arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-04-19 23:22:16 +03:00
Code

Add function to match certificate fingerprint

Browse Source
This commit is contained in:
Ivan Grokhotkov 2015-09-14 10:24:51 +03:00
parent ad9780684a
commit a069bc0eb6
2 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ssl/ssl.h
View File

@ -371,6 +371,15 @@ EXP_FUNC void STDCALL ssl_display_error(int error_code);
*/
EXP_FUNC int STDCALL ssl_verify_cert(const SSL *ssl);
/**
* @brief Check if certificate fingerprint (SHA1) matches the one given.
*
* @param ssl [in] An SSL object reference.
* @param fp [in] SHA1 fingerprint to match against
* @return SSL_OK if the certificate is verified.
*/
EXP_FUNC int STDCALL ssl_match_fingerprint(const SSL *ssl, const uint8_t* fp);
/**
* @brief Retrieve an X.509 distinguished name component.
*

9
ssl/tls1.c
View File

@ -1887,6 +1887,15 @@ error:
return ret;
}
EXP_FUNC int STDCALL ssl_match_fingerprint(const SSL *ssl, const uint8_t* fp)
{
uint8_t cert_fp[SHA1_SIZE];
X509_CTX* x509 = ssl->x509_ctx;
bi_export(x509->rsa_ctx->bi_ctx, x509->fingerprint, cert_fp, SHA1_SIZE);
return memcmp(cert_fp, fp, SHA1_SIZE);
}
#endif /* CONFIG_SSL_CERT_VERIFICATION */
/**