oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

allow testing on sha1 hash in cert queries

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24049 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2008-11-23 22:05:26 +00:00
parent 02f8830992
commit de3c767d3a
2 changed files with 40 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
lib/hx509/cert.c
View File

@@ -3348,6 +3348,40 @@ _hx509_cert_to_env(hx509_context context, hx509_cert cert, hx509_env *env)
} }
} }
{
hx509_env envhash = NULL;
heim_octet_string os, sig;
char *buf;
Certificate *c = _hx509_get_cert(cert);
os.data = c->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.data;
os.length =
c->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.length / 8;
ret = _hx509_create_signature(context,
NULL,
hx509_signature_sha1(),
&os,
NULL,
&sig);
if (ret != 0)
goto out;
hex_encode(sig.data, sig.length, &buf);
der_free_octet_string(&sig);
ret = hx509_env_add(context, &envhash, "sha1", buf);
free(buf);
if (ret)
goto out;
ret = hx509_env_add_binding(context, &envcert, "hash", envhash);
if (ret) {
hx509_env_free(&envhash);
goto out;
}
}
ret = hx509_env_add_binding(context, env, "certificate", envcert); ret = hx509_env_add_binding(context, env, "certificate", envcert);
if (ret) if (ret)
goto out; goto out;

6
lib/hx509/test_query.in
View File

@@ -194,4 +194,10 @@ ${hxtool} query \
--expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku} AND %{certificate.subject} TAILMATCH "C=SE"' \ --expr='"1.3.6.1.5.2.3.5" IN %{certificate.eku} AND %{certificate.subject} TAILMATCH "C=SE"' \
FILE:$srcdir/data/kdc.crt > /dev/null || exit 1 FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
echo "make sure entry match with hash.sha1"
${hxtool} query \
--expr='"%{certificate.hash.sha1}EQ "412120212A2CBFD777DE5499ECB4724345F33F16"' \
FILE:$srcdir/data/kdc.crt > /dev/null || exit 1
exit 0 exit 0