r16413@catbus: nickm | 2007-11-05 13:14:18 -0500

Add functions to encode certificates svn:r12384
2024-11-24 04:13:28 +01:00 · 2007-11-05 18:15:54 +00:00 · 2007-11-05 18:15:54 +00:00 · 12afd4777c
commit 12afd4777c
parent 323490303e
2 changed files with 23 additions and 1 deletions
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@ -718,7 +718,7 @@ tor_tls_get_cert_digests(tor_tls_t *tls,
 {
  X509 *cert;
  unsigned int len;
-  tor_assert(tls->context);
+  tor_assert(tls && tls->context);
  cert = tls->context->my_cert;
  if (cert) {
    X509_digest(cert, EVP_sha1(), (unsigned char*)my_digest_out, &len);
@ -734,6 +734,26 @@ tor_tls_get_cert_digests(tor_tls_t *tls,
  return 0;
 }

+/** DOCDOC */
+char *
+tor_tls_encode_my_certificate(tor_tls_t *tls, size_t *size_out,
+                              int conn_cert)
+{
+  unsigned char *result, *cp;
+  int certlen;
+  X509 *cert;
+  tor_assert(tls && tls->context);
+  cert = conn_cert ? tls->context->my_cert : tls->context->my_id_cert;
+  tor_assert(cert);
+  certlen = i2d_X509(cert, NULL);
+  tor_assert(certlen >= 0);
+  cp = result = tor_malloc(certlen);
+  i2d_X509(cert, &cp);
+  tor_assert(cp-result == certlen);
+  *size_out = (size_t)certlen;
+  return (char*) result;
+}
+
 /** Warn that a certificate lifetime extends through a certain range. */
 static void
 log_cert_lifetime(X509 *cert, const char *problem)
--- a/src/common/tortls.h
+++ b/src/common/tortls.h
@ -55,6 +55,8 @@ void tor_tls_free(tor_tls_t *tls);
 int tor_tls_peer_has_cert(tor_tls_t *tls);
 int tor_tls_get_cert_digests(tor_tls_t *tls, char *my_digest_out,
                             char *peer_digest_out);
+char *tor_tls_encode_my_certificate(tor_tls_t *tls, size_t *size_out,
+                                    int conn_cert);
 int tor_tls_verify_v1(int severity, tor_tls_t *tls,
                      crypto_pk_env_t **identity);
 int tor_tls_check_lifetime(tor_tls_t *tls, int tolerance);