From 12afd4777c5ef3003b08acb34e9090a09703cf60 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Mon, 5 Nov 2007 18:15:54 +0000 Subject: r16413@catbus: nickm | 2007-11-05 13:14:18 -0500 Add functions to encode certificates svn:r12384 --- src/common/tortls.c | 22 +++++++++++++++++++++- src/common/tortls.h | 2 ++ 2 files changed, 23 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/common/tortls.c b/src/common/tortls.c index 512847f1d..6c04a362a 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -718,7 +718,7 @@ tor_tls_get_cert_digests(tor_tls_t *tls, { X509 *cert; unsigned int len; - tor_assert(tls->context); + tor_assert(tls && tls->context); cert = tls->context->my_cert; if (cert) { X509_digest(cert, EVP_sha1(), (unsigned char*)my_digest_out, &len); @@ -734,6 +734,26 @@ tor_tls_get_cert_digests(tor_tls_t *tls, return 0; } +/** DOCDOC */ +char * +tor_tls_encode_my_certificate(tor_tls_t *tls, size_t *size_out, + int conn_cert) +{ + unsigned char *result, *cp; + int certlen; + X509 *cert; + tor_assert(tls && tls->context); + cert = conn_cert ? tls->context->my_cert : tls->context->my_id_cert; + tor_assert(cert); + certlen = i2d_X509(cert, NULL); + tor_assert(certlen >= 0); + cp = result = tor_malloc(certlen); + i2d_X509(cert, &cp); + tor_assert(cp-result == certlen); + *size_out = (size_t)certlen; + return (char*) result; +} + /** Warn that a certificate lifetime extends through a certain range. */ static void log_cert_lifetime(X509 *cert, const char *problem) diff --git a/src/common/tortls.h b/src/common/tortls.h index cbda57880..639502e37 100644 --- a/src/common/tortls.h +++ b/src/common/tortls.h @@ -55,6 +55,8 @@ void tor_tls_free(tor_tls_t *tls); int tor_tls_peer_has_cert(tor_tls_t *tls); int tor_tls_get_cert_digests(tor_tls_t *tls, char *my_digest_out, char *peer_digest_out); +char *tor_tls_encode_my_certificate(tor_tls_t *tls, size_t *size_out, + int conn_cert); int tor_tls_verify_v1(int severity, tor_tls_t *tls, crypto_pk_env_t **identity); int tor_tls_check_lifetime(tor_tls_t *tls, int tolerance); -- cgit v1.2.3