Skip to content

Commit

Permalink
Add sha256 fingerprint
Browse files Browse the repository at this point in the history
  • Loading branch information
@sbv-csis
sbv-csis committed Dec 15, 2022
1 parent c432b63 commit 6e1cc27
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 5 deletions.
8 changes: 5 additions & 3 deletions lib/easy_ssl.ex
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ defmodule EasySSL do
subjectKeyIdentifier: "E6:61:14:4E:5A:4B:51:0C:4E:6C:5E:3C:79:61:65:D4:BD:64:94:BE"
},
fingerprint: "FA:BE:B5:9B:ED:C2:2B:42:7E:B1:45:C8:9A:8A:73:16:4A:A0:10:09",
fingerprint_sha256: "FA:BE:B5:9B:ED:C2:2B:42:7E:B1:45:C8:9A:8A:73:16:4A:A0:10:09:DE:AD:BE:EF:CA:FE:BA:BE",
issuer: %{
C: "US",
CN: "Go Daddy Secure Certification Authority",
Expand Down Expand Up @@ -76,7 +77,8 @@ defmodule EasySSL do
cert = :public_key.pkix_decode_cert(certificate_der, :otp) |> get_field(:tbsCertificate)

serialized_certificate = %{}
|> Map.put(:fingerprint, certificate_der |> fingerprint_cert)
|> Map.put(:fingerprint, certificate_der |> fingerprint_cert(:sha))
|> Map.put(:fingerprint_sha256, certificate_der |> fingerprint_cert(:sha256))
|> Map.put(:serial_number, cert |> get_field(:serialNumber) |> Integer.to_string(16))
|> Map.put(:signature_algorithm, cert |> parse_signature_algo)
|> Map.put(:subject, cert |> parse_rdnsequence(:subject))
Expand Down Expand Up @@ -197,8 +199,8 @@ defmodule EasySSL do
elem(record, idx + 1)
end

defp fingerprint_cert(certificate) do
:crypto.hash(:sha, certificate)
defp fingerprint_cert(certificate, algorithm) do
:crypto.hash(algorithm, certificate)
|> Base.encode16
|> String.to_charlist
|> Enum.chunk_every(2, 2, :discard)
Expand Down
4 changes: 2 additions & 2 deletions test/easy_ssl_test.exs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,14 @@ defmodule EasySSLTest do
@pem_cert_dir "test/data/pem/"

def assert_has_normal_atom_keys(cert) do
keys = [:extensions, :fingerprint, :issuer, :not_after, :not_before, :serial_number, :signature_algorithm, :subject]
keys = [:extensions, :fingerprint, :fingerprint_256, :issuer, :not_after, :not_before, :serial_number, :signature_algorithm, :subject]
Enum.each(keys, fn key ->
assert Map.has_key?(cert, key)
end)
end

def assert_has_normal_string_keys(cert) do
keys = ["extensions", "fingerprint", "issuer", "not_after", "not_before", "serial_number", "signature_algorithm", "subject"]
keys = ["extensions", "fingerprint", "fingerprint_256", "issuer", "not_after", "not_before", "serial_number", "signature_algorithm", "subject"]
Enum.each(keys, fn key ->
assert Map.has_key?(cert, key)
end)
Expand Down

0 comments on commit 6e1cc27

Please sign in to comment.