Gitweb links:
...log
http://git.netsurf-browser.org/netsurf.git/shortlog/181777791b1be77d9bd1457dc3c8789de5069a01
...commit
http://git.netsurf-browser.org/netsurf.git/commit/181777791b1be77d9bd1457dc3c8789de5069a01
...tree
http://git.netsurf-browser.org/netsurf.git/tree/181777791b1be77d9bd1457dc3c8789de5069a01
The branch, master has been updated
via 181777791b1be77d9bd1457dc3c8789de5069a01 (commit)
via e09ea43dbb20d2388070ddd5d9a0efa2e5b52eca (commit)
via aaa507b09f756cee7ca01118ee3ede3ef28ceba6 (commit)
via 6002efff274b712c76d54ee0fba27184536cfd48 (commit)
from 125b96b818d7730c4b2d08a5f8533179fe1e7c8a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commitdiff
http://git.netsurf-browser.org/netsurf.git/commit/?id=181777791b1be77d9bd1457dc3c8789de5069a01
commit 181777791b1be77d9bd1457dc3c8789de5069a01
Author: Vincent Sanders <[email protected]>
Commit: Vincent Sanders <[email protected]>
add fingerprints to the certificate viewer
diff --git a/content/fetchers/about.c b/content/fetchers/about.c
index d9139e5..7ce8ab4 100644
--- a/content/fetchers/about.c
+++ b/content/fetchers/about.c
@@ -472,6 +472,8 @@ struct ns_cert_info {
int sig_type; /**< Signature type */
char *sig_algor; /**< Signature Algorithm */
char *serialnum; /**< Serial number */
+ char *sha1fingerprint; /**< fingerprint shar1 encoded */
+ char *sha256fingerprint; /**< fingerprint shar256 encoded */
ssl_cert_err err; /**< Whatever is wrong with this certificate */
};
@@ -702,6 +704,43 @@ static char *hexdup(const char *hex)
return dst;
}
+
+/**
+ * create a hex formatted string inserting the colons from binary data
+ *
+ * \todo only uses html entity as separator because netsurfs line breaking
+ * fails otherwise.
+ */
+static char *bindup(unsigned char *bin, unsigned int binlen)
+{
+ char *dst;
+ char *out;
+ unsigned int idx;
+ const char hex[] = { '0', '1', '2', '3', '4', '5', '6', '7',
+ '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
+
+ /* allow space fox XY to expand to XX:YY: */
+ dst = malloc(binlen * 7);
+
+ if (dst != NULL) {
+ out = dst;
+ for (idx = 0; idx < binlen; idx++) {
+ *out++ = hex[(bin[idx] & 0xf0) >> 4];
+ *out++ = hex[bin[idx] & 0xf];
+
+ *out++ = '&';
+ *out++ = '#';
+ *out++ = '5';
+ *out++ = '8';
+ *out++ = ';';
+ }
+ out -= 5;
+ *out = 0;
+ }
+ return dst;
+}
+
+
/**
* extract RSA key information to info structure
*
@@ -958,6 +997,33 @@ der_to_certinfo(const uint8_t *der,
}
}
+ /* fingerprints */
+ const EVP_MD *digest;
+ unsigned int dig_len;
+ unsigned char *buff;
+ int rc;
+
+ digest = EVP_sha1();
+ buff = malloc(EVP_MD_size(digest));
+ if (buff != NULL) {
+ rc = X509_digest(cert, digest, buff, &dig_len);
+ if ((rc == 1) && (dig_len == (unsigned
int)EVP_MD_size(digest))) {
+ info->sha1fingerprint = bindup(buff, dig_len);
+ }
+ free(buff);
+ }
+
+ digest = EVP_sha256();
+ buff = malloc(EVP_MD_size(digest));
+ if (buff != NULL) {
+ rc = X509_digest(cert, digest, buff, &dig_len);
+ if ((rc == 1) && (dig_len == (unsigned
int)EVP_MD_size(digest))) {
+ info->sha256fingerprint = bindup(buff, dig_len);
+ }
+ free(buff);
+ }
+
+
/* issuer name */
xname_to_info(X509_get_issuer_name(cert), &info->issuer_name);
@@ -1137,6 +1203,49 @@ format_certificate_public_key(struct fetch_about_context
*ctx,
}
static nserror
+format_certificate_fingerprint(struct fetch_about_context *ctx,
+ struct ns_cert_info *cert_info)
+{
+ nserror res;
+
+ if ((cert_info->sha1fingerprint == NULL) &&
+ (cert_info->sha256fingerprint == NULL)) {
+ /* skip the table if no fingerprints */
+ return NSERROR_OK;
+ }
+
+
+ res = ssenddataf(ctx,
+ "<table class=\"info\">\n"
+ "<tr><th>Fingerprints</th><td><hr></td></tr>\n");
+ if (res != NSERROR_OK) {
+ return res;
+ }
+
+ if (cert_info->sha256fingerprint != NULL) {
+ res = ssenddataf(ctx,
+ "<tr><th>SHA-256</th><td>%s</td></tr>\n",
