Mercurial > pidgin
changeset 18977:31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
- Add certificate export support to GnuTLS x509 scheme
author | William Ehlhardt <williamehlhardt@gmail.com> |
---|---|
date | Fri, 29 Jun 2007 04:23:39 +0000 |
parents | 22481079895a |
children | a421561f12d7 |
files | libpurple/certificate.c libpurple/certificate.h libpurple/plugins/ssl/ssl-gnutls.c |
diffstat | 3 files changed, 93 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/libpurple/certificate.c Thu Jun 28 23:55:14 2007 +0000 +++ b/libpurple/certificate.c Fri Jun 29 04:23:39 2007 +0000 @@ -125,6 +125,21 @@ g_list_free(crt_list); } +gboolean +purple_certificate_export(const gchar *filename, PurpleCertificate *crt) +{ + PurpleCertificateScheme *scheme; + + g_return_val_if_fail(filename, FALSE); + g_return_val_if_fail(crt, FALSE); + g_return_val_if_fail(crt->scheme, FALSE); + + scheme = crt->scheme; + g_return_val_if_fail(scheme->export_certificate, FALSE); + + return (scheme->export_certificate)(filename, crt); +} + GByteArray * purple_certificate_get_fingerprint_sha1(PurpleCertificate *crt) {
--- a/libpurple/certificate.h Thu Jun 28 23:55:14 2007 +0000 +++ b/libpurple/certificate.h Fri Jun 29 04:23:39 2007 +0000 @@ -149,6 +149,16 @@ */ PurpleCertificate * (* import_certificate)(const gchar * filename); + /** + * Exports a certificate to a file + * + * @param filename File to export the certificate to + * @param crt Certificate to export + * @return TRUE if the export succeeded, otherwise FALSE + * @see purple_certificate_export() + */ + gboolean (* export_certificate)(const gchar *filename, PurpleCertificate *crt); + /** Destroys and frees a Certificate structure * * Destroys a Certificate's internal data structures and calls @@ -355,6 +365,17 @@ purple_certificate_destroy_list (GList * crt_list); /** + * Exports a PurpleCertificate to a file + * + * @param filename File to export the certificate to + * @param crt Certificate to export + * @return TRUE if the export succeeded, otherwise FALSE + */ +gboolean +purple_certificate_export(const gchar *filename, PurpleCertificate *crt); + + +/** * Retrieves the certificate public key fingerprint using SHA1. * * @param crt Certificate instance
--- a/libpurple/plugins/ssl/ssl-gnutls.c Thu Jun 28 23:55:14 2007 +0000 +++ b/libpurple/plugins/ssl/ssl-gnutls.c Fri Jun 29 04:23:39 2007 +0000 @@ -484,6 +484,62 @@ return crt; } +/** + * Exports a PEM-formatted X.509 certificate to the specified file. + * @param filename Filename to export to. Format will be PEM + * @param crt Certificate to export + * + * @return TRUE if success, otherwise FALSE + */ +static gboolean +x509_export_certificate(const gchar *filename, PurpleCertificate *crt) +{ + gnutls_x509_crt_t crt_dat; /* GnuTLS cert struct */ + int ret; + gchar * out_buf; /* Data to output */ + size_t out_size; /* Output size */ + gboolean success = FALSE; + + /* Paranoia paranoia paranoia! */ + g_return_val_if_fail(filename, FALSE); + g_return_val_if_fail(crt, FALSE); + g_return_val_if_fail(crt->scheme == &x509_gnutls, FALSE); + g_return_val_if_fail(crt->data, FALSE); + + crt_dat = *( (gnutls_x509_crt_t *) crt->data); + + /* Obtain the output size required */ + ret = gnutls_x509_crt_export(crt_dat, GNUTLS_X509_FMT_PEM, + NULL, /* Provide no buffer yet */ + &out_size /* Put size here */ + ); + g_return_val_if_fail(ret == 0, FALSE); + + /* Now allocate a buffer and *really* export it */ + out_buf = g_new0(gchar, out_size); + ret = gnutls_x509_crt_export(crt_dat, GNUTLS_X509_FMT_PEM, + out_buf, /* Export to our new buffer */ + &out_size /* Put size here */ + ); + if (ret != 0) { + purple_debug_error("gnutls/x509", + "Failed to export cert to buffer with code %d\n", + ret); + g_free(out_buf); + return FALSE; + } + + /* Write it out to an actual file */ + success = purple_util_write_data_to_file(filename, + out_buf, + out_size); + + + g_free(out_buf); + g_return_val_if_fail(success, FALSE); + return success; +} + /** Frees a Certificate * * Destroys a Certificate's internal data structures and frees the pointer @@ -657,6 +713,7 @@ "x509", /* Scheme name */ N_("X.509 Certificates"), /* User-visible scheme name */ x509_import_from_file, /* Certificate import function */ + x509_export_certificate, /* Certificate export function */ x509_destroy_certificate, /* Destroy cert */ x509_sha1sum, /* SHA1 fingerprint */ NULL, /* Subject */