diff options
Diffstat (limited to 'src/ne_gnutls.c')
-rw-r--r-- | src/ne_gnutls.c | 45 |
1 files changed, 38 insertions, 7 deletions
diff --git a/src/ne_gnutls.c b/src/ne_gnutls.c index 12f01b2..cf9ed3c 100644 --- a/src/ne_gnutls.c +++ b/src/ne_gnutls.c @@ -1463,6 +1463,41 @@ char *ne_ssl_cert_export(const ne_ssl_certificate *cert) return ret; } +static gnutls_digest_algorithm_t hash_to_alg(unsigned int flags) +{ + switch (flags & NE_HASH_ALGMASK) { + case NE_HASH_MD5: return GNUTLS_DIG_MD5; break; + case NE_HASH_SHA256: return GNUTLS_DIG_SHA256; break; + case NE_HASH_SHA512: return GNUTLS_DIG_SHA512; break; + default: break; + } + return GNUTLS_DIG_UNKNOWN; +} + +char *ne_ssl_cert_hdigest(const ne_ssl_certificate *cert, unsigned int flags) +{ + gnutls_digest_algorithm_t alg = hash_to_alg(flags); + unsigned char *dig; + size_t len; + char *rv; + + if (alg == GNUTLS_DIG_UNKNOWN) return NULL; + + if (gnutls_x509_crt_get_fingerprint(cert->subject, alg, NULL, &len) != GNUTLS_E_SHORT_MEMORY_BUFFER) { + return NULL; + } + + dig = ne_malloc(len); + if (gnutls_x509_crt_get_fingerprint(cert->subject, alg, dig, &len) < 0) { + ne_free(dig); + return NULL; + } + + rv = ne__strhash2hex(dig, len, flags); + ne_free(dig); + return rv; +} + int ne_ssl_cert_digest(const ne_ssl_certificate *cert, char *digest) { char sha1[20], *p; @@ -1509,19 +1544,15 @@ void ne__ssl_exit(void) char *ne_vstrhash(unsigned int flags, va_list ap) { - gnutls_digest_algorithm_t alg; + gnutls_digest_algorithm_t alg = hash_to_alg(flags); gnutls_hash_hd_t hd; unsigned char *out; const char *arg; unsigned len; char *rv; - switch (flags & NE_HASH_ALGMASK) { - case NE_HASH_MD5: alg = GNUTLS_DIG_MD5; break; - case NE_HASH_SHA256: alg = GNUTLS_DIG_SHA256; break; - case NE_HASH_SHA512: alg = GNUTLS_DIG_SHA512; break; - default: return NULL; - } + if (alg == GNUTLS_DIG_UNKNOWN) + return NULL; if (gnutls_hash_init(&hd, alg) < 0) return NULL; |