arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-04-21 10:26:06 +03:00
Code

Calculate SHA-1 fingerprint when loading the certificate

Browse Source
This commit is contained in:
Ivan Grokhotkov 2015-09-14 08:51:13 +03:00
parent 6095fde37e
commit ad9780684a
2 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ssl/crypto_misc.h
View File

@ -76,6 +76,7 @@ struct _x509_ctx
uint8_t sig_type;
RSA_CTX *rsa_ctx;
bigint *digest;
bigint *fingerprint;
struct _x509_ctx *next;
};

12
ssl/x509.c
View File

@ -119,6 +119,13 @@ int x509_new(const uint8_t *cert, int *len, X509_CTX **ctx)
bi_ctx = x509_ctx->rsa_ctx->bi_ctx;
SHA1_CTX sha_fp_ctx;
uint8_t sha_fp_dgst[SHA1_SIZE];
SHA1_Init(&sha_fp_ctx);
SHA1_Update(&sha_fp_ctx, &cert[0], cert_size);
SHA1_Final(sha_fp_dgst, &sha_fp_ctx);
x509_ctx->fingerprint = bi_import(bi_ctx, sha_fp_dgst, SHA1_SIZE);
#ifdef CONFIG_SSL_CERT_VERIFICATION /* only care if doing verification */
/* use the appropriate signature algorithm (SHA1/MD5/MD2) */
if (x509_ctx->sig_type == SIG_TYPE_MD5)
@ -245,6 +252,11 @@ void x509_free(X509_CTX *x509_ctx)
bi_free(x509_ctx->rsa_ctx->bi_ctx, x509_ctx->digest);
}
if (x509_ctx->fingerprint)
{
bi_free(x509_ctx->rsa_ctx->bi_ctx, x509_ctx->fingerprint);
}
if (x509_ctx->subject_alt_dnsnames)
{
for (i = 0; x509_ctx->subject_alt_dnsnames[i]; ++i)