Mercurial > pidgin

changeset 18953:89b32569890c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
- Add purple_certificate_get_fingerprint_sha1 - Add x509_singleuse Verifier
author William Ehlhardt <williamehlhardt@gmail.com>
date Tue, 26 Jun 2007 23:43:41 +0000
parents 974d110cf7b1
children d07258902ff3
files libpurple/certificate.c libpurple/certificate.h
diffstat 2 files changed, 114 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/libpurple/certificate.c	Tue Jun 26 21:59:09 2007 +0000
+++ b/libpurple/certificate.c	Tue Jun 26 23:43:41 2007 +0000
@@ -30,6 +30,9 @@
 
 #include "certificate.h"
 #include "debug.h"
+#include "internal.h"
+#include "request.h"
+#include "util.h"
 
 /** List holding pointers to all registered certificate schemes */
 static GList *cert_schemes = NULL;
@@ -119,13 +122,111 @@
 
 	g_list_free(crt_list);
 }
+
+GByteArray *
+purple_certificate_get_fingerprint_sha1(PurpleCertificate *crt)
+{
+	PurpleCertificateScheme *scheme;
+	GByteArray *fpr;
+
+	g_return_val_if_fail(crt, NULL);
+	g_return_val_if_fail(crt->scheme, NULL);
+
+	scheme = crt->scheme;
+	
+	g_return_val_if_fail(scheme->get_fingerprint_sha1, NULL);
+
+	fpr = (scheme->get_fingerprint_sha1)(crt);
+
+	return fpr;
+}
+
+/****************************************************************************/
+/* Builtin Verifiers, Pools, etc.                                           */
+/****************************************************************************/
+
+static void
+x509_singleuse_verify_cb (PurpleCertificateVerificationRequest *vrq, gint id)
+{
+	g_return_if_fail(vrq);
+
+	purple_debug_info("certificate/x509_singleuse",
+			  "VRQ on cert from %s gave %d\n",
+			  vrq->subject_name, id);
+
+	/* Signal what happened back to the caller */
+	if (1 == id) {		
+		/* Accepted! */
+		(vrq->cb)(PURPLE_CERTIFICATE_VALID, vrq->cb_data);
+	} else {
+		/* Not accepted */
+		(vrq->cb)(PURPLE_CERTIFICATE_INVALID, vrq->cb_data);
+	}
+
+	/* Now clean up the request */
+	purple_certificate_verify_destroy(vrq);
+}
+
+static void
+x509_singleuse_start_verify (PurpleCertificateVerificationRequest *vrq)
+{
+	gchar *sha_asc;
+	GByteArray *sha_bin;
+	gchar *primary, *secondary;
+	PurpleCertificate *crt = (PurpleCertificate *) vrq->cert_chain->data;
+
+	/* Pull out the SHA1 checksum */
+	sha_bin = purple_certificate_get_fingerprint_sha1(crt);
+	/* Now decode it for display */
+	sha_asc = purple_base16_encode_chunked(sha_bin->data,
+					       sha_bin->len);
+
+	/* Make messages */
+	primary = g_strdup_printf(_("%s has presented the following certificate for just-this-once use:"), vrq->subject_name);
+	secondary = g_strdup_printf(_("Fingerprint (SHA1): %s"), sha_asc);
+	
+	/* Make a semi-pretty display */
+	purple_request_accept_cancel(
+		vrq->cb_data, /* TODO: Find what the handle ought to be */
+		_("Single-use Certificate Verification"),
+		primary,
+		secondary,
+		1,            /* Accept by default */
+		NULL,         /* No account */
+		NULL,         /* No other user */
+		NULL,         /* No associated conversation */
+		vrq,
+		x509_singleuse_verify_cb,
+		x509_singleuse_verify_cb );
+	
+	/* Cleanup */
+	g_free(primary);
+	g_free(secondary);
+	g_free(sha_asc);
+	g_byte_array_free(sha_bin, TRUE);
+}
+
+static void
+x509_singleuse_destroy_request (PurpleCertificateVerificationRequest *vrq)
+{
+	/* I don't do anything! */
+}
+
+PurpleCertificateVerifier x509_singleuse = {
+	"x509",                         /* Scheme name */
+	"singleuse",                    /* Verifier name */
+	x509_singleuse_start_verify,    /* start_verification function */
+	x509_singleuse_destroy_request  /* Request cleanup operation */
+};
+
+
 /****************************************************************************/
 /* Subsystem                                                                */
 /****************************************************************************/
 void
 purple_certificate_register_builtins(void)
 {
-
+	purple_certificate_register_verifier(&x509_singleuse);
 }
 
 PurpleCertificateScheme *
--- a/libpurple/certificate.h	Tue Jun 26 21:59:09 2007 +0000
+++ b/libpurple/certificate.h	Tue Jun 26 23:43:41 2007 +0000
@@ -53,7 +53,7 @@
  * @param userdata User-defined data
  */
 typedef void (*PurpleCertificateVerifiedCallback)
-		(PurpleCertificateVerificationStatus,
+		(PurpleCertificateVerificationStatus st,
 		 gpointer userdata);
 							  
 /** A certificate instance
@@ -295,6 +295,17 @@
 void
 purple_certificate_destroy_list (GList * crt_list);
 
+/**
+ * Retrieves the certificate public key fingerprint using SHA1.
+ *
+ * @param crt        Certificate instance
+ * @return Binary representation of the hash. You are responsible for free()ing
+ *         this.
+ * @see purple_base16_encode_chunked()
+ */
+GByteArray *
+purple_certificate_get_fingerprint_sha1(PurpleCertificate *crt);
+
 /*@}*/
 
 /*****************************************************************************/