Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 0de2850

Browse filesBrowse files
3nprobtargos
3nprob
authored and
targos
committed
src: add x509.fingerprint512 to crypto module
PR-URL: #39809 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
1 parent 924d29e commit 0de2850
Copy full SHA for 0de2850

File tree

Expand file treeCollapse file tree

9 files changed

+65
-0
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

9 files changed

+65
-0
lines changed
Open diff view settings
Collapse file

‎doc/api/crypto.md‎

Copy file name to clipboardExpand all lines: doc/api/crypto.md
+9Lines changed: 9 additions & 0 deletions
  • Display the source diff
  • Display the rich diff
Original file line numberDiff line numberDiff line change
@@ -2564,6 +2564,15 @@ added: v15.6.0
25642564

25652565
The SHA-256 fingerprint of this certificate.
25662566

2567+
### `x509.fingerprint512`
2568+
<!-- YAML
2569+
added: REPLACEME
2570+
-->
2571+
2572+
* Type: {string}
2573+
2574+
The SHA-512 fingerprint of this certificate.
2575+
25672576
### `x509.infoAccess`
25682577

25692578
<!-- YAML
Collapse file

‎doc/api/tls.md‎

Copy file name to clipboardExpand all lines: doc/api/tls.md
+7Lines changed: 7 additions & 0 deletions
  • Display the source diff
  • Display the rich diff
Original file line numberDiff line numberDiff line change
@@ -1133,6 +1133,9 @@ certificate.
11331133

11341134
<!-- YAML
11351135
changes:
1136+
- version: REPLACEME
1137+
pr-url: https://github.com/nodejs/node/pull/39809
1138+
description: Add fingerprint512.
11361139
- version: v11.4.0
11371140
pr-url: https://github.com/nodejs/node/pull/24358
11381141
description: Support Elliptic Curve public key info.
@@ -1158,6 +1161,9 @@ certificate.
11581161
* `fingerprint256` {string} The SHA-256 digest of the DER encoded certificate.
11591162
It is returned as a `:` separated hexadecimal string. Example:
11601163
`'2A:7A:C2:DD:...'`.
1164+
* `fingerprint512` {string} The SHA-512 digest of the DER encoded certificate.
1165+
It is returned as a `:` separated hexadecimal string. Example:
1166+
`'2A:7A:C2:DD:...'`.
11611167
* `ext_key_usage` {Array} (Optional) The extended key usage, a set of OIDs.
11621168
* `subjectaltname` {string} (Optional) A string containing concatenated names
11631169
for the subject, an alternative to the `subject` names.
@@ -1216,6 +1222,7 @@ Example certificate:
12161222
valid_to: 'Nov 20 23:59:59 2019 GMT',
12171223
fingerprint: '01:02:59:D9:C3:D2:0D:08:F7:82:4E:44:A4:B4:53:C5:E2:3A:87:4D',
12181224
fingerprint256: '69:AE:1A:6A:D4:3D:C6:C1:1B:EA:C6:23:DE:BA:2A:14:62:62:93:5C:7A:EA:06:41:9B:0B:BC:87:CE:48:4E:02',
1225+
fingerprint512: '19:2B:3E:C3:B3:5B:32:E8:AE:BB:78:97:27:E4:BA:6C:39:C9:92:79:4F:31:46:39:E2:70:E5:5F:89:42:17:C9:E8:64:CA:FF:BB:72:56:73:6E:28:8A:92:7E:A3:2A:15:8B:C2:E0:45:CA:C3:BC:EA:40:52:EC:CA:A2:68:CB:32',
12191226
ext_key_usage: [ '1.3.6.1.5.5.7.3.1', '1.3.6.1.5.5.7.3.2' ],
12201227
serialNumber: '66593D57F20CBC573E433381B5FEC280',
12211228
raw: <Buffer ... > }
Collapse file

‎lib/internal/crypto/x509.js‎

Copy file name to clipboardExpand all lines: lib/internal/crypto/x509.js
+10Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -133,6 +133,7 @@ class X509Certificate extends JSTransferable {
133133
validTo: this.validTo,
134134
fingerprint: this.fingerprint,
135135
fingerprint256: this.fingerprint256,
136+
fingerprint512: this.fingerprint512,
136137
keyUsage: this.keyUsage,
137138
serialNumber: this.serialNumber,
138139
}, opts)}`;
@@ -233,6 +234,15 @@ class X509Certificate extends JSTransferable {
233234
return value;
234235
}
235236

