Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
vtls: Change designator name for server's pubkey hash
- Change the designator name we use to show the base64 encoded sha256
hash of the server's public key from 'pinnedpubkey' to
'public key hash'.

Though the server's public key hash is only shown when comparing pinned
public key hashes, the server's hash may not match one of the pinned.
  • Loading branch information
jay committed Sep 20, 2015
1 parent f65e07c commit 47b7d65
Showing 1 changed file with 3 additions and 5 deletions.
8 changes: 3 additions & 5 deletions lib/vtls/vtls.c
Expand Up @@ -797,17 +797,15 @@ CURLcode Curl_pin_peer_pubkey(struct SessionHandle *data,
return CURLE_OUT_OF_MEMORY;
curlssl_sha256sum(pubkey, pubkeylen,
sha256sumdigest, SHA256_DIGEST_LENGTH);

encode = Curl_base64_encode(data, (char *)sha256sumdigest,
SHA256_DIGEST_LENGTH, &encoded, &encodedlen);
Curl_safefree(sha256sumdigest);

if(!encode) {
infof(data, "\t pinnedpubkey: sha256//%s\n", encoded);
}
else
if(encode)
return encode;

infof(data, "\t public key hash: sha256//%s\n", encoded);

/* it starts with sha256//, copy so we can modify it */
pinkeylen = strlen(pinnedpubkey) + 1;
pinkeycopy = malloc(pinkeylen);
Expand Down

0 comments on commit 47b7d65

Please sign in to comment.