diff options
author | Paul Querna <pquerna@apache.org> | 2010-09-10 10:27:17 +0400 |
---|---|---|
committer | Ryan Dahl <ry@tinyclouds.org> | 2010-09-11 00:31:46 +0400 |
commit | 92fb664bfce0a8b65e7303de19b88cf9b02a9fba (patch) | |
tree | 2681fd75269657206ecbdb1bb33be8a487fbf779 | |
parent | 7704fb971152f13f80e6543fb61a57c04112d41c (diff) |
Expose fingerproint from getPeerCertificate
Expose the SHA1 digest of the certificate as the fingerprint attribute in
the object returned by getPeerCertificate()
-rw-r--r-- | src/node_crypto.cc | 24 | ||||
-rw-r--r-- | test/simple/test-http-tls.js | 6 | ||||
-rw-r--r-- | test/simple/test-net-tls.js | 6 |
3 files changed, 32 insertions, 4 deletions
diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 2fa9ddb52df..ab3e4b87688 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -25,6 +25,7 @@ static Persistent<String> subject_symbol; static Persistent<String> issuer_symbol; static Persistent<String> valid_from_symbol; static Persistent<String> valid_to_symbol; +static Persistent<String> fingerprint_symbol; static Persistent<String> name_symbol; static Persistent<String> version_symbol; @@ -540,6 +541,28 @@ Handle<Value> SecureStream::GetPeerCertificate(const Arguments& args) { BIO_free(bio); info->Set(valid_to_symbol, String::New(buf)); + unsigned int md_size, i; + unsigned char md[EVP_MAX_MD_SIZE]; + if (X509_digest(peer_cert, EVP_sha1(), md, &md_size)) { + const char hex[] = "0123456789ABCDEF"; + char fingerprint[EVP_MAX_MD_SIZE * 3]; + + for (i=0; i<md_size; i++) { + fingerprint[3*i] = hex[(md[i] & 0xf0) >> 4]; + fingerprint[(3*i)+1] = hex[(md[i] & 0x0f)]; + fingerprint[(3*i)+2] = ':'; + } + + if (md_size > 0) { + fingerprint[(3*(md_size-1))+2] = '\0'; + } + else { + fingerprint[0] = '\0'; + } + + info->Set(fingerprint_symbol, String::New(fingerprint)); + } + X509_free(peer_cert); } return scope.Close(info); @@ -2296,6 +2319,7 @@ void InitCrypto(Handle<Object> target) { issuer_symbol = NODE_PSYMBOL("issuer"); valid_from_symbol = NODE_PSYMBOL("valid_from"); valid_to_symbol = NODE_PSYMBOL("valid_to"); + fingerprint_symbol = NODE_PSYMBOL("fingerprint"); name_symbol = NODE_PSYMBOL("name"); version_symbol = NODE_PSYMBOL("version"); } diff --git a/test/simple/test-http-tls.js b/test/simple/test-http-tls.js index 373e4dde0e8..9f03d33fa6b 100644 --- a/test/simple/test-http-tls.js +++ b/test/simple/test-http-tls.js @@ -41,7 +41,8 @@ var https_server = http.createServer(function (req, res) { + '"issuer":"/C=UK/ST=Acknack Ltd/L=Rhys Jones/O=node.js' + '/OU=Test TLS Certificate/CN=localhost","valid_from":' + '"Nov 11 09:52:22 2009 GMT","valid_to":' - + '"Nov 6 09:52:22 2029 GMT"}'); + + '"Nov 6 09:52:22 2029 GMT",' + + '"fingerprint":"2A:7A:C2:DD:E5:F9:CC:53:72:35:99:7A:02:5A:71:38:52:EC:8A:DF"}'); if (req.id == 0) { assert.equal("GET", req.method); @@ -92,7 +93,8 @@ https_server.addListener("listening", function() { + '"issuer":"/C=UK/ST=Acknack Ltd/L=Rhys Jones/O=node.js' + '/OU=Test TLS Certificate/CN=localhost","valid_from":' + '"Nov 11 09:52:22 2009 GMT","valid_to":' - + '"Nov 6 09:52:22 2029 GMT"}'); + + '"Nov 6 09:52:22 2029 GMT",' + + '"fingerprint":"2A:7A:C2:DD:E5:F9:CC:53:72:35:99:7A:02:5A:71:38:52:EC:8A:DF"}'); c.write( "GET /hello?hello=world&foo=b==ar HTTP/1.1\r\n\r\n" ); requests_sent += 1; }); diff --git a/test/simple/test-net-tls.js b/test/simple/test-net-tls.js index 4054b052ddc..5d56bea1734 100644 --- a/test/simple/test-net-tls.js +++ b/test/simple/test-net-tls.js @@ -41,7 +41,8 @@ var secureServer = net.createServer(function (connection) { + '"issuer":"/C=UK/ST=Acknack Ltd/L=Rhys Jones/O=node.js' + '/OU=Test TLS Certificate/CN=localhost","valid_from":' + '"Nov 11 09:52:22 2009 GMT","valid_to":' - + '"Nov 6 09:52:22 2029 GMT"}'); + + '"Nov 6 09:52:22 2029 GMT",' + + '"fingerprint":"2A:7A:C2:DD:E5:F9:CC:53:72:35:99:7A:02:5A:71:38:52:EC:8A:DF"}'); }); @@ -76,7 +77,8 @@ secureServer.addListener("listening", function() { + '"issuer":"/C=UK/ST=Acknack Ltd/L=Rhys Jones/O=node.js' + '/OU=Test TLS Certificate/CN=localhost","valid_from":' + '"Nov 11 09:52:22 2009 GMT","valid_to":' - + '"Nov 6 09:52:22 2029 GMT"}'); + + '"Nov 6 09:52:22 2029 GMT",' + + '"fingerprint":"2A:7A:C2:DD:E5:F9:CC:53:72:35:99:7A:02:5A:71:38:52:EC:8A:DF"}'); secureClient.write(testData); secureClient.end(); |