+ cert_info->sha256fingerprint);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+ }
+
+ if (cert_info->sha1fingerprint != NULL) {
+ res = ssenddataf(ctx,
+ "<tr><th>SHA-1</th><td>%s</td></tr>\n",
+ cert_info->sha1fingerprint);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+ }
+
+ res = ssenddataf(ctx, "</table>\n");
+
+ return res;
+}
+
+static nserror
format_certificate(struct fetch_about_context *ctx,
struct ns_cert_info *cert_info)
{
@@ -1232,6 +1341,12 @@ format_certificate(struct fetch_about_context *ctx,
"<tr><th>Version</th><td>%ld</td></tr>\n"
"</table>\n",
cert_info->version);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+
+ res = format_certificate_fingerprint(ctx, cert_info);
+
return res;
}
commitdiff
http://git.netsurf-browser.org/netsurf.git/commit/?id=e09ea43dbb20d2388070ddd5d9a0efa2e5b52eca
commit e09ea43dbb20d2388070ddd5d9a0efa2e5b52eca
Author: Vincent Sanders <[email protected]>
Commit: Vincent Sanders <[email protected]>
split out public key table formatted output
diff --git a/content/fetchers/about.c b/content/fetchers/about.c
index 1fbca61..d9139e5 100644
--- a/content/fetchers/about.c
+++ b/content/fetchers/about.c
@@ -1071,6 +1071,71 @@ format_certificate_name(struct fetch_about_context *ctx,
return res;
}
+
+static nserror
+format_certificate_public_key(struct fetch_about_context *ctx,
+ struct ns_cert_pkey *public_key)
+{
+ nserror res;
+
+ if (public_key->algor == NULL) {
+ /* skip the table if no algorithm name */
+ return NSERROR_OK;
+ }
+
+ res = ssenddataf(ctx,
+ "<table class=\"info\">\n"
+ "<tr><th>Public Key</th><td><hr></td></tr>\n"
+ "<tr><th>Algorithm</th><td>%s</td></tr>\n"
+ "<tr><th>Key Size</th><td>%d</td></tr>\n",
+ public_key->algor,
+ public_key->size);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+
+
+ if (public_key->exponent != NULL) {
+ res = ssenddataf(ctx,
+ "<tr><th>Exponent</th><td>%s</td></tr>\n",
+ public_key->exponent);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+ }
+
+ if (public_key->modulus != NULL) {
+ res = ssenddataf(ctx,
+ "<tr><th>Modulus</th><td>%s</td></tr>\n",
+ public_key->modulus);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+ }
+
+ if (public_key->curve != NULL) {
+ res = ssenddataf(ctx,
+ "<tr><th>Curve</th><td>%s</td></tr>\n",
+ public_key->curve);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+ }
+
+ if (public_key->public != NULL) {
+ res = ssenddataf(ctx,
+ "<tr><th>Public Value</th><td>%s</td></tr>\n",
+ public_key->public);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+ }
+
+ res = ssenddataf(ctx, "</table>\n");
+
+ return res;
+}
+
static nserror
format_certificate(struct fetch_about_context *ctx,
struct ns_cert_info *cert_info)
@@ -1132,61 +1197,9 @@ format_certificate(struct fetch_about_context *ctx,
return res;
}
- if (cert_info->public_key.algor != NULL) {
- res = ssenddataf(ctx,
- "<table class=\"info\">\n"
- "<tr><th>Public Key</th><td><hr></td></tr>\n"
- "<tr><th>Algorithm</th><td>%s</td></tr>\n"
- "<tr><th>Key Size</th><td>%d</td></tr>\n",
- cert_info->public_key.algor,
- cert_info->public_key.size);
- if (res != NSERROR_OK) {
- return res;
- }
-
-
- if (cert_info->public_key.exponent != NULL) {
- res = ssenddataf(ctx,
-
"<tr><th>Exponent</th><td>%s</td></tr>\n",
- cert_info->public_key.exponent);
- if (res != NSERROR_OK) {
- return res;
- }
- }
-
- if (cert_info->public_key.modulus != NULL) {
- res = ssenddataf(ctx,
-
"<tr><th>Modulus</th><td>%s</td></tr>\n",
- cert_info->public_key.modulus);
- if (res != NSERROR_OK) {
- return res;
- }
- }
-
- if (cert_info->public_key.curve != NULL) {
- res = ssenddataf(ctx,
- "<tr><th>Curve</th><td>%s</td></tr>\n",
- cert_info->public_key.curve);
- if (res != NSERROR_OK) {
- return res;
- }
- }
-
- if (cert_info->public_key.public != NULL) {
- res = ssenddataf(ctx,
- "<tr><th>Public
