diff options
| author | Niclas Hoyer <niclas@verbugt.de> | 2011-08-30 22:46:07 +0200 |
|---|---|---|
| committer | koichik <koichik@improvement.jp> | 2011-09-03 00:49:37 +0900 |
| commit | 7b2536a1a2b4a83d1e75855896c6a35fda227569 (patch) | |
| tree | ce0a28143e37cbed154c02a49ec2fbf60ba6be2e /src | |
| parent | cafcc7e67a46fda9006cceeec516cd289c107f04 (diff) | |
| download | node-new-7b2536a1a2b4a83d1e75855896c6a35fda227569.tar.gz | |
Added additional properties to getPeerCertificate, now includes subjectAltName, Exponent and Modulus (FOAF+SSL friendly).
Patch written by Nathan,
http://groups.google.com/group/nodejs/browse_thread/thread/1d42da4cb2e51536
Diffstat (limited to 'src')
| -rw-r--r-- | src/node_crypto.cc | 46 | ||||
| -rw-r--r-- | src/node_crypto.h | 1 |
2 files changed, 47 insertions, 0 deletions
diff --git a/src/node_crypto.cc b/src/node_crypto.cc index e790c80868..e41151fd30 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -63,6 +63,9 @@ using namespace v8; static Persistent<String> errno_symbol; static Persistent<String> syscall_symbol; static Persistent<String> subject_symbol; +static Persistent<String> subjectaltname_symbol; +static Persistent<String> modulus_symbol; +static Persistent<String> exponent_symbol; static Persistent<String> issuer_symbol; static Persistent<String> valid_from_symbol; static Persistent<String> valid_to_symbol; @@ -1087,6 +1090,46 @@ Handle<Value> Connection::GetPeerCertificate(const Arguments& args) { } (void) BIO_reset(bio); + char buf[256]; + bio = NULL; + ASN1_OBJECT *oid; + oid = OBJ_txt2obj("2.5.29.17", 1); // OID 2.5.29.17 is Subject AltName + int count = 0, j; + count = X509_get_ext_count(peer_cert); + for (j = 0; j < count; j++) { + X509_EXTENSION *ext = X509_get_ext(peer_cert, j); + if (OBJ_cmp(ext->object, oid) == 0) { + bio = BIO_new(BIO_s_mem()); + if (X509V3_EXT_print(bio, ext, 0, 0) == 1) { + memset(buf, 0, sizeof(buf)); + BIO_read(bio, buf, sizeof(buf) - 1); + info->Set(subjectaltname_symbol, String::New(buf)); + } + BIO_vfree(bio); + break; + } + } + + EVP_PKEY *pkey = NULL; + RSA *rsa = NULL; + if( NULL != (pkey = X509_get_pubkey(peer_cert)) + && NULL != (rsa = EVP_PKEY_get1_RSA(pkey)) ) { + bio = BIO_new(BIO_s_mem()); + BN_print(bio, rsa->n); + memset(buf, 0, sizeof(buf)); + BIO_read(bio, buf, sizeof(buf) - 1); + info->Set(modulus_symbol, String::New(buf) ); + BIO_free(bio); + + bio = BIO_new(BIO_s_mem()); + BN_print(bio, rsa->e); + memset(buf, 0, sizeof(buf)); + BIO_read(bio, buf, sizeof(buf) - 1); + info->Set(exponent_symbol, String::New(buf) ); + BIO_free(bio); + } + (void) BIO_reset(bio); + ASN1_TIME_print(bio, X509_get_notBefore(peer_cert)); BIO_get_mem_ptr(bio, &mem); info->Set(valid_from_symbol, String::New(mem->data, mem->length)); @@ -3922,6 +3965,9 @@ void InitCrypto(Handle<Object> target) { issuer_symbol = NODE_PSYMBOL("issuer"); valid_from_symbol = NODE_PSYMBOL("valid_from"); valid_to_symbol = NODE_PSYMBOL("valid_to"); + subjectaltname_symbol = NODE_PSYMBOL("subjectaltname"); + modulus_symbol = NODE_PSYMBOL("modulus"); + exponent_symbol = NODE_PSYMBOL("exponent"); fingerprint_symbol = NODE_PSYMBOL("fingerprint"); name_symbol = NODE_PSYMBOL("name"); version_symbol = NODE_PSYMBOL("version"); diff --git a/src/node_crypto.h b/src/node_crypto.h index ec8153e433..fb62022760 100644 --- a/src/node_crypto.h +++ b/src/node_crypto.h @@ -32,6 +32,7 @@ #include <openssl/evp.h> #include <openssl/pem.h> #include <openssl/x509.h> +#include <openssl/x509v3.h> #include <openssl/hmac.h> #ifdef OPENSSL_NPN_NEGOTIATED |