ircd::net: Elaborate the peer_cert stack: add sha256; add b64 of sha256.

2024-06-02 10:08:56 +02:00 · 2018-05-10 20:57:59 -07:00 · 2018-05-10 20:57:59 -07:00 · 3e877ebad3
parent f160963c02
commit 3e877ebad3
2 changed files with 39 additions and 1 deletions
--- a/include/ircd/net/net.h
+++ b/include/ircd/net/net.h
@ -56,7 +56,10 @@ namespace ircd::net
 	ipport remote_ipport(const socket &) noexcept;
 	std::pair<size_t, size_t> bytes(const socket &) noexcept; // <in, out>
 	std::pair<size_t, size_t> calls(const socket &) noexcept; // <in, out>
+
 	const_buffer peer_cert_der(const mutable_buffer &, const socket &);
+	const_buffer peer_cert_der_sha256(const mutable_buffer &, const socket &);
+	string_view peer_cert_der_sha256_b64(const mutable_buffer &, const socket &);
 }

 // Exports to ircd::
--- a/ircd/net.cc
+++ b/ircd/net.cc
@ -67,12 +67,47 @@ ircd::net::log
 	"net", 'N'
 };

+ircd::string_view
+ircd::net::peer_cert_der_sha256_b64(const mutable_buffer &buf,
+                                    const socket &socket)
+{
+	thread_local char shabuf[sha256::digest_size];
+
+	const auto hash
+	{
+		peer_cert_der_sha256(shabuf, socket)
+	};
+
+	return b64encode_unpadded(buf, hash);
+}
+
+ircd::const_buffer
+ircd::net::peer_cert_der_sha256(const mutable_buffer &buf,
+                                const socket &socket)
+{
+	thread_local char derbuf[16384];
+
+	sha256
+	{
+		buf, peer_cert_der(derbuf, socket)
+	};
+
+	return
+	{
+		data(buf), sha256::digest_size
+	};
+}
+
 ircd::const_buffer
 ircd::net::peer_cert_der(const mutable_buffer &buf,
                         const socket &socket)
 {
 	const SSL &ssl(socket);
-	const X509 &cert{openssl::peer_cert(ssl)};
+	const X509 &cert
+	{
+		openssl::peer_cert(ssl)
+	};
+
 	return openssl::i2d(buf, cert);
 }