Value</th><td>%s</td></tr>\n",
- cert_info->public_key.public);
- if (res != NSERROR_OK) {
- return res;
- }
- }
-
- res = ssenddataf(ctx, "</table>\n");
- if (res != NSERROR_OK) {
- return res;
- }
-
-
+ res = format_certificate_public_key(ctx, &cert_info->public_key);
+ if (res != NSERROR_OK) {
+ return res;
}
res = ssenddataf(ctx,
commitdiff
http://git.netsurf-browser.org/netsurf.git/commit/?id=aaa507b09f756cee7ca01118ee3ede3ef28ceba6
commit aaa507b09f756cee7ca01118ee3ede3ef28ceba6
Author: Vincent Sanders <[email protected]>
Commit: Vincent Sanders <[email protected]>
use entity for colon in certificate hex values to allow netsurf to break
properly
diff --git a/content/fetchers/about.c b/content/fetchers/about.c
index 5d1208d..1fbca61 100644
--- a/content/fetchers/about.c
+++ b/content/fetchers/about.c
@@ -669,6 +669,9 @@ xname_to_info(X509_NAME *xname, struct ns_cert_name *iname)
/**
* duplicate a hex formatted string inserting the colons
+ *
+ * \todo only uses html entity as separator because netsurfs line breaking
+ * fails otherwise.
*/
static char *hexdup(const char *hex)
{
@@ -678,13 +681,18 @@ static char *hexdup(const char *hex)
int cn = 0;
hexlen = strlen(hex);
- dst = malloc(((hexlen * 3) + 1) / 2);
+ /* allow space fox XXYY to XX:YY: */
+ dst = malloc(((hexlen * 7) + 6) / 2);
if (dst != NULL) {
for (out = dst; *hex != 0; hex++) {
if (cn == 2) {
cn = 0;
- *out++ = ':';
+ *out++ = '&';
+ *out++ = '#';
+ *out++ = '5';
+ *out++ = '8';
+ *out++ = ';';
}
*out++ = *hex;
cn++;
commitdiff
http://git.netsurf-browser.org/netsurf.git/commit/?id=6002efff274b712c76d54ee0fba27184536cfd48
commit 6002efff274b712c76d54ee0fba27184536cfd48
Author: Vincent Sanders <[email protected]>
Commit: Vincent Sanders <[email protected]>
get the sign right on the certificate openssl compatability interface
diff --git a/content/fetchers/about.c b/content/fetchers/about.c
index 1e0fbdf..5d1208d 100644
--- a/content/fetchers/about.c
+++ b/content/fetchers/about.c
@@ -527,9 +527,9 @@ static int ns_X509_get_signature_nid(X509 *cert)
#define ns_X509_get_signature_nid X509_get_signature_nid
#endif
-static const char *ns_ASN1_STRING_get0_data(ASN1_STRING *asn1str)
+static const unsigned char *ns_ASN1_STRING_get0_data(ASN1_STRING *asn1str)
{
- return (const char *)ASN1_STRING_data(asn1str);
+ return (const unsigned char *)ASN1_STRING_data(asn1str);
}
static const BIGNUM *ns_RSA_get0_n(const RSA *d)
-----------------------------------------------------------------------
Summary of changes:
content/fetchers/about.c | 254 +++++++++++++++++++++++++++++++++++-----------
1 file changed, 195 insertions(+), 59 deletions(-)
diff --git a/content/fetchers/about.c b/content/fetchers/about.c
index 1e0fbdf..7ce8ab4 100644
--- a/content/fetchers/about.c
+++ b/content/fetchers/about.c
@@ -472,6 +472,8 @@ struct ns_cert_info {
int sig_type; /**< Signature type */
char *sig_algor; /**< Signature Algorithm */
char *serialnum; /**< Serial number */
+ char *sha1fingerprint; /**< fingerprint shar1 encoded */
+ char *sha256fingerprint; /**< fingerprint shar256 encoded */
ssl_cert_err err; /**< Whatever is wrong with this certificate */
};
@@ -527,9 +529,9 @@ static int ns_X509_get_signature_nid(X509 *cert)
#define ns_X509_get_signature_nid X509_get_signature_nid
#endif
-static const char *ns_ASN1_STRING_get0_data(ASN1_STRING *asn1str)
+static const unsigned char *ns_ASN1_STRING_get0_data(ASN1_STRING *asn1str)
{
- return (const char *)ASN1_STRING_data(asn1str);
+ return (const unsigned char *)ASN1_STRING_data(asn1str);
}
static const BIGNUM *ns_RSA_get0_n(const RSA *d)
@@ -669,6 +671,9 @@ xname_to_info(X509_NAME *xname, struct ns_cert_name *iname)
/**
* duplicate a hex formatted string inserting the colons
+ *
+ * \todo only uses html entity as separator because netsurfs line breaking
+ * fails otherwise.
