From 0bb596e14a34cacbe58da3bed62371bc17e53f11 Mon Sep 17 00:00:00 2001 From: James Booth Date: Tue, 10 Nov 2015 22:46:48 +0000 Subject: Added extra fields to TLSCertificate --- src/config/tlscerts.c | 159 ++++++++++++++++++++++++++++++++++++++++++++------ src/config/tlscerts.h | 31 ++++++++-- 2 files changed, 166 insertions(+), 24 deletions(-) (limited to 'src/config') diff --git a/src/config/tlscerts.c b/src/config/tlscerts.c index 15433a92..321e04c7 100644 --- a/src/config/tlscerts.c +++ b/src/config/tlscerts.c @@ -119,11 +119,17 @@ tlscerts_list(void) int i = 0; for (i = 0; i < g_strv_length(groups); i++) { char *fingerprint = strdup(groups[i]); + int version = g_key_file_get_integer(tlscerts, fingerprint, "version", NULL); + char *serialnumber = g_key_file_get_string(tlscerts, fingerprint, "serialnumber", NULL); char *subjectname = g_key_file_get_string(tlscerts, fingerprint, "subjectname", NULL); + char *issuername = g_key_file_get_string(tlscerts, fingerprint, "issuername", NULL); char *notbefore = g_key_file_get_string(tlscerts, fingerprint, "start", NULL); char *notafter = g_key_file_get_string(tlscerts, fingerprint, "end", NULL); + char *keyalg = g_key_file_get_string(tlscerts, fingerprint, "keyalg", NULL); + char *signaturealg = g_key_file_get_string(tlscerts, fingerprint, "signaturealg", NULL); - TLSCertificate *cert = tlscerts_new(fingerprint, subjectname, notbefore, notafter); + TLSCertificate *cert = tlscerts_new(fingerprint, version, serialnumber, subjectname, issuername, notbefore, + notafter, keyalg, signaturealg); res = g_list_append(res, cert); } @@ -136,20 +142,32 @@ tlscerts_list(void) } TLSCertificate* -tlscerts_new(const char *const fingerprint, const char *const subjectname, const char *const notbefore, - const char *const notafter) +tlscerts_new(const char *const fingerprint, int version, const char *const serialnumber, const char *const subjectname, + const char *const issuername, const char *const notbefore, const char *const notafter, + const char *const key_alg, const char *const signature_alg) { TLSCertificate *cert = malloc(sizeof(TLSCertificate)); + if (fingerprint) { + cert->fingerprint = strdup(fingerprint); + } else { + cert->fingerprint = NULL; + } + cert->version = version; + if (serialnumber) { + cert->serialnumber = strdup(serialnumber); + } else { + cert->serialnumber = NULL; + } if (subjectname) { cert->subjectname = strdup(subjectname); } else { cert->subjectname = NULL; } - if (fingerprint) { - cert->fingerprint = strdup(fingerprint); + if (issuername) { + cert->issuername = strdup(issuername); } else { - cert->fingerprint = NULL; + cert->issuername = NULL; } if (notbefore) { cert->notbefore = strdup(notbefore); @@ -161,23 +179,94 @@ tlscerts_new(const char *const fingerprint, const char *const subjectname, const } else { cert->notafter = NULL; } + if (key_alg) { + cert->key_alg = strdup(key_alg); + } else { + cert->key_alg = NULL; + } + if (signature_alg) { + cert->signature_alg = strdup(signature_alg); + } else { + cert->signature_alg = NULL; + } - cert->domain = NULL; - cert->email = NULL; - cert->organisation = NULL; + cert->subject_country = NULL; + cert->subject_state = NULL; + cert->subject_distinguishedname = NULL; + cert->subject_serialnumber = NULL; + cert->subject_commonname = NULL; + cert->subject_organisation = NULL; + cert->subject_organisation_unit = NULL; + cert->subject_email = NULL; gchar** fields = g_strsplit(subjectname, "/", 0); int i = 0; for (i = 0; i < g_strv_length(fields); i++) { gchar** keyval = g_strsplit(fields[i], "=", 2); if (g_strv_length(keyval) == 2) { - if (g_strcmp0(keyval[0], "CN") == 0) { - cert->domain = strdup(keyval[1]); + if ((g_strcmp0(keyval[0], "C") == 0) || (g_strcmp0(keyval[0], "countryName") == 0)) { + cert->subject_country = strdup(keyval[1]); + } + if ((g_strcmp0(keyval[0], "ST") == 0) || (g_strcmp0(keyval[0], "stateOrProvinceName") == 0)) { + cert->subject_state = strdup(keyval[1]); + } + if (g_strcmp0(keyval[0], "dnQualifier") == 0) { + cert->subject_distinguishedname = strdup(keyval[1]); + } + if (g_strcmp0(keyval[0], "serialnumber") == 0) { + cert->subject_serialnumber = strdup(keyval[1]); + } + if ((g_strcmp0(keyval[0], "CN") == 0) || (g_strcmp0(keyval[0], "commonName") == 0)) { + cert->subject_commonname = strdup(keyval[1]); } - if (g_strcmp0(keyval[0], "O") == 0) { - cert->organisation = strdup(keyval[1]); + if ((g_strcmp0(keyval[0], "O") == 0) || (g_strcmp0(keyval[0], "organizationName") == 0)) { + cert->subject_organisation = strdup(keyval[1]); + } + if ((g_strcmp0(keyval[0], "OU") == 0) || (g_strcmp0(keyval[0], "organizationalUnitName") == 0)) { + cert->subject_organisation_unit = strdup(keyval[1]); } if (g_strcmp0(keyval[0], "emailAddress") == 0) { - cert->email = strdup(keyval[1]); + cert->subject_email = strdup(keyval[1]); + } + } + g_strfreev(keyval); + } + g_strfreev(fields); + + cert->issuer_country = NULL; + cert->issuer_state = NULL; + cert->issuer_distinguishedname = NULL; + cert->issuer_serialnumber = NULL; + cert->issuer_commonname = NULL; + cert->issuer_organisation = NULL; + cert->issuer_organisation_unit = NULL; + cert->issuer_email = NULL; + fields = g_strsplit(issuername, "/", 0); + for (i = 0; i < g_strv_length(fields); i++) { + gchar** keyval = g_strsplit(fields[i], "=", 2); + if (g_strv_length(keyval) == 2) { + if ((g_strcmp0(keyval[0], "C") == 0) || (g_strcmp0(keyval[0], "countryName") == 0)) { + cert->issuer_country = strdup(keyval[1]); + } + if ((g_strcmp0(keyval[0], "ST") == 0) || (g_strcmp0(keyval[0], "stateOrProvinceName") == 0)) { + cert->issuer_state = strdup(keyval[1]); + } + if (g_strcmp0(keyval[0], "dnQualifier") == 0) { + cert->issuer_distinguishedname = strdup(keyval[1]); + } + if (g_strcmp0(keyval[0], "serialnumber") == 0) { + cert->issuer_serialnumber = strdup(keyval[1]); + } + if ((g_strcmp0(keyval[0], "CN") == 0) || (g_strcmp0(keyval[0], "commonName") == 0)) { + cert->issuer_commonname = strdup(keyval[1]); + } + if ((g_strcmp0(keyval[0], "O") == 0) || (g_strcmp0(keyval[0], "organizationName") == 0)) { + cert->issuer_organisation = strdup(keyval[1]); + } + if ((g_strcmp0(keyval[0], "OU") == 0) || (g_strcmp0(keyval[0], "organizationalUnitName") == 0)) { + cert->issuer_organisation_unit = strdup(keyval[1]); + } + if (g_strcmp0(keyval[0], "emailAddress") == 0) { + cert->issuer_email = strdup(keyval[1]); } } g_strfreev(keyval); @@ -200,15 +289,28 @@ tlscerts_add(TLSCertificate *cert) autocomplete_add(certs_ac, cert->fingerprint); + g_key_file_set_integer(tlscerts, cert->fingerprint, "version", cert->version); + if (cert->serialnumber) { + g_key_file_set_string(tlscerts, cert->fingerprint, "serialnumber", cert->serialnumber); + } if (cert->subjectname) { g_key_file_set_string(tlscerts, cert->fingerprint, "subjectname", cert->subjectname); } + if (cert->issuername) { + g_key_file_set_string(tlscerts, cert->fingerprint, "issuername", cert->issuername); + } if (cert->notbefore) { g_key_file_set_string(tlscerts, cert->fingerprint, "start", cert->notbefore); } if (cert->notafter) { g_key_file_set_string(tlscerts, cert->fingerprint, "end", cert->notafter); } + if (cert->key_alg) { + g_key_file_set_string(tlscerts, cert->fingerprint, "keyalg", cert->key_alg); + } + if (cert->signature_alg) { + g_key_file_set_string(tlscerts, cert->fingerprint, "signaturealg", cert->signature_alg); + } _save_tlscerts(); } @@ -242,13 +344,34 @@ void tlscerts_free(TLSCertificate *cert) { if (cert) { + free(cert->serialnumber); + free(cert->subjectname); - free(cert->fingerprint); - free(cert->domain); - free(cert->organisation); - free(cert->email); + free(cert->subject_country); + free(cert->subject_state); + free(cert->subject_distinguishedname); + free(cert->subject_serialnumber); + free(cert->subject_commonname); + free(cert->subject_organisation); + free(cert->subject_organisation_unit); + free(cert->subject_email); + + free(cert->issuername); + free(cert->issuer_country); + free(cert->issuer_state); + free(cert->issuer_distinguishedname); + free(cert->issuer_serialnumber); + free(cert->issuer_commonname); + free(cert->issuer_organisation); + free(cert->issuer_organisation_unit); + free(cert->issuer_email); + free(cert->notbefore); free(cert->notafter); + free(cert->fingerprint); + + free(cert->key_alg); + free(cert->signature_alg); } } diff --git a/src/config/tlscerts.h b/src/config/tlscerts.h index e1ab4748..d0e59218 100644 --- a/src/config/tlscerts.h +++ b/src/config/tlscerts.h @@ -36,19 +36,38 @@ #define TLSCERTS_H typedef struct tls_cert_t { - char *fingerprint; - char *domain; + int version; + char *serialnumber; char *subjectname; - char *organisation; - char *email; + char *subject_country; + char *subject_state; + char *subject_distinguishedname; + char *subject_serialnumber; + char *subject_commonname; + char *subject_organisation; + char *subject_organisation_unit; + char *subject_email; + char *issuername; + char *issuer_country; + char *issuer_state; + char *issuer_distinguishedname; + char *issuer_serialnumber; + char *issuer_commonname; + char *issuer_organisation; + char *issuer_organisation_unit; + char *issuer_email; char *notbefore; char *notafter; + char *fingerprint; + char *key_alg; + char *signature_alg; } TLSCertificate; void tlscerts_init(void); -TLSCertificate* tlscerts_new(const char *const fingerprint, const char *const subjectname, const char *const notbefore, - const char *const notafter); +TLSCertificate* tlscerts_new(const char *const fingerprint, int version, const char *const serialnumber, const char *const subjectname, + const char *const issuername, const char *const notbefore, const char *const notafter, + const char *const key_alg, const char *const signature_alg); void tlscerts_set_current(const char *const fp); -- cgit 1.4.1-2-gfad0