diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-02-22 11:06:51 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-02-23 10:24:44 +0100 |
commit | ec60a3daa051603b0be5e1ba7a8484fb5fe7f42a (patch) | |
tree | 9a5d41742d915350d00e8eee00e9c7d0903c695d | |
parent | e6badc35efdc6078ca30edb0ee5e059f8da7a305 (diff) | |
download | gnutls-ec60a3daa051603b0be5e1ba7a8484fb5fe7f42a.tar.gz |
x509/output: print the public key PIN of a certificate
That is, print the value used by the HPKP protocol as per
RFC7469.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | lib/str.c | 21 | ||||
-rw-r--r-- | lib/str.h | 2 | ||||
-rw-r--r-- | lib/x509/output.c | 4 |
3 files changed, 27 insertions, 0 deletions
@@ -27,6 +27,7 @@ #include <stdarg.h> #include <c-ctype.h> #include <intprops.h> +#include <nettle/base64.h> #include "vasprintf.h" #include "extras/hex.h" @@ -918,6 +919,26 @@ _gnutls_buffer_hexprint(gnutls_buffer_st * str, } } +int +_gnutls_buffer_base64print(gnutls_buffer_st * str, + const void *_data, size_t len) +{ + const unsigned char *data = _data; + unsigned b64len = BASE64_ENCODE_RAW_LENGTH(len); + int ret; + + ret = _gnutls_buffer_resize(str, str->length+b64len+1); + if (ret < 0) { + return gnutls_assert_val(ret); + } + + base64_encode_raw(&str->data[str->length], len, data); + str->length += b64len; + str->data[str->length] = 0; + + return 0; +} + void _gnutls_buffer_hexdump(gnutls_buffer_st * str, const void *_data, size_t len, const char *spc) @@ -134,6 +134,8 @@ int _gnutls_buffer_append_printf(gnutls_buffer_st * dest, const char *fmt, void _gnutls_buffer_hexprint(gnutls_buffer_st * str, const void *data, size_t len); +int _gnutls_buffer_base64print(gnutls_buffer_st * str, + const void *data, size_t len); void _gnutls_buffer_hexdump(gnutls_buffer_st * str, const void *data, size_t len, const char *spc); void _gnutls_buffer_asciiprint(gnutls_buffer_st * str, diff --git a/lib/x509/output.c b/lib/x509/output.c index 642d74d070..2eca0b99cf 100644 --- a/lib/x509/output.c +++ b/lib/x509/output.c @@ -1629,6 +1629,10 @@ static void print_obj_id(gnutls_buffer_st *str, const char *prefix, void *obj, g _gnutls_buffer_hexprint(str, sha2_buffer, sha2_size); adds(str, "\n"); + addf(str, _("%sPublic Key PIN:\n%s\tpin-sha256:"), prefix, prefix); + _gnutls_buffer_base64print(str, sha2_buffer, sha2_size); + adds(str, "\n"); + return; } |