void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-07 13:03:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add CRL fields to Go shadow of Certificate.

Browse source
This commit is contained in:
Adam Ierymenko 2020-07-23 15:05:12 -07:00
parent 189dea7c96
commit 0f04b5afc7
No known key found for this signature in database
GPG key ID: C8877CF2D7A5D7F3
2 changed files with 24 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
cmd/zerotier/cli/help.go
View file

@ -76,9 +76,9 @@ Commands:
sign <identity> <file> Sign a file with an identity's key sign <identity> <file> Sign a file with an identity's key
verify <identity> <file> <sig> Verify a signature verify <identity> <file> <sig> Verify a signature
cert <command> [args] - Certificate commands cert <command> [args] - Certificate commands
newid Create a new unique subject ID newsubject <subject> <secret> Create a new subject and secret
newcsr <subject json path> Create a new CSR (signing request) newcsr <subject> <secret> Create a subject CSR
sign <csr path> <identity path> Sign a CSR to create a certificate sign <csr> <identity> <certificate> Sign a CSR to create a certificate
verify <certificate> Verify a certificate verify <certificate> Verify a certificate
show List certificate for current node show List certificate for current node
import <certificate> [<trust>] Import certificate into this node import <certificate> [<trust>] Import certificate into this node

21
pkg/zerotier/certificate.go
View file

@ -83,6 +83,7 @@ type Certificate struct {
IssuerName CertificateName `json:"issuerName"` IssuerName CertificateName `json:"issuerName"`
ExtendedAttributes []byte `json:"extendedAttributes,omitempty"` ExtendedAttributes []byte `json:"extendedAttributes,omitempty"`
MaxPathLength uint `json:"maxPathLength,omitempty"` MaxPathLength uint `json:"maxPathLength,omitempty"`
CRL [][]byte `json:"crl,omitempty"`
Signature []byte `json:"signature,omitempty"` Signature []byte `json:"signature,omitempty"`
} }
@ -258,6 +259,13 @@ func newCertificateFromCCertificate(ccptr unsafe.Pointer) *Certificate {
c.MaxPathLength = uint(cc.maxPathLength) c.MaxPathLength = uint(cc.maxPathLength)
for i := 0; i < int(cc.crlCount); i++ {
csn := *((**[48]byte)(unsafe.Pointer(uintptr(unsafe.Pointer(cc.crl)) + (uintptr(i) * pointerSize))))
var tmp [48]byte
copy(tmp[:], csn[:])
c.CRL = append(c.CRL, tmp[:])
}
if cc.signatureSize > 0 { if cc.signatureSize > 0 {
c.Signature = C.GoBytes(unsafe.Pointer(cc.signature), C.int(cc.signatureSize)) c.Signature = C.GoBytes(unsafe.Pointer(cc.signature), C.int(cc.signatureSize))
} }
@ -279,6 +287,7 @@ func (c *Certificate) cCertificate() unsafe.Pointer {
var subjectCertificates []uintptr var subjectCertificates []uintptr
var subjectUpdateURLs []uintptr var subjectUpdateURLs []uintptr
var subjectUpdateURLsData [][]byte var subjectUpdateURLsData [][]byte
var crl []uintptr
if len(c.SerialNo) == 48 { if len(c.SerialNo) == 48 {
copy((*[48]byte)(unsafe.Pointer(&cc.serialNo[0]))[:], c.SerialNo) copy((*[48]byte)(unsafe.Pointer(&cc.serialNo[0]))[:], c.SerialNo)
@ -387,6 +396,18 @@ func (c *Certificate) cCertificate() unsafe.Pointer {
cc.maxPathLength = C.uint(c.MaxPathLength) cc.maxPathLength = C.uint(c.MaxPathLength)
if len(c.CRL) > 0 {
crl = make([]uintptr, len(c.CRL))
for i, cert := range c.CRL {
if len(cert) != 48 {
return nil
}
crl[i] = uintptr(unsafe.Pointer(&cert[0]))
}
cc.crl = (**C.uint8_t)(unsafe.Pointer(&crl[0]))
cc.crlCount = C.uint(len(crl))
}
if len(c.Signature) > 0 { if len(c.Signature) > 0 {
cc.signature = (*C.uint8_t)(unsafe.Pointer(&c.Signature[0])) cc.signature = (*C.uint8_t)(unsafe.Pointer(&c.Signature[0]))
cc.signatureSize = C.uint(len(c.Signature)) cc.signatureSize = C.uint(len(c.Signature))