*/
static char *hexdup(const char *hex)
{
@@ -678,13 +683,18 @@ static char *hexdup(const char *hex)
int cn = 0;
hexlen = strlen(hex);
- dst = malloc(((hexlen * 3) + 1) / 2);
+ /* allow space fox XXYY to XX:YY: */
+ dst = malloc(((hexlen * 7) + 6) / 2);
if (dst != NULL) {
for (out = dst; *hex != 0; hex++) {
if (cn == 2) {
cn = 0;
- *out++ = ':';
+ *out++ = '&';
+ *out++ = '#';
+ *out++ = '5';
+ *out++ = '8';
+ *out++ = ';';
}
*out++ = *hex;
cn++;
@@ -694,6 +704,43 @@ static char *hexdup(const char *hex)
return dst;
}
+
+/**
+ * create a hex formatted string inserting the colons from binary data
+ *
+ * \todo only uses html entity as separator because netsurfs line breaking
+ * fails otherwise.
+ */
+static char *bindup(unsigned char *bin, unsigned int binlen)
+{
+ char *dst;
+ char *out;
+ unsigned int idx;
+ const char hex[] = { '0', '1', '2', '3', '4', '5', '6', '7',
+ '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
+
+ /* allow space fox XY to expand to XX:YY: */
+ dst = malloc(binlen * 7);
+
+ if (dst != NULL) {
+ out = dst;
+ for (idx = 0; idx < binlen; idx++) {
+ *out++ = hex[(bin[idx] & 0xf0) >> 4];
+ *out++ = hex[bin[idx] & 0xf];
+
+ *out++ = '&';
+ *out++ = '#';
+ *out++ = '5';
+ *out++ = '8';
+ *out++ = ';';
+ }
+ out -= 5;
+ *out = 0;
+ }
+ return dst;
+}
+
+
/**
* extract RSA key information to info structure
*
@@ -950,6 +997,33 @@ der_to_certinfo(const uint8_t *der,
}
}
+ /* fingerprints */
+ const EVP_MD *digest;
+ unsigned int dig_len;
+ unsigned char *buff;
+ int rc;
+
+ digest = EVP_sha1();
+ buff = malloc(EVP_MD_size(digest));
+ if (buff != NULL) {
+ rc = X509_digest(cert, digest, buff, &dig_len);
+ if ((rc == 1) && (dig_len == (unsigned
int)EVP_MD_size(digest))) {
+ info->sha1fingerprint = bindup(buff, dig_len);
+ }
+ free(buff);
+ }
+
+ digest = EVP_sha256();
+ buff = malloc(EVP_MD_size(digest));
+ if (buff != NULL) {
+ rc = X509_digest(cert, digest, buff, &dig_len);
+ if ((rc == 1) && (dig_len == (unsigned
int)EVP_MD_size(digest))) {
+ info->sha256fingerprint = bindup(buff, dig_len);
+ }
+ free(buff);
+ }
+
+
/* issuer name */
xname_to_info(X509_get_issuer_name(cert), &info->issuer_name);
@@ -1063,6 +1137,114 @@ format_certificate_name(struct fetch_about_context *ctx,
return res;
}
+
+static nserror
+format_certificate_public_key(struct fetch_about_context *ctx,
+ struct ns_cert_pkey *public_key)
+{
+ nserror res;
+
+ if (public_key->algor == NULL) {
+ /* skip the table if no algorithm name */
+ return NSERROR_OK;
+ }
+
+ res = ssenddataf(ctx,
+ "<table class=\"info\">\n"
+ "<tr><th>Public Key</th><td><hr></td></tr>\n"
+ "<tr><th>Algorithm</th><td>%s</td></tr>\n"
+ "<tr><th>Key Size</th><td>%d</td></tr>\n",
+ public_key->algor,
+ public_key->size);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+
+
+ if (public_key->exponent != NULL) {
+ res = ssenddataf(ctx,
+ "<tr><th>Exponent</th><td>%s</td></tr>\n",
+ public_key->exponent);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+ }
+
+ if (public_key->modulus != NULL) {
+ res = ssenddataf(ctx,
+ "<tr><th>Modulus</th><td>%s</td></tr>\n",
+ public_key->modulus);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+ }
+
+ if (public_key->curve != NULL) {
+ res = ssenddataf(ctx,
+ "<tr><th>Curve</th><td>%s</td></tr>\n",
