moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-11-17 15:05:02 -05:00
Code Issues Releases Wiki Activity

openssl: fix pubkey/signature algorithm detection in certinfo

Browse Source 
Certinfo gives the same result for all OpenSSL versions.
Also made printing RSA pubkeys consistent with older versions.

Reported-by: Michael Wallner
Fixes #3706
Closes #4030
This commit is contained in:
Gergely Nagy 2019-06-16 09:44:21 +02:00 committed by Daniel Stenberg
parent 755083d00d
commit 6c2b7d44e3
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
1 changed files with 16 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
lib/vtls/openssl.c
View File

@ -3085,18 +3085,25 @@ static CURLcode get_cert_chain(struct connectdata *conn,
#if defined(HAVE_X509_GET0_SIGNATURE) && defined(HAVE_X509_GET0_EXTENSIONS)
{
const X509_ALGOR *palg = NULL;
ASN1_STRING *a = ASN1_STRING_new();
if(a) {
X509_get0_signature(&psig, &palg, x);
X509_signature_print(mem, ARG2_X509_signature_print palg, a);
ASN1_STRING_free(a);
const X509_ALGOR *sigalg = NULL;
X509_PUBKEY *xpubkey = NULL;
ASN1_OBJECT *pubkeyoid = NULL;
if(palg) {
i2a_ASN1_OBJECT(mem, palg->algorithm);
X509_get0_signature(&psig, &sigalg, x);
if(sigalg) {
i2a_ASN1_OBJECT(mem, sigalg->algorithm);
push_certinfo("Signature Algorithm", i);
}
xpubkey = X509_get_X509_PUBKEY(x);
if(xpubkey) {
X509_PUBKEY_get0_param(&pubkeyoid, NULL, NULL, NULL, xpubkey);
if(pubkeyoid) {
i2a_ASN1_OBJECT(mem, pubkeyoid);
push_certinfo("Public Key Algorithm", i);
}
}
X509V3_ext(data, i, X509_get0_extensions(x));
}
#else
@ -3148,7 +3155,7 @@ static CURLcode get_cert_chain(struct connectdata *conn,
const BIGNUM *e;
RSA_get0_key(rsa, &n, &e, NULL);
BN_print(mem, n);
BIO_printf(mem, "%d", BN_num_bits(n));
push_certinfo("RSA Public Key", i);
print_pubkey_BN(rsa, n, i);
print_pubkey_BN(rsa, e, i);