237+
get fingerprint512() {
238+
let value = this[kInternalState].get('fingerprint512');
239+
if (value === undefined) {
240+
value = this[kHandle].fingerprint512();
241+
this[kInternalState].set('fingerprint512', value);
242+
}
243+
return value;
244+
}
245+
236246
get keyUsage() {
237247
let value = this[kInternalState].get('keyUsage');
238248
if (value === undefined) {
Collapse file

‎src/crypto/crypto_common.cc‎

Copy file name to clipboardExpand all lines: src/crypto/crypto_common.cc
+4Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1103,6 +1103,10 @@ MaybeLocal<Object> X509ToObject(Environment* env, X509* cert) {
11031103
info,
11041104
env->fingerprint256_string(),
11051105
GetFingerprintDigest(env, EVP_sha256(), cert)) ||
1106+
!Set<Value>(context,
1107+
info,
1108+
env->fingerprint512_string(),
1109+
GetFingerprintDigest(env, EVP_sha512(), cert)) ||
11061110
!Set<Value>(context,
11071111
info,
11081112
env->ext_key_usage_string(),
Collapse file

‎src/crypto/crypto_x509.cc‎

Copy file name to clipboardExpand all lines: src/crypto/crypto_x509.cc
+10Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -68,6 +68,7 @@ Local<FunctionTemplate> X509Certificate::GetConstructorTemplate(
6868
env->SetProtoMethod(tmpl, "validFrom", ValidFrom);
6969
env->SetProtoMethod(tmpl, "fingerprint", Fingerprint);
7070
env->SetProtoMethod(tmpl, "fingerprint256", Fingerprint256);
71+
env->SetProtoMethod(tmpl, "fingerprint512", Fingerprint512);
7172
env->SetProtoMethod(tmpl, "keyUsage", KeyUsage);
7273
env->SetProtoMethod(tmpl, "serialNumber", SerialNumber);
7374
env->SetProtoMethod(tmpl, "pem", Pem);
@@ -268,6 +269,15 @@ void X509Certificate::Fingerprint256(const FunctionCallbackInfo<Value>& args) {
268269
args.GetReturnValue().Set(ret);
269270
}
270271

272+
void X509Certificate::Fingerprint512(const FunctionCallbackInfo<Value>& args) {
273+
Environment* env = Environment::GetCurrent(args);
274+
X509Certificate* cert;
275+
ASSIGN_OR_RETURN_UNWRAP(&cert, args.Holder());
276+
Local<Value> ret;
277+
if (GetFingerprintDigest(env, EVP_sha512(), cert->get()).ToLocal(&ret))
278+
args.GetReturnValue().Set(ret);
279+
}
280+
271281
void X509Certificate::KeyUsage(const FunctionCallbackInfo<Value>& args) {
272282
Environment* env = Environment::GetCurrent(args);
273283
X509Certificate* cert;
Collapse file

‎src/crypto/crypto_x509.h‎

Copy file name to clipboardExpand all lines: src/crypto/crypto_x509.h
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -81,6 +81,7 @@ class X509Certificate : public BaseObject {
8181
static void ValidTo(const v8::FunctionCallbackInfo<v8::Value>& args);
8282
static void Fingerprint(const v8::FunctionCallbackInfo<v8::Value>& args);
8383
static void Fingerprint256(const v8::FunctionCallbackInfo<v8::Value>& args);
84+
static void Fingerprint512(const v8::FunctionCallbackInfo<v8::Value>& args);
8485
static void KeyUsage(const v8::FunctionCallbackInfo<v8::Value>& args);
8586
static void SerialNumber(const v8::FunctionCallbackInfo<v8::Value>& args);
8687
static void Raw(const v8::FunctionCallbackInfo<v8::Value>& args);
Collapse file

‎src/env.h‎

Copy file name to clipboardExpand all lines: src/env.h
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -256,6 +256,7 @@ constexpr size_t kFsStatsBufferLength =
256256
V(file_string, "file") \
257257
V(filename_string, "filename") \
258258
V(fingerprint256_string, "fingerprint256") \
259+
V(fingerprint512_string, "fingerprint512") \
259260
V(fingerprint_string, "fingerprint") \
260261
V(flags_string, "flags") \
261262
V(flowlabel_string, "flowlabel") \
Collapse file