+ public_key->curve);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+ }
+
+ if (public_key->public != NULL) {
+ res = ssenddataf(ctx,
+ "<tr><th>Public Value</th><td>%s</td></tr>\n",
+ public_key->public);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+ }
+
+ res = ssenddataf(ctx, "</table>\n");
+
+ return res;
+}
+
+static nserror
+format_certificate_fingerprint(struct fetch_about_context *ctx,
+ struct ns_cert_info *cert_info)
+{
+ nserror res;
+
+ if ((cert_info->sha1fingerprint == NULL) &&
+ (cert_info->sha256fingerprint == NULL)) {
+ /* skip the table if no fingerprints */
+ return NSERROR_OK;
+ }
+
+
+ res = ssenddataf(ctx,
+ "<table class=\"info\">\n"
+ "<tr><th>Fingerprints</th><td><hr></td></tr>\n");
+ if (res != NSERROR_OK) {
+ return res;
+ }
+
+ if (cert_info->sha256fingerprint != NULL) {
+ res = ssenddataf(ctx,
+ "<tr><th>SHA-256</th><td>%s</td></tr>\n",
+ cert_info->sha256fingerprint);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+ }
+
+ if (cert_info->sha1fingerprint != NULL) {
+ res = ssenddataf(ctx,
+ "<tr><th>SHA-1</th><td>%s</td></tr>\n",
+ cert_info->sha1fingerprint);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+ }
+
+ res = ssenddataf(ctx, "</table>\n");
+
+ return res;
+}
+
static nserror
format_certificate(struct fetch_about_context *ctx,
struct ns_cert_info *cert_info)
@@ -1124,61 +1306,9 @@ format_certificate(struct fetch_about_context *ctx,
return res;
}
- if (cert_info->public_key.algor != NULL) {
- res = ssenddataf(ctx,
- "<table class=\"info\">\n"
- "<tr><th>Public Key</th><td><hr></td></tr>\n"
- "<tr><th>Algorithm</th><td>%s</td></tr>\n"
- "<tr><th>Key Size</th><td>%d</td></tr>\n",
- cert_info->public_key.algor,
- cert_info->public_key.size);
- if (res != NSERROR_OK) {
- return res;
- }
-
-
- if (cert_info->public_key.exponent != NULL) {
- res = ssenddataf(ctx,
-
"<tr><th>Exponent</th><td>%s</td></tr>\n",
- cert_info->public_key.exponent);
- if (res != NSERROR_OK) {
- return res;
- }
- }
-
- if (cert_info->public_key.modulus != NULL) {
- res = ssenddataf(ctx,
-
"<tr><th>Modulus</th><td>%s</td></tr>\n",
- cert_info->public_key.modulus);
- if (res != NSERROR_OK) {
- return res;
- }
- }
-
- if (cert_info->public_key.curve != NULL) {
- res = ssenddataf(ctx,
- "<tr><th>Curve</th><td>%s</td></tr>\n",
- cert_info->public_key.curve);
- if (res != NSERROR_OK) {
- return res;
- }
- }
-
- if (cert_info->public_key.public != NULL) {
- res = ssenddataf(ctx,
- "<tr><th>Public
Value</th><td>%s</td></tr>\n",
- cert_info->public_key.public);
- if (res != NSERROR_OK) {
- return res;
- }
- }
-
- res = ssenddataf(ctx, "</table>\n");
- if (res != NSERROR_OK) {
- return res;
- }
-
-
+ res = format_certificate_public_key(ctx, &cert_info->public_key);
+ if (res != NSERROR_OK) {
+ return res;
}
res = ssenddataf(ctx,
@@ -1211,6 +1341,12 @@ format_certificate(struct fetch_about_context *ctx,
"<tr><th>Version</th><td>%ld</td></tr>\n"
"</table>\n",
cert_info->version);
+ if (res != NSERROR_OK) {
+ return res;
+ }
+
+ res = format_certificate_fingerprint(ctx, cert_info);
+
return res;
}
--
NetSurf Browser
_______________________________________________
netsurf-commits mailing list -- [email protected]
To unsubscribe send an email to [email protected]
