From e5e25e55f8da2b4d2bad584f2145ca0ff6b3a92a Mon Sep 17 00:00:00 2001 From: Bill Thorsteinson Date: Thu, 30 Oct 2014 22:26:47 -0400 Subject: [PATCH] Apply changes --- CERT.pm | 1 + GUI.pm | 13 +++++++------ GUI/WORDS.pm | 1 + GUI/X509_infobox.pm | 9 +++++++++ OpenSSL.pm | 17 +++++++++++++++++ REQ.pm | 4 +++- 6 files changed, 38 insertions(+), 7 deletions(-) diff --git a/CERT.pm b/CERT.pm index 0bd4267..a51fa48 100644 --- a/CERT.pm +++ b/CERT.pm @@ -480,6 +480,7 @@ sub export_cert { $out = ''; $out .= "Fingerprint (MD5): $opts->{'parsed'}->{'FINGERPRINTMD5'}\n"; $out .= "Fingerprint (SHA1): $opts->{'parsed'}->{'FINGERPRINTSHA1'}\n\n"; + $out .= "Fingerprint (SHA256): $opts->{'parsed'}->{'FINGERPRINTSHA256'}\n\n"; } else { $out = ''; } diff --git a/GUI.pm b/GUI.pm index bd98543..27847e2 100644 --- a/GUI.pm +++ b/GUI.pm @@ -29,14 +29,15 @@ my $true=1; # This hash maps our internal MD names to the displayed digest names. # Maybe it should live in a crypto-related file instead of a UI-related file? my %md_algorithms = ( - 'md5' => 'MD5', - 'sha1' => 'SHA1', - 'md2' => 'MD2', - 'mdc2' => 'MDC2', - 'md4' => 'MD4', + 'md5' => 'ins.MD5', +# duplicate 'sha1' => 'SHA1', +# n/a 'md2' => 'MD2', +# n/a 'mdc2' => 'MDC2', + 'md4' => 'ins.MD4', 'ripemd160' => 'RIPEMD-160', # 'sha' => 'SHA', 'sha1' => 'SHA-1', + 'sha256' => 'SHA256', ); my %bit_lengths = ( @@ -1060,7 +1061,7 @@ sub create_detail_tree { $piter = $store->append($root); $store->set($piter, 0 => $t); - for my $l (qw(FINGERPRINTMD5 FINGERPRINTSHA1)) { + for my $l (qw(FINGERPRINTMD5 FINGERPRINTSHA1 FINGERPRINTSHA256)) { if(defined($parsed->{$l})) { $citer = $store->append($piter); $store->set($citer, diff --git a/GUI/WORDS.pm b/GUI/WORDS.pm index efd64d6..cdd67d5 100644 --- a/GUI/WORDS.pm +++ b/GUI/WORDS.pm @@ -70,6 +70,7 @@ sub new { 'STATUS' => _("Status"), 'FINGERPRINTMD5' => _("Fingerprint (MD5)"), 'FINGERPRINTSHA1' => _("Fingerprint (SHA1)"), + 'FINGERPRINTSHA256' => _("Fingerprint (SHA256)"), _("Not set") => 'none', _("Ask User") => 'user', _("critical") => 'critical', diff --git a/GUI/X509_infobox.pm b/GUI/X509_infobox.pm index 97f6280..6543f28 100644 --- a/GUI/X509_infobox.pm +++ b/GUI/X509_infobox.pm @@ -90,6 +90,15 @@ sub display { 'center', 0, 0); $self->{'x509textbox'}->pack_start($self->{'certfingerprintsha1'}, 0, 0, 0); + + if(defined($self->{'certfingerprintsha256'})) { + $self->{'certfingerprintsha256'}->destroy(); + } + $self->{'certfingerprintsha256'} = GUI::HELPERS::create_label( + _("Fingerprint (SHA256)").": ".$parsed->{'FINGERPRINTSHA256'}, + 'center', 0, 0); + $self->{'x509textbox'}->pack_start($self->{'certfingerprintsha256'}, + 0, 0, 0); } if (($mode eq 'cert') || ($mode eq 'cacert')) { diff --git a/OpenSSL.pm b/OpenSSL.pm index 0645bda..1775dad 100644 --- a/OpenSSL.pm +++ b/OpenSSL.pm @@ -674,6 +674,23 @@ sub parsecert { GUI::HELPERS::print_warning($t, $ext); } + $cmd = "$self->{'bin'} x509 -noout -fingerprint -sha256 -in $file"; + $ext = "$cmd\n\n"; + $pid = open3($wtfh, $rdfh, $rdfh, $cmd); + while(<$rdfh>){ + $ext .= $_; + ($k, $v) = split(/=/); + $tmp->{'FINGERPRINTSHA256'} = $v if($k =~ /SHA256 Fingerprint/i); + chomp($tmp->{'FINGERPRINTSHA256'}); + } + waitpid($pid, 0); + $ret = $? >> 8; + + if($ret) { + $t = _("Error reading fingerprint from Certificate"); + GUI::HELPERS::print_warning($t, $ext); + } + # get subject in openssl format $cmd = "$self->{'bin'} x509 -noout -subject -in $file"; $ext = "$cmd\n\n"; diff --git a/REQ.pm b/REQ.pm index a3b6138..7dc60ae 100644 --- a/REQ.pm +++ b/REQ.pm @@ -59,7 +59,7 @@ sub get_req_create { GUI::HELPERS::print_error($t); } $opts->{'bits'} = 4096; - $opts->{'digest'} = 'sha1'; + $opts->{'digest'} = 'sha256'; $opts->{'algo'} = 'rsa'; if(defined($opts) && $opts eq "sign") { $opts->{'sign'} = 1; @@ -426,6 +426,8 @@ sub get_sign_req { $opts->{'digest'} = "md5"; } elsif ($opts->{'digest'} =~ /^sha1/) { $opts->{'digest'} = "sha1"; + } elsif ($opts->{'digest'} =~ /^sha256/) { + $opts->{'digest'} = "sha256"; } elsif ($opts->{'digest'} =~ /^ripemd160/) { $opts->{'digest'} = "ripemd160"; } else { -- 1.9.1