feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

added the hash of the issuer's public key to the decoded cert

Browse Source
This commit is contained in:
John Safranek
2012-05-08 15:12:33 -07:00
parent 4d9fe4dafe
commit 81a6ed4577
2 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
ctaocrypt/src/asn.c
View File

@ -2183,6 +2183,15 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
CYASSL_MSG("About to verify certificate signature"); CYASSL_MSG("About to verify certificate signature");
if (ca) { if (ca) {
#ifdef HAVE_OCSP
/* Need the ca's public key hash for OCSP */
{
Sha sha;
InitSha(&sha);
ShaUpdate(&sha, ca->publicKey, ca->pubKeySize);
ShaFinal(&sha, cert->issuerKeyHash);
}
#endif /* HAVE_OCSP */
/* try to confirm/verify signature */ /* try to confirm/verify signature */
if (!ConfirmSignature(cert, ca->publicKey, if (!ConfirmSignature(cert, ca->publicKey,
ca->pubKeySize, ca->keyOID)) { ca->pubKeySize, ca->keyOID)) {

3
cyassl/ctaocrypt/asn.h
View File

@ -207,6 +207,9 @@ struct DecodedCert {
word32 keyOID; /* sum of key algo object id */ word32 keyOID; /* sum of key algo object id */
byte subjectHash[SHA_SIZE]; /* hash of all Names */ byte subjectHash[SHA_SIZE]; /* hash of all Names */
byte issuerHash[SHA_SIZE]; /* hash of all Names */ byte issuerHash[SHA_SIZE]; /* hash of all Names */
#ifdef HAVE_OCSP
byte issuerKeyHash[SHA_SIZE]; /* hash of the public Key */
#endif /* HAVE_OCSP */
byte* signature; /* not owned, points into raw cert */ byte* signature; /* not owned, points into raw cert */
char* subjectCN; /* CommonName */ char* subjectCN; /* CommonName */
int subjectCNLen; int subjectCNLen;