Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-06-28 16:17:28 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

ensured maximum backward compatibility for crypto changes that will occur in future v0.7

Browse source
This commit is contained in:
csoler 2017-11-22 00:02:11 +01:00
parent e2c1661c49
commit f6d69e09d5
4 changed files with 137 additions and 73 deletions
Download patch file Download diff file Expand all files Collapse all files

11
libretroshare/src/pqi/sslfns.h
View file

@ -61,7 +61,15 @@ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
#endif
// Certificates serial number is used to store the protocol version for the handshake. (*) means current version.
//
// 06_0000: < Nov.2017.
// * 06_0001: > Nov 2017. SSL id is computed by hashing the entire signature of the cert instead of simply picking up the last bytes.
// 07_0001: Signatures are performed using SHA256+RSA instead of SHA1+RSA
static const uint32_t RS_CERTIFICATE_VERSION_NUMBER_06_0000 = 0x00060000 ; // means version RS-0.6, certificate version 0. Default version before patch.
static const uint32_t RS_CERTIFICATE_VERSION_NUMBER_06_0001 = 0x00060001 ; // means version RS-0.6, certificate version 1.
static const uint32_t RS_CERTIFICATE_VERSION_NUMBER_07_0001 = 0x00070001 ; // means version RS-0.7, certificate version 1.
X509_REQ *GenerateX509Req(
std::string pkey_file, std::string passwd,
@ -122,6 +130,9 @@ std::string getX509OrgString(X509_NAME *name);
std::string getX509CountryString(X509_NAME *name);
std::string getX509Info(X509 *cert);
uint64_t getX509SerialNumber(X509 *cert);
uint32_t getX509RetroshareCertificateVersion(X509 *cert) ;
/********** SSL ERROR STUFF ******************************************/
int printSSLError(SSL *ssl, int retval, int err, unsigned long err2, std::string &out);