diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2015-09-11 11:28:02 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2015-09-11 11:28:02 +0000 |
| commit | 46ae9609303d89bfaba730e7aa1d151ac2528ca4 (patch) | |
| tree | 86e5f8a539e1c8aac7fa6242238e0992502ff618 /lib/libtls/tls.h | |
| parent | 476c5d8dd867d67516d7906ff7472417f48a1b90 (diff) | |
Provide tls_peer_cert_hash() which returns a hash of the raw certificate
that was presented by the peer. The hash used is currently SHA256, however
since we prefix the result with the hash name, we can change this in the
future as the need arises.
The same output can be generated by using:
h=$(openssl x509 -outform der -in mycert.crt | sha256)
printf "SHA256:${h}\n"
ok beck@
Diffstat (limited to 'lib/libtls/tls.h')
| -rw-r--r-- | lib/libtls/tls.h | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/libtls/tls.h b/lib/libtls/tls.h index f7c12920e0d..3cb24f0ee58 100644 --- a/lib/libtls/tls.h +++ b/lib/libtls/tls.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls.h,v 1.18 2015/09/10 10:26:49 beck Exp $ */ +/* $OpenBSD: tls.h,v 1.19 2015/09/11 11:28:01 jsing Exp $ */ /* * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> * @@ -99,6 +99,8 @@ ssize_t tls_read(struct tls *_ctx, void *_buf, size_t _buflen); ssize_t tls_write(struct tls *_ctx, const void *_buf, size_t _buflen); int tls_close(struct tls *_ctx); +int tls_peer_cert_hash(struct tls *_ctx, char **_hash); + uint8_t *tls_load_file(const char *_file, size_t *_len, char *_password); #ifdef __cplusplus |