‎test/parallel/test-crypto-x509.js‎

Copy file name to clipboardExpand all lines: test/parallel/test-crypto-x509.js
+11Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -103,6 +103,12 @@ const der = Buffer.from(
103103
'B0:BE:46:49:B8:29:63:E0:6F:63:C8:8A:57:9C:3F:9B:72:C6:F5:89:E3:0D:' +
104104
'84:AC:5B:08:9A:20:89:B6:8F:D6'
105105
);
106+
assert.strictEqual(
107+
x509.fingerprint512,
108+
'D0:05:01:82:2C:D8:09:BE:27:94:E7:83:F1:88:BC:7A:8B:D0:39:97:54:B6:' +
109+
'D0:B4:46:5B:DE:13:5B:68:86:B6:F2:A8:95:22:D5:6E:8B:35:DA:89:29:CA:' +
110+
'A3:06:C5:CE:43:C1:7F:2D:7E:5F:44:A5:EE:A3:CB:97:05:A3:E3:68'
111+
);
106112
assert.strictEqual(x509.keyUsage, undefined);
107113
assert.strictEqual(x509.serialNumber, 'ECC9B856270DA9A8');
108114

@@ -226,6 +232,11 @@ const der = Buffer.from(
226232
fingerprint256:
227233
'B0:BE:46:49:B8:29:63:E0:6F:63:C8:8A:57:9C:3F:9B:72:' +
228234
'C6:F5:89:E3:0D:84:AC:5B:08:9A:20:89:B6:8F:D6',
235+
fingerprint512:
236+
'D0:05:01:82:2C:D8:09:BE:27:94:E7:83:F1:88:BC:7A:8B:' +
237+
'D0:39:97:54:B6:D0:B4:46:5B:DE:13:5B:68:86:B6:F2:A8:' +
238+
'95:22:D5:6E:8B:35:DA:89:29:CA:A3:06:C5:CE:43:C1:7F:' +
239+
'2D:7E:5F:44:A5:EE:A3:CB:97:05:A3:E3:68',
229240
serialNumber: 'ECC9B856270DA9A8'
230241
};
231242

Collapse file

‎test/parallel/test-tls-peer-certificate.js‎

Copy file name to clipboardExpand all lines: test/parallel/test-tls-peer-certificate.js
+12Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -69,6 +69,12 @@ connect({
6969
'B0:BE:46:49:B8:29:63:E0:6F:63:C8:8A:57:9C:3F:9B:72:C6:F5:89:E3:0D:84:AC:' +
7070
'5B:08:9A:20:89:B6:8F:D6'
7171
);
72+
assert.strictEqual(
73+
peerCert.fingerprint512,
74+
'D0:05:01:82:2C:D8:09:BE:27:94:E7:83:F1:88:BC:7A:8B:D0:39:97:54:B6:' +
75+
'D0:B4:46:5B:DE:13:5B:68:86:B6:F2:A8:95:22:D5:6E:8B:35:DA:89:29:CA:' +
76+
'A3:06:C5:CE:43:C1:7F:2D:7E:5F:44:A5:EE:A3:CB:97:05:A3:E3:68'
77+
);
7278

7379
// SHA256 fingerprint of the public key
7480
assert.strictEqual(
@@ -119,6 +125,12 @@ connect({
119125
'AB:08:3C:40:C7:07:D7:D1:79:32:92:3B:96:52:D0:38:4C:22:ED:CD:23:51:D0:A1:' +
120126
'67:AA:33:A0:D5:26:5C:41'
121127
);
128+
assert.strictEqual(
129+
peerCert.fingerprint512,
130+
'52:F4:86:64:69:0F:94:6F:78:DE:17:7A:5C:92:CA:0F:05:2E:6A:EE:4A:FF:8B:39:' +
131+
'D6:5E:7A:B8:08:77:B3:80:FC:40:A1:F4:58:CC:7A:DF:BB:3D:38:F9:02:77:50:2B:' +
132+
'9A:0B:FB:79:B4:BD:E9:F5:9C:44:C8:5D:D5:F0:E2:BC'
133+
);
122134

123135
assert.strictEqual(
124136
sha256(peerCert.pubkey).digest('hex'),

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.