diff options
Diffstat (limited to 'libpurple/plugins/ssl/ssl-gnutls.c')
| -rw-r--r-- | libpurple/plugins/ssl/ssl-gnutls.c | 84 |
1 files changed, 82 insertions, 2 deletions
diff --git a/libpurple/plugins/ssl/ssl-gnutls.c b/libpurple/plugins/ssl/ssl-gnutls.c index 00b691ba81..19393fa2f6 100644 --- a/libpurple/plugins/ssl/ssl-gnutls.c +++ b/libpurple/plugins/ssl/ssl-gnutls.c @@ -1142,6 +1142,86 @@ x509_times (PurpleCertificate *crt, time_t *activation, time_t *expiration) return success; } +static GByteArray * +x509_get_der_data(PurpleCertificate *crt) +{ + gnutls_x509_crt crt_dat; + GByteArray *data; + size_t len; + int ret; + + crt_dat = X509_GET_GNUTLS_DATA(crt); + g_return_val_if_fail(crt_dat, NULL); + + /* Obtain the output size required */ + len = 0; + ret = gnutls_x509_crt_export(crt_dat, GNUTLS_X509_FMT_DER, NULL, &len); + g_return_val_if_fail(ret == GNUTLS_E_SHORT_MEMORY_BUFFER, NULL); + + /* Now allocate a buffer and *really* export it */ + data = g_byte_array_sized_new(len); + data->len = len; + ret = gnutls_x509_crt_export(crt_dat, GNUTLS_X509_FMT_DER, data->data, &len); + if (ret != 0) { + purple_debug_error("gnutls/x509", + "Failed to export cert to buffer with code %d\n", + ret); + g_byte_array_free(data, TRUE); + return NULL; + } + + return data; +} + +static gchar * +x509_display_string(PurpleCertificate *crt) +{ + gchar *sha_asc; + GByteArray *sha_bin; + gchar *cn; + time_t activation, expiration; + gchar *activ_str, *expir_str; + gchar *text; + + /* Pull out the SHA1 checksum */ + sha_bin = x509_sha1sum(crt); + sha_asc = purple_base16_encode_chunked(sha_bin->data, sha_bin->len); + + /* Get the cert Common Name */ + /* TODO: Will break on CA certs */ + cn = x509_common_name(crt); + + /* Get the certificate times */ + /* TODO: Check the times against localtime */ + /* TODO: errorcheck? */ + if (!x509_times(crt, &activation, &expiration)) { + purple_debug_error("certificate", + "Failed to get certificate times!\n"); + activation = expiration = 0; + } + activ_str = g_strdup(ctime(&activation)); + expir_str = g_strdup(ctime(&expiration)); + + /* Make messages */ + text = g_strdup_printf(_("Common name: %s\n\n" + "Fingerprint (SHA1): %s\n\n" + "Activation date: %s\n" + "Expiration date: %s\n"), + cn ? cn : "(null)", + sha_asc ? sha_asc : "(null)", + activ_str ? activ_str : "(null)", + expir_str ? expir_str : "(null)"); + + /* Cleanup */ + g_free(cn); + g_free(sha_asc); + g_free(activ_str); + g_free(expir_str); + g_byte_array_free(sha_bin, TRUE); + + return text; +} + /* X.509 certificate operations provided by this plugin */ static PurpleCertificateScheme x509_gnutls = { "x509", /* Scheme name */ @@ -1158,9 +1238,9 @@ static PurpleCertificateScheme x509_gnutls = { x509_check_name, /* Check subject name */ x509_times, /* Activation/Expiration time */ x509_importcerts_from_file, /* Multiple certificates import function */ + x509_get_der_data, /* Binary DER data */ + x509_display_string, /* Display representation */ - NULL, - NULL, NULL }; |