Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
319354eb
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
319354eb
编写于
9月 07, 2012
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
store and print out message digest peer signed with in TLS 1.2
上级
e7db9896
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
31 addition
and
0 deletion
+31
-0
apps/s_cb.c
apps/s_cb.c
+3
-0
ssl/s3_lib.c
ssl/s3_lib.c
+19
-0
ssl/ssl.h
ssl/ssl.h
+4
-0
ssl/t1_lib.c
ssl/t1_lib.c
+5
-0
未找到文件。
apps/s_cb.c
浏览文件 @
319354eb
...
@@ -409,10 +409,13 @@ static int do_print_sigalgs(BIO *out, SSL *s, int shared)
...
@@ -409,10 +409,13 @@ static int do_print_sigalgs(BIO *out, SSL *s, int shared)
int
ssl_print_sigalgs
(
BIO
*
out
,
SSL
*
s
)
int
ssl_print_sigalgs
(
BIO
*
out
,
SSL
*
s
)
{
{
int
mdnid
;
if
(
!
SSL_is_server
(
s
))
if
(
!
SSL_is_server
(
s
))
ssl_print_client_cert_types
(
out
,
s
);
ssl_print_client_cert_types
(
out
,
s
);
do_print_sigalgs
(
out
,
s
,
0
);
do_print_sigalgs
(
out
,
s
,
0
);
do_print_sigalgs
(
out
,
s
,
1
);
do_print_sigalgs
(
out
,
s
,
1
);
if
(
SSL_get_peer_signature_nid
(
s
,
&
mdnid
))
BIO_printf
(
out
,
"Peer signing digest: %s
\n
"
,
OBJ_nid2sn
(
mdnid
));
return
1
;
return
1
;
}
}
...
...
ssl/s3_lib.c
浏览文件 @
319354eb
...
@@ -3458,6 +3458,25 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
...
@@ -3458,6 +3458,25 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
case
SSL_CTRL_SET_CHAIN_CERT_STORE
:
case
SSL_CTRL_SET_CHAIN_CERT_STORE
:
return
ssl_cert_set_cert_store
(
s
->
cert
,
parg
,
1
,
larg
);
return
ssl_cert_set_cert_store
(
s
->
cert
,
parg
,
1
,
larg
);
case
SSL_CTRL_GET_PEER_SIGNATURE_NID
:
if
(
TLS1_get_version
(
s
)
>=
TLS1_2_VERSION
)
{
if
(
s
->
session
&&
s
->
session
->
sess_cert
)
{
const
EVP_MD
*
sig
;
sig
=
s
->
session
->
sess_cert
->
peer_key
->
digest
;
if
(
sig
)
{
*
(
int
*
)
parg
=
EVP_MD_type
(
sig
);
return
1
;
}
}
return
0
;
}
/* Might want to do something here for other versions */
else
return
0
;
default:
default:
break
;
break
;
}
}
...
...
ssl/ssl.h
浏览文件 @
319354eb
...
@@ -1707,6 +1707,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
...
@@ -1707,6 +1707,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
#define SSL_CTRL_BUILD_CERT_CHAIN 105
#define SSL_CTRL_BUILD_CERT_CHAIN 105
#define SSL_CTRL_SET_VERIFY_CERT_STORE 106
#define SSL_CTRL_SET_VERIFY_CERT_STORE 106
#define SSL_CTRL_SET_CHAIN_CERT_STORE 107
#define SSL_CTRL_SET_CHAIN_CERT_STORE 107
#define SSL_CTRL_GET_PEER_SIGNATURE_NID 108
#define DTLSv1_get_timeout(ssl, arg) \
#define DTLSv1_get_timeout(ssl, arg) \
SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
...
@@ -1831,6 +1832,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
...
@@ -1831,6 +1832,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
#define SSL_set1_client_certificate_types(s, clist, clistlen) \
#define SSL_set1_client_certificate_types(s, clist, clistlen) \
SSL_ctrl(s,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)clist)
SSL_ctrl(s,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)clist)
#define SSL_get_peer_signature_nid(s, pn) \
SSL_ctrl(s,SSL_CTRL_GET_PEER_SIGNATURE_NID,0,pn)
#ifndef OPENSSL_NO_BIO
#ifndef OPENSSL_NO_BIO
BIO_METHOD
*
BIO_f_ssl
(
void
);
BIO_METHOD
*
BIO_f_ssl
(
void
);
BIO
*
BIO_new_ssl
(
SSL_CTX
*
ctx
,
int
client
);
BIO
*
BIO_new_ssl
(
SSL_CTX
*
ctx
,
int
client
);
...
...
ssl/t1_lib.c
浏览文件 @
319354eb
...
@@ -922,6 +922,11 @@ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
...
@@ -922,6 +922,11 @@ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
SSLerr
(
SSL_F_TLS12_CHECK_PEER_SIGALG
,
SSL_R_UNKNOWN_DIGEST
);
SSLerr
(
SSL_F_TLS12_CHECK_PEER_SIGALG
,
SSL_R_UNKNOWN_DIGEST
);
return
0
;
return
0
;
}
}
/* Store the digest used so applications can retrieve it if they
* wish.
*/
if
(
s
->
session
&&
s
->
session
->
sess_cert
)
s
->
session
->
sess_cert
->
peer_key
->
digest
=
*
pmd
;
return
1
;
return
1
;
}
}
/* Get a mask of disabled algorithms: an algorithm is disabled
/* Get a mask of disabled algorithms: an algorithm is disabled
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录