/* Get information from peer certificate */ int get_peer_cert_info(ssl_context *context, char *subject_dn, char *issuer_dn, char *serial_nr, int length) { if (ssl_has_peer_cert(context) == false) { return -1; } /* Subject DN */ if (x509parse_dn_gets(subject_dn, length, &(context->session->peer_cert->subject)) == -1) { return -1; } subject_dn[length - 1] = '\0'; /* Issuer DN */ if (x509parse_dn_gets(issuer_dn, length, &(context->session->peer_cert->issuer)) == -1) { return -1; } issuer_dn[length - 1] = '\0'; /* Serial number */ if (x509parse_serial_gets(serial_nr, length, &(context->session->peer_cert->serial)) == -1) { return -1; } serial_nr[length - 1] = '\0'; return 0; }
ngx_int_t ngx_ssl_get_serial_number(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) { const x509_cert *cert; int len; cert = ssl_get_peer_cert(c->ssl->connection); if (cert == NULL) { return NGX_OK; } len = cert->serial.len * 3 + 1; s->data = ngx_palloc(pool, len); if (s->data == NULL) { return NGX_ERROR; } len = x509parse_serial_gets((char *) s->data, len - 1, &cert->serial); if (len < 0) { return NGX_ERROR; } s->len = len; return NGX_OK; }
char * x509_get_serial (x509_cert *cert, struct gc_arena *gc) { int ret = 0; int i = 0; char *buf = NULL; size_t len = cert->serial.len * 3 + 1; buf = gc_malloc(len, true, gc); if(x509parse_serial_gets(buf, len-1, &cert->serial) < 0) buf = NULL; return buf; }