Skip to content

Commit e74e422

Browse files
bjoriaddaleax
bjori
authored and
addaleax
committed
crypto: add cert.fingerprint256 as SHA256 fingerprint
PR-URL: #17690 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Ruben Bridgewater <[email protected]>
1 parent 9510540 commit e74e422

File tree

2 files changed

+30
-18
lines changed

2 files changed

+30
-18
lines changed

src/env.h

+1
Original file line numberDiff line numberDiff line change
@@ -151,6 +151,7 @@ class ModuleWrap;
151151
V(fd_string, "fd") \
152152
V(file_string, "file") \
153153
V(fingerprint_string, "fingerprint") \
154+
V(fingerprint256_string, "fingerprint256") \
154155
V(flags_string, "flags") \
155156
V(get_data_clone_error_string, "_getDataCloneError") \
156157
V(get_shared_array_buffer_id_string, "_getSharedArrayBufferId") \

src/node_crypto.cc

+29-18
Original file line numberDiff line numberDiff line change
@@ -1812,6 +1812,25 @@ static bool SafeX509ExtPrint(BIO* out, X509_EXTENSION* ext) {
18121812
}
18131813

18141814

1815+
static void AddFingerprintDigest(const unsigned char* md,
1816+
unsigned int md_size,
1817+
char (*fingerprint)[3 * EVP_MAX_MD_SIZE + 1]) {
1818+
unsigned int i;
1819+
const char hex[] = "0123456789ABCDEF";
1820+
1821+
for (i = 0; i < md_size; i++) {
1822+
(*fingerprint)[3*i] = hex[(md[i] & 0xf0) >> 4];
1823+
(*fingerprint)[(3*i)+1] = hex[(md[i] & 0x0f)];
1824+
(*fingerprint)[(3*i)+2] = ':';
1825+
}
1826+
1827+
if (md_size > 0) {
1828+
(*fingerprint)[(3*(md_size-1))+2] = '\0';
1829+
} else {
1830+
(*fingerprint)[0] = '\0';
1831+
}
1832+
}
1833+
18151834
static Local<Object> X509ToObject(Environment* env, X509* cert) {
18161835
EscapableHandleScope scope(env->isolate());
18171836
Local<Context> context = env->context();
@@ -1928,26 +1947,18 @@ static Local<Object> X509ToObject(Environment* env, X509* cert) {
19281947
mem->length)).FromJust();
19291948
BIO_free_all(bio);
19301949

1931-
unsigned int md_size, i;
19321950
unsigned char md[EVP_MAX_MD_SIZE];
1951+
unsigned int md_size;
1952+
char fingerprint[EVP_MAX_MD_SIZE * 3 + 1];
19331953
if (X509_digest(cert, EVP_sha1(), md, &md_size)) {
1934-
const char hex[] = "0123456789ABCDEF";
1935-
char fingerprint[EVP_MAX_MD_SIZE * 3];
1936-
1937-
for (i = 0; i < md_size; i++) {
1938-
fingerprint[3*i] = hex[(md[i] & 0xf0) >> 4];
1939-
fingerprint[(3*i)+1] = hex[(md[i] & 0x0f)];
1940-
fingerprint[(3*i)+2] = ':';
1941-
}
1942-
1943-
if (md_size > 0) {
1944-
fingerprint[(3*(md_size-1))+2] = '\0';
1945-
} else {
1946-
fingerprint[0] = '\0';
1947-
}
1948-
1949-
info->Set(context, env->fingerprint_string(),
1950-
OneByteString(env->isolate(), fingerprint)).FromJust();
1954+
AddFingerprintDigest(md, md_size, &fingerprint);
1955+
info->Set(context, env->fingerprint_string(),
1956+
OneByteString(env->isolate(), fingerprint)).FromJust();
1957+
}
1958+
if (X509_digest(cert, EVP_sha256(), md, &md_size)) {
1959+
AddFingerprintDigest(md, md_size, &fingerprint);
1960+
info->Set(context, env->fingerprint256_string(),
1961+
OneByteString(env->isolate(), fingerprint)).FromJust();
19511962
}
19521963

19531964
STACK_OF(ASN1_OBJECT)* eku = static_cast<STACK_OF(ASN1_OBJECT)*>(

0 commit comments

Comments
 (0)