File tree 2 files changed +18
-0
lines changed
2 files changed +18
-0
lines changed Original file line number Diff line number Diff line change @@ -371,6 +371,15 @@ EXP_FUNC void STDCALL ssl_display_error(int error_code);
371371 */
372372EXP_FUNC int STDCALL ssl_verify_cert (const SSL * ssl );
373373
374+ /**
375+ * @brief Check if certificate fingerprint (SHA1) matches the one given.
376+ *
377+ * @param ssl [in] An SSL object reference.
378+ * @param fp [in] SHA1 fingerprint to match against
379+ * @return SSL_OK if the certificate is verified.
380+ */
381+ EXP_FUNC int STDCALL ssl_match_fingerprint (const SSL * ssl , const uint8_t * fp );
382+
374383/**
375384 * @brief Retrieve an X.509 distinguished name component.
376385 *
Original file line number Diff line number Diff line change @@ -1887,6 +1887,15 @@ int process_certificate(SSL *ssl, X509_CTX **x509_ctx)
18871887 return ret ;
18881888}
18891889
1890+ EXP_FUNC int STDCALL ssl_match_fingerprint (const SSL * ssl , const uint8_t * fp )
1891+ {
1892+ uint8_t cert_fp [SHA1_SIZE ];
1893+ X509_CTX * x509 = ssl -> x509_ctx ;
1894+
1895+ bi_export (x509 -> rsa_ctx -> bi_ctx , x509 -> fingerprint , cert_fp , SHA1_SIZE );
1896+ return memcmp (cert_fp , fp , SHA1_SIZE );
1897+ }
1898+
18901899#endif /* CONFIG_SSL_CERT_VERIFICATION */
18911900
18921901/**
You can’t perform that action at this time.
0 commit comments