tm->length; v=(char )tm->data; if (i < 10) goto err; if (v[i-1] == 'Z') gmt=1; for (i=0; i<10; i++) ~~if ((v[i] > '9') \|\| (v[i] < '0')) goto err;~~ if ((v[i] > '9') \|\| (v[i] < '0')) goto err; y= (v[0]-'0')10+(v[1]-'0'); if (y < 70) y+=100; M= (v[2]-'0')10+(v[3]-'0'); if ((M > 12) \|\| (M < 1)) goto err; d= (v[4]-'0')10+(v[5]-'0'); h= (v[6]-'0')10+(v[7]-'0'); m= (v[8]-'0')10+(v[9]-'0'); if ( (v[10] >= '0') && (v[10] <= '9') && (v[11] >= '0') && (v[11] <= '9')) ~~s= (v[10]-'0')10+(v[11]-'0');~~ s= (v[10]-'0')10+(v[11]-'0'); sprintf(bp,"%s %2d %02d:%02d:%02d %d%s", ~~mon[M-1],d,h,m,s,y+1900,(gmt)?" GMT":"");~~ mon[M-1],d,h,m,s,y+1900,(gmt)?" GMT":""); return bp; err: return "Bad time value"; } / ------------------------------------------------------ * * Tls_NewX509Obj -- * * ------------------------------------------------* * Converts a X509 certificate into a Tcl_Obj * ------------------------------------------------* * * Sideeffects: * Side effects: * None * * Result: * A Tcl List Object representing the provided * X509 certificate. * ------------------------------------------------------ / ~~#define CERT_STR_SIZE 16384~~ Tcl_Obj ~~Tls_NewX509Obj( ~~interp, cert)~~ Tcl_Interp interp; X509 cert;~~ Tls_NewX509Obj( Tcl_Interp interp, X509 cert) { ~~Tcl_Obj certPtr = Tcl_NewListObj( 0, NULL);~~ Tcl_Obj certPtr = Tcl_NewListObj(0, NULL); BIO *bio; int n; unsigned long flags; char subject[BUFSIZ]; char issuer[BUFSIZ]; char serial[BUFSIZ]; char notBefore[BUFSIZ];
︙
134 135 136 137 138 139 140 ~~141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160~~ 161 162 163 164 165 166 167 168 169 170 ~~171 172~~ 173 ~~174 175~~ 176 177 ~~178~~ ~~179 180 181~~ 182 ~~183~~ ~~184 185 186~~ 187 ~~188~~ ~~189 190 191~~ 192 ~~193~~ ~~194 195 196~~ 197 ~~198~~ ~~199 200 201~~ 202 ~~203~~ ~~204 205 206~~ 207 208 209	136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192	- - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + - - + + - - + - + - - - - + - - - - + - - - - + - - - - + - - - - + - - -	i2a_ASN1_INTEGER(bio, X509_get_serialNumber(cert)); n = BIO_read(bio, serial, min(BIO_pending(bio), BUFSIZ - 1)); n = max(n, 0); serial[n] = 0; (void)BIO_flush(bio); if (PEM_write_bio_X509(bio, cert)) { certStr_p = certStr; certStr_len = 0; while (1) { toRead = min(BIO_pending(bio), CERT_STR_SIZE - certStr_len - 1); toRead = min(toRead, BUFSIZ); if (toRead == 0) { break; } dprintf("Reading %i bytes from the certificate...", toRead); n = BIO_read(bio, certStr_p, toRead); if (n <= 0) { break; } certStr_len += n; certStr_p += n; } certStr_p = '\0'; (void)BIO_flush(bio); } if (PEM_write_bio_X509(bio, cert)) { certStr_p = certStr; certStr_len = 0; while (1) { toRead = min(BIO_pending(bio), CERT_STR_SIZE - certStr_len - 1); toRead = min(toRead, BUFSIZ); if (toRead == 0) { break; } dprintf("Reading %i bytes from the certificate...", toRead); n = BIO_read(bio, certStr_p, toRead); if (n <= 0) { break; } certStr_len += n; certStr_p += n; } certStr_p = '\0'; (void)BIO_flush(bio); } BIO_free(bio); } strcpy( notBefore, ASN1_UTCTIME_tostr( X509_get_notBefore(cert) )); strcpy( notAfter, ASN1_UTCTIME_tostr( X509_get_notAfter(cert) )); #ifndef NO_SSL_SHA X509_digest(cert, EVP_sha1(), sha_hash_binary, NULL); for (shai = 0; shai < SHA_DIGEST_LENGTH; shai++) { ~~sha_hash_ascii[shai * 2] = shachars[(sha_hash_binary[shai] & 0xF0) >> 4]; sha_hash_ascii[shai * 2 + 1] = shachars[(sha_hash_binary[shai] & 0x0F)];~~ sha_hash_ascii[shai * 2] = shachars[(sha_hash_binary[shai] & 0xF0) >> 4]; sha_hash_ascii[shai * 2 + 1] = shachars[(sha_hash_binary[shai] & 0x0F)]; } ~~Tcl_ListObjAppendElement( interp, certPtr, Tcl_NewStringObj("sha1_hash", -1) );~~ T~~cl_ListObjAppendElement(~~ interp, certPtr, ~~Tcl~~_~~NewStringObj(~~sha_hash_ascii, SHA_DIGEST_LENGTH * 2) ); LAPPEND_STR(interp, certPtr, "sha1_hash", sha_hash_ascii, SHA_DIGEST_LENGTH * 2); #endif ~~T~~cl_ListObjAppendElement(~~ interp, certPtr,~~ LAPPEND_STR(interp, certPtr, "subject", subject, -1); ~~Tcl_NewStringObj( "subject", -1) );~~ ~~Tcl_ListObjAppendElement( interp, certPtr,~~ ~~Tcl_NewStringObj( subject, -1) );~~ ~~T~~cl_ListObjAppendElement(~~ interp, certPtr,~~ LAPPEND_STR(interp, certPtr, "issuer", issuer, -1); ~~Tcl_NewStringObj( "issuer", -1) );~~ ~~Tcl_ListObjAppendElement( interp, certPtr,~~ ~~Tcl_NewStringObj( issuer, -1) );~~ ~~T~~cl_ListObjAppendElement(~~ interp, certPtr,~~ LAPPEND_STR(interp, certPtr, "notBefore", notBefore, -1); ~~Tcl_NewStringObj( "notBefore", -1) );~~ ~~Tcl_ListObjAppendElement( interp, certPtr,~~ ~~Tcl_NewStringObj( notBefore, -1) );~~ ~~T~~cl_ListObjAppendElement(~~ interp, certPtr,~~ LAPPEND_STR(interp, certPtr, "notAfter", notAfter, -1); ~~Tcl_NewStringObj( "notAfter", -1) );~~ ~~Tcl_ListObjAppendElement( interp, certPtr,~~ ~~Tcl_NewStringObj( notAfter, -1) );~~ ~~T~~cl_ListObjAppendElement(~~ interp, certPtr,~~ LAPPEND_STR(interp, certPtr, "serial", serial, -1); ~~Tcl_NewStringObj( "serial", -1) );~~ ~~Tcl_ListObjAppendElement( interp, certPtr,~~ ~~Tcl_NewStringObj( serial, -1) );~~ ~~T~~cl_ListObjAppendElement(~~ interp, certPtr,~~ LAPPEND_STR(interp, certPtr, "certificate", certStr, -1); ~~Tcl_NewStringObj( "certificate", -1) );~~ ~~Tcl_ListObjAppendElement( interp, certPtr,~~ ~~Tcl_NewStringObj( certStr, -1) );~~ return certPtr; }