DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

TLS: Add tls_connection_peer_serial_num()

Browse source 
This can be used to fetch the serial number of the peer certificate in
the EAP server. For now, this is implemented only with OpenSSL.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2018-10-07 16:47:25 +03:00 committed by Jouni Malinen
parent 18003b315b
commit 0ec3e77a13
6 changed files with 68 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

25
src/crypto/tls_openssl.c
View file

@ -1546,6 +1546,31 @@ int tls_connection_established(void *ssl_ctx, struct tls_connection *conn)
}
char * tls_connection_peer_serial_num(void *tls_ctx,
struct tls_connection *conn)
{
ASN1_INTEGER *ser;
char *serial_num;
size_t len;
if (!conn->peer_cert)
return NULL;
ser = X509_get_serialNumber(conn->peer_cert);
if (!ser)
return NULL;
len = ASN1_STRING_length(ser) * 2 + 1;
serial_num = os_malloc(len);
if (!serial_num)
return NULL;
wpa_snprintf_hex_uppercase(serial_num, len,
ASN1_STRING_get0_data(ser),
ASN1_STRING_length(ser));
return serial_num;
}
int tls_connection_shutdown(void *ssl_ctx, struct tls_connection *conn)
{
if (conn == NULL)