From dfdc6e7bd63d587a24aac52be7a04448588e75eb Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Sun, 1 Oct 2017 12:12:25 +0200 Subject: certtool: allow using --fingerprint with sha384 or sha512 Resolves #295 Signed-off-by: Nikos Mavrogiannopoulos --- src/certtool.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/certtool.c b/src/certtool.c index 55f5184e48..68d23f4410 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -53,6 +53,8 @@ #include "certtool-args.h" #include "certtool-common.h" +#define MAX_HASH_SIZE 64 + static FILE *stdlog = NULL; static void print_crl_info(gnutls_x509_crl_t crl, FILE * out); @@ -3848,8 +3850,8 @@ static void pubkey_keyid(common_info_st * cinfo) { gnutls_pubkey_t pubkey; - uint8_t fpr[64]; - char txt[256]; + uint8_t fpr[MAX_HASH_SIZE]; + char txt[MAX_HASH_SIZE*2+1]; int ret; size_t size, fpr_size; gnutls_datum_t tmp; @@ -3866,7 +3868,7 @@ void pubkey_keyid(common_info_st * cinfo) else if (cinfo->hash == GNUTLS_DIG_SHA256) flags = GNUTLS_KEYID_USE_SHA256; else { - fprintf(stderr, "Cannot calculate key ID with the provided hash\n"); + fprintf(stderr, "Cannot calculate key ID with the provided hash (use sha1, or sha256)\n"); app_exit(1); } @@ -3906,8 +3908,8 @@ void certificate_fpr(common_info_st * cinfo) int ret = 0; gnutls_datum_t pem, tmp; unsigned int crt_num; - uint8_t fpr[32]; - char txt[128]; + uint8_t fpr[MAX_HASH_SIZE]; + char txt[MAX_HASH_SIZE*2+1]; size_t fpr_size; crt = load_cert(0, cinfo); -- cgit v1.2.1