D 2020-02-12T13:30:14.672 J icomment TclTLS\salready\sprovides\sa\sway\sto\saccess\sa\scertificate's\sSHA-1\sfingerprint.\sIt\swould\sbe\shelpful\sif\sthe\ssame\scould\sbe\sdone\sfor\sSHA-256,\sfor\sexample\slike\sthis:\r\n\r\n
Index:\stlsX509.c\r\n==================================================================\r\n---\stlsX509.c\r\n+++\stlsX509.c\r\n@@\s-103,14\s+103,17\s@@\r\n\s\s\s\s\schar\scertStr[CERT_STR_SIZE],\s*certStr_p;\r\n\s\s\s\s\sint\scertStr_len,\stoRead;\r\n\s#ifndef\sNO_SSL_SHA\r\n\s\s\s\s\sint\sshai;\r\n\s\s\s\s\schar\ssha_hash_ascii[SHA_DIGEST_LENGTH\s*\s2\s+\s1];\r\n+\s\s\s\schar\ssha256_hash_ascii[SHA256_DIGEST_LENGTH\s*\s2\s+\s1];\r\n\s\s\s\s\sunsigned\schar\ssha_hash_binary[SHA_DIGEST_LENGTH];\r\n+\s\s\s\sunsigned\schar\ssha256_hash_binary[SHA256_DIGEST_LENGTH];\r\n\s\s\s\s\sconst\schar\s*shachars="0123456789ABCDEF";\r\n\s\r\n\s\s\s\s\ssha_hash_ascii[SHA_DIGEST_LENGTH\s*\s2]\s=\s'\\0';\r\n+\s\s\s\ssha256_hash_ascii[SHA256_DIGEST_LENGTH\s*\s2]\s=\s'\\0';\r\n\s#endif\r\n\s\r\n\s\s\s\s\scertStr[0]\s=\s0;\r\n\s\s\s\s\sif\s((bio\s=\sBIO_new(BIO_s_mem()))\s==\sNULL)\s{\r\n\s\s\s\s\s\s\s\ssubject[0]\s=\s0;\r\n@@\s-172,10\s+175,18\s@@\r\n\s\s\s\s\s\s\s\s\ssha_hash_ascii[shai\s*\s2\s+\s1]\s=\sshachars[(sha_hash_binary[shai]\s&\s0x0F)];\r\n\s\s\s\s\s}\r\n\s\s\s\s\sTcl_ListObjAppendElement(\sinterp,\scertPtr,\sTcl_NewStringObj("sha1_hash",\s-1)\s);\r\n\s\s\s\s\sTcl_ListObjAppendElement(\sinterp,\scertPtr,\sTcl_NewStringObj(sha_hash_ascii,\sSHA_DIGEST_LENGTH\s*\s2)\s);\r\n\s\r\n+\s\s\s\sX509_digest(cert,\sEVP_sha256(),\ssha256_hash_binary,\sNULL);\r\n+\s\s\s\sfor\s(shai\s=\s0;\sshai\s<\sSHA256_DIGEST_LENGTH;\sshai++)\s{\r\n+\s\s\s\s\s\s\s\ssha256_hash_ascii[shai\s*\s2]\s\s\s\s\s=\sshachars[(sha256_hash_binary[shai]\s&\s0xF0)\s>>\s4];\r\n+\s\s\s\s\s\s\s\ssha256_hash_ascii[shai\s*\s2\s+\s1]\s=\sshachars[(sha256_hash_binary[shai]\s&\s0x0F)];\r\n+\s\s\s\s}\r\n+\s\s\s\sTcl_ListObjAppendElement(\sinterp,\scertPtr,\sTcl_NewStringObj("sha256_hash",\s-1)\s);\r\n+\s\s\s\sTcl_ListObjAppendElement(\sinterp,\scertPtr,\sTcl_NewStringObj(sha256_hash_ascii,\sSHA256_DIGEST_LENGTH\s*\s2)\s);\r\n+\r\n\s#endif\r\n\s\s\s\s\sTcl_ListObjAppendElement(\sinterp,\scertPtr,\r\n\s\s\s\s\s\s\s\s\s\s\s\sTcl_NewStringObj(\s"subject",\s-1)\s);\r\n\s\s\s\s\sTcl_ListObjAppendElement(\sinterp,\scertPtr,\r\n\s\s\s\s\s\s\s\s\s\s\s\sTcl_NewStringObj(\ssubject,\s-1)\s);J login anonymous J mimetype text/html J private_contact 55af5b17739ede24263824fc10fcbe137d8a5b07 J severity Important J status Open J title Expose\sSHA-256\sfingerprint\sof\scertificate J type Feature\sRequest K c2f2f1be542937dcfe9ba89c7f12190e5fed9f70 U anonymous Z 48e254184fdd970f56961831380637a1