Overview
Comment: | Added Subject Key Identifier (SKI) to X509 status |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | status_x509 |
Files: | files | file ages | folders |
SHA3-256: |
3a3000bc1ed059860a10abc2b6537c3d |
User & Date: | bohagan on 2023-06-20 03:42:27 |
Other Links: | branch diff | manifest | tags |
Context
2023-06-21
| ||
23:37 | Added Subject Alternate Name (SAN) to X509 status. Source: https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11 check-in: a5843e5983 user: bohagan tags: status_x509 | |
2023-06-20
| ||
03:42 | Added Subject Key Identifier (SKI) to X509 status check-in: 3a3000bc1e user: bohagan tags: status_x509 | |
2023-06-18
| ||
21:47 | Added post handshake cert request option check-in: fec0e414e9 user: bohagan tags: status_x509 | |
Changes
Modified generic/tlsX509.c
from [22c3621c28]
to [1151fc789c].
︙ | ︙ | |||
105 106 107 108 109 110 111 | char certStr[CERT_STR_SIZE], *certStr_p; int certStr_len, toRead; char sha1_hash_ascii[SHA_DIGEST_LENGTH * 2 + 1]; unsigned char sha1_hash_binary[SHA_DIGEST_LENGTH]; char sha256_hash_ascii[SHA256_DIGEST_LENGTH * 2 + 1]; unsigned char sha256_hash_binary[SHA256_DIGEST_LENGTH]; const char *shachars="0123456789ABCDEF"; | | > | 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 | char certStr[CERT_STR_SIZE], *certStr_p; int certStr_len, toRead; char sha1_hash_ascii[SHA_DIGEST_LENGTH * 2 + 1]; unsigned char sha1_hash_binary[SHA_DIGEST_LENGTH]; char sha256_hash_ascii[SHA256_DIGEST_LENGTH * 2 + 1]; unsigned char sha256_hash_binary[SHA256_DIGEST_LENGTH]; const char *shachars="0123456789ABCDEF"; int nid, pknid, bits, num_of_exts, len; uint32_t xflags; unsigned char *bstring; sha1_hash_ascii[SHA_DIGEST_LENGTH * 2] = '\0'; sha256_hash_ascii[SHA256_DIGEST_LENGTH * 2] = '\0'; certStr[0] = 0; if ((bio = BIO_new(BIO_s_mem())) == NULL) { subject[0] = 0; |
︙ | ︙ | |||
194 195 196 197 198 199 200 201 202 203 204 205 206 207 | } /* Check if cert was issued by CA cert issuer or self signed */ Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("self_signed", -1)); Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewBooleanObj(X509_check_issued(cert, cert) == X509_V_OK)); } /* SHA1 - DER representation*/ X509_digest(cert, EVP_sha1(), sha1_hash_binary, NULL); for (int n = 0; n < SHA_DIGEST_LENGTH; n++) { sha1_hash_ascii[n*2] = shachars[(sha1_hash_binary[n] & 0xF0) >> 4]; sha1_hash_ascii[n*2+1] = shachars[(sha1_hash_binary[n] & 0x0F)]; } Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("sha1_hash", -1)); | > > > > > | 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 | } /* Check if cert was issued by CA cert issuer or self signed */ Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("self_signed", -1)); Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewBooleanObj(X509_check_issued(cert, cert) == X509_V_OK)); } /* Subject Key Identifier */ Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("subjectKeyIdentifier", -1)); bstring = X509_keyid_get0(cert, &len); Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj(bstring, len)); /* SHA1 - DER representation*/ X509_digest(cert, EVP_sha1(), sha1_hash_binary, NULL); for (int n = 0; n < SHA_DIGEST_LENGTH; n++) { sha1_hash_ascii[n*2] = shachars[(sha1_hash_binary[n] & 0xF0) >> 4]; sha1_hash_ascii[n*2+1] = shachars[(sha1_hash_binary[n] & 0x0F)]; } Tcl_ListObjAppendElement(interp, certPtr, Tcl_NewStringObj("sha1_hash", -1)); |
︙ | ︙ |