mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 08:48:31 -05:00
OpenSSL: Make serial number of peer certificate available in event_cb
Add serial number to the event_cb() information for the peer certificate chain. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
ee598e431b
commit
2ff952a5dd
@ -64,6 +64,7 @@ union tls_event_data {
|
||||
size_t hash_len;
|
||||
const char *altsubject[TLS_MAX_ALT_SUBJECT];
|
||||
int num_altsubject;
|
||||
const char *serial_num;
|
||||
} peer_cert;
|
||||
|
||||
struct {
|
||||
|
@ -111,6 +111,12 @@ static int RSA_bits(const RSA *r)
|
||||
return BN_num_bits(r->n);
|
||||
}
|
||||
#endif /* CONFIG_SUITEB */
|
||||
|
||||
|
||||
static const unsigned char * ASN1_STRING_get0_data(const ASN1_STRING *x)
|
||||
{
|
||||
return ASN1_STRING_data((ASN1_STRING *) x);
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef ANDROID
|
||||
@ -1824,6 +1830,8 @@ static void openssl_tls_cert_event(struct tls_connection *conn,
|
||||
GENERAL_NAME *gen;
|
||||
void *ext;
|
||||
stack_index_t i;
|
||||
ASN1_INTEGER *ser;
|
||||
char serial_num[128];
|
||||
#ifdef CONFIG_SHA256
|
||||
u8 hash[32];
|
||||
#endif /* CONFIG_SHA256 */
|
||||
@ -1852,6 +1860,14 @@ static void openssl_tls_cert_event(struct tls_connection *conn,
|
||||
ev.peer_cert.depth = depth;
|
||||
ev.peer_cert.subject = subject;
|
||||
|
||||
ser = X509_get_serialNumber(err_cert);
|
||||
if (ser) {
|
||||
wpa_snprintf_hex_uppercase(serial_num, sizeof(serial_num),
|
||||
ASN1_STRING_get0_data(ser),
|
||||
ASN1_STRING_length(ser));
|
||||
ev.peer_cert.serial_num = serial_num;
|
||||
}
|
||||
|
||||
ext = X509_get_ext_d2i(err_cert, NID_subject_alt_name, NULL, NULL);
|
||||
for (i = 0; ext && i < sk_GENERAL_NAME_num(ext); i++) {
|
||||
char *pos;
|
||||
|
Loading…
Reference in New Issue
Block a user