如何使用HsOpenSSL獲取X509證書的SHA-1摘要？

Question

我正在寫一個接受SSL連接的Web服務器和計算客戶端證書的SHA-1散列：

import OpenSSL (withOpenSSL) 
import OpenSSL.Session as SSL 
import OpenSSL.X509 as X509 
import OpenSSL.EVP.Digest as EVP 

sslStuff :: SSL.SSL -> IO String 
sslStuff ssl = withOpