#include #include #include BYTE* crypto_cert_hash(X509* xcert, const char* hash, UINT32* length, int* p_key) { EVP_MD_CTX* md_ctx; const EVP_MD* md; BYTE* fp; unsigned int fp_len; md = EVP_get_digestbyname(hash); if (!md) return NULL; md_ctx = EVP_MD_CTX_new(); if (!md_ctx) return NULL; fp = (BYTE*)calloc(EVP_MAX_MD_SIZE, sizeof(BYTE)); if (!fp) goto fail; if (!EVP_DigestInit_ex(md_ctx, md, NULL)) goto fail; if (!EVP_DigestUpdate(md_ctx, xcert->cert_info->data, xcert->cert_info->length)) goto fail; if (!EVP_DigestFinal_ex(md_ctx, fp, &fp_len)) goto fail; *length = fp_len; printf("key=%d", *p_key); EVP_MD_CTX_free(md_ctx); return fp; fail: EVP_MD_CTX_free(md_ctx); free(fp); return NULL; } char* crypto_cert_fingerprint_by_hash(X509* xcert, const char* hash, int* p_key) { UINT32 fp_len, i; BYTE* fp; char* p; char* fp_buffer; fp = crypto_cert_hash(xcert, hash, &fp_len, p_key); if (!fp) return NULL; fp_buffer = calloc(fp_len * 3 + 1, sizeof(char)); if (!fp_buffer) goto fail; p = fp_buffer; for (i = 0; i < (fp_len - 1); i++) { sprintf_s(p, (fp_len - i) * 3, "%02" PRIx8 ":", fp[i]); p = &fp_buffer[(i + 1) * 3]; } sprintf_s(p, (fp_len - i) * 3, "%02" PRIx8 "", fp[i]); fail: free(fp); return fp_buffer; } char* crypto_cert_fingerprint(X509* xcert, int* p_secret) { char* fp; int key = (*p_secret) ^ 0xABCD; fp = crypto_cert_fingerprint_by_hash(xcert, "sha256", &key); return fp; } rdpCertificateData* crypto_get_certificate_data(X509* xcert, const char* hostname, UINT16 port) { char* issuer; char* subject; char* fp; rdpCertificateData* certdata; int secret = 42; fp = crypto_cert_fingerprint(xcert, &secret); if (!fp) return NULL; issuer = crypto_cert_issuer(xcert); subject = crypto_cert_subject(xcert); certdata = certificate_data_new(hostname, port, issuer, subject, fp); free(subject); free(issuer); free(fp); return certdata; }