我正在编写一个接受SSL连接并计算客户端证书的SHA-1哈希值的Web服务器:
import OpenSSL (withOpenSSL)
import OpenSSL.Session as SSL
import OpenSSL.X509 as X509
import OpenSSL.EVP.Digest as EVP
sslStuff :: SSL.SSL -> IO String
sslStuff ssl = withOpenSSL $ do
x509 <- liftM fromJust $ SSL.getPeerCertificate ssl
issuer <- X509.getIssuerName x509 False
subj <- X509.getSubjectName x509 False
putStrLn $ "\tsubject: " ++show subj
putStrLn $ "\tissuer: " ++show issuer
dg <- liftM fromJust $ EVP.getDigestByName "SHA1"
cert <- X509.printX509 x509
putStrLn cert
let s = EVP.digest dg cert
putStrLn $ "After Digest: "++s
return s
我成功获得了证书,但摘要只有15个字节而不是20个字节。 在将它传递给EVP.digest之前,我不确定我是否正确地将证书转换为字符串。 有谁能给我一个如何以正确的方式做到这一点的例子?
答案 0 :(得分:1)
我不知道Haskell。但是下面的代码可能对你有帮助。
X509 * x509;
char sha1dig[SHA1_DIGEST_LENGTH];
/*Get X509 certificate in x509*/
//Call X509_check_purpose to set SHA1 hash.
X509_check_purpose (x509, -1, 0);
//Get the SHA1 hash into buffer. Use x509->sha1_hash
memcpy(sha1dig, x509->sha1_hash, SHA1_DIGEST_LENGTH);
我相信我的评论会帮助您将此程序转换为Haskell。