Mercurial > pidgin.yaz

changeset 18977:31bdbb82de7e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
- Add purple_certificate_export and associated libpurple stuff - Add certificate export support to GnuTLS x509 scheme
author William Ehlhardt <williamehlhardt@gmail.com>
date Fri, 29 Jun 2007 04:23:39 +0000
parents 22481079895a
children a421561f12d7
files libpurple/certificate.c libpurple/certificate.h libpurple/plugins/ssl/ssl-gnutls.c
diffstat 3 files changed, 93 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/libpurple/certificate.c	Thu Jun 28 23:55:14 2007 +0000
+++ b/libpurple/certificate.c	Fri Jun 29 04:23:39 2007 +0000
@@ -125,6 +125,21 @@
 	g_list_free(crt_list);
 }
 
+gboolean
+purple_certificate_export(const gchar *filename, PurpleCertificate *crt)
+{
+	PurpleCertificateScheme *scheme;
+
+	g_return_val_if_fail(filename, FALSE);
+	g_return_val_if_fail(crt, FALSE);
+	g_return_val_if_fail(crt->scheme, FALSE);
+
+	scheme = crt->scheme;
+	g_return_val_if_fail(scheme->export_certificate, FALSE);
+
+	return (scheme->export_certificate)(filename, crt);
+}
+
 GByteArray *
 purple_certificate_get_fingerprint_sha1(PurpleCertificate *crt)
 {
--- a/libpurple/certificate.h	Thu Jun 28 23:55:14 2007 +0000
+++ b/libpurple/certificate.h	Fri Jun 29 04:23:39 2007 +0000
@@ -149,6 +149,16 @@
 	 */
 	PurpleCertificate * (* import_certificate)(const gchar * filename);
 
+	/**
+	 * Exports a certificate to a file
+	 *
+	 * @param filename    File to export the certificate to
+	 * @param crt         Certificate to export
+	 * @return TRUE if the export succeeded, otherwise FALSE
+	 * @see purple_certificate_export()
+	 */
+	gboolean (* export_certificate)(const gchar *filename, PurpleCertificate *crt);
+
 	/** Destroys and frees a Certificate structure
 	 *
 	 *  Destroys a Certificate's internal data structures and calls
@@ -355,6 +365,17 @@
 purple_certificate_destroy_list (GList * crt_list);
 
 /**
+ * Exports a PurpleCertificate to a file
+ *
+ * @param filename    File to export the certificate to
+ * @param crt         Certificate to export
+ * @return TRUE if the export succeeded, otherwise FALSE
+ */
+gboolean
+purple_certificate_export(const gchar *filename, PurpleCertificate *crt);
+
+
+/**
  * Retrieves the certificate public key fingerprint using SHA1.
  *
  * @param crt        Certificate instance
--- a/libpurple/plugins/ssl/ssl-gnutls.c	Thu Jun 28 23:55:14 2007 +0000
+++ b/libpurple/plugins/ssl/ssl-gnutls.c	Fri Jun 29 04:23:39 2007 +0000
@@ -484,6 +484,62 @@
 	return crt;
 }
 
+/**
+ * Exports a PEM-formatted X.509 certificate to the specified file.
+ * @param filename Filename to export to. Format will be PEM
+ * @param crt      Certificate to export
+ *
+ * @return TRUE if success, otherwise FALSE
+ */
+static gboolean
+x509_export_certificate(const gchar *filename, PurpleCertificate *crt)
+{
+	gnutls_x509_crt_t crt_dat; /* GnuTLS cert struct */
+	int ret;
+	gchar * out_buf; /* Data to output */
+	size_t out_size; /* Output size */
+	gboolean success = FALSE;
+
+	/* Paranoia paranoia paranoia! */
+	g_return_val_if_fail(filename, FALSE);
+	g_return_val_if_fail(crt, FALSE);
+	g_return_val_if_fail(crt->scheme == &x509_gnutls, FALSE);
+	g_return_val_if_fail(crt->data, FALSE);
+
+	crt_dat = *( (gnutls_x509_crt_t *) crt->data);
+
+	/* Obtain the output size required */
+	ret = gnutls_x509_crt_export(crt_dat, GNUTLS_X509_FMT_PEM,
+				     NULL, /* Provide no buffer yet */
+				     &out_size /* Put size here */
+		);
+	g_return_val_if_fail(ret == 0, FALSE);
+
+	/* Now allocate a buffer and *really* export it */
+	out_buf = g_new0(gchar, out_size);
+	ret = gnutls_x509_crt_export(crt_dat, GNUTLS_X509_FMT_PEM,
+				     out_buf, /* Export to our new buffer */
+				     &out_size /* Put size here */
+		);
+	if (ret != 0) {
+		purple_debug_error("gnutls/x509",
+				   "Failed to export cert to buffer with code %d\n",
+				   ret);
+		g_free(out_buf);
+		return FALSE;
+	}
+
+	/* Write it out to an actual file */
+	success = purple_util_write_data_to_file(filename,
+						 out_buf,
+						 out_size);
+
+	
+	g_free(out_buf);
+	g_return_val_if_fail(success, FALSE);
+	return success;
+}
+
 /** Frees a Certificate
  *
  *  Destroys a Certificate's internal data structures and frees the pointer
@@ -657,6 +713,7 @@
 	"x509",                          /* Scheme name */
 	N_("X.509 Certificates"),        /* User-visible scheme name */
 	x509_import_from_file,           /* Certificate import function */
+	x509_export_certificate,         /* Certificate export function */
 	x509_destroy_certificate,        /* Destroy cert */
 	x509_sha1sum,                    /* SHA1 fingerprint */
 	NULL,                            /* Subject */