lib/libtls/tls_peer.c

   1 /* $OpenBSD: tls_peer.c,v 1.6 2016/08/22 17:08:10 jsing Exp $ */
   2 /*
   3  * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
   4  * Copyright (c) 2015 Bob Beck <beck@openbsd.org>
   5  *
   6  * Permission to use, copy, modify, and distribute this software for any
   7  * purpose with or without fee is hereby granted, provided that the above
   8  * copyright notice and this permission notice appear in all copies.
   9  *
  10  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  11  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  12  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  13  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  14  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  15  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  16  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  17  */
  18
  19 #include <stdio.h>
  20
  21 #include <openssl/x509.h>
  22
  23 #include <tls.h>
  24 #include "tls_internal.h"
  25
  26 const char *
  27 tls_peer_cert_hash(struct tls *ctx)
  28 {
  29         if (ctx->conninfo == NULL)
  30                 return (NULL);
  31         return (ctx->conninfo->hash);
  32 }
  33 const char *
  34 tls_peer_cert_issuer(struct tls *ctx)
  35 {
  36         if (ctx->conninfo == NULL)
  37                 return (NULL);
  38         return (ctx->conninfo->issuer);
  39 }
  40
  41 const char *
  42 tls_peer_cert_subject(struct tls *ctx)
  43 {
  44         if (ctx->conninfo == NULL)
  45                 return (NULL);
  46         return (ctx->conninfo->subject);
  47 }
  48
  49 int
  50 tls_peer_cert_provided(struct tls *ctx)
  51 {
  52         return (ctx->ssl_peer_cert != NULL);
  53 }
  54
  55 int
  56 tls_peer_cert_contains_name(struct tls *ctx, const char *name)
  57 {
  58         if (ctx->ssl_peer_cert == NULL)
  59                 return (0);
  60
  61         return (tls_check_name(ctx, ctx->ssl_peer_cert, name) == 0);
  62 }
  63
  64 time_t
  65 tls_peer_cert_notbefore(struct tls *ctx)
  66 {
  67         if (ctx->ssl_peer_cert == NULL)
  68                 return (-1);
  69         if (ctx->conninfo == NULL)
  70                 return (-1);
  71         return (ctx->conninfo->notbefore);
  72 }
  73
  74 time_t
  75 tls_peer_cert_notafter(struct tls *ctx)
  76 {
  77         if (ctx->ssl_peer_cert == NULL)
  78                 return (-1);
  79         if (ctx->conninfo == NULL)
  80                 return (-1);
  81         return (ctx->conninfo->notafter);
  82 }
  83