Signed-off-by: Michael Brown <mcb30@ipxe.org>

10 years ago · d90490578d
--- a/src/crypto/x509.c
+++ b/src/crypto/x509.c
 
															
															 #include <errno.h>
														
 
															
															 #include <assert.h>
														
 
															
															 #include <ipxe/list.h>
														
 
															
															+#include <ipxe/base16.h>
														
 
															
															 #include <ipxe/asn1.h>
														
 
															
															 #include <ipxe/crypto.h>
														
 
															
															 #include <ipxe/md5.h>
														
 
															
															  */
														
 
															
															 const char * x509_name ( struct x509_certificate *cert ) {
														
 
															
															 	struct asn1_cursor *common_name = &cert->subject.common_name;
														
 
															
															+	struct digest_algorithm *digest = &sha1_algorithm;
														
 
															
															 	static char buf[64];
														
 
															
															+	uint8_t fingerprint[ digest->digestsize ];
														
 
															
															 	size_t len;
														
 
															
															 	len = common_name->len;
														
 
															
															-	if ( len > ( sizeof ( buf ) - 1 /* NUL */ ) )
														
 
															
															-		len = ( sizeof ( buf ) - 1 /* NUL */ );
														
 
															
															-	memcpy ( buf, common_name->data, len );
														
 
															
															-	buf[len] = '\0';
														
 
															
															+	if ( len ) {
														
 
															
															+		/* Certificate has a commonName: use that */
														
 
															
															+		if ( len > ( sizeof ( buf ) - 1 /* NUL */ ) )
														
 
															
															+			len = ( sizeof ( buf ) - 1 /* NUL */ );
														
 
															
															+		memcpy ( buf, common_name->data, len );
														
 
															
															+		buf[len] = '\0';
														
 
															
															+	} else {
														
 
															
															+		/* Certificate has no commonName: use SHA-1 fingerprint */
														
 
															
															+		x509_fingerprint ( cert, digest, fingerprint );
														
 
															
															+		base16_encode ( fingerprint, sizeof ( fingerprint ), buf );
														
 
															
															+	}
														
 
															
															 	return buf;
														
 
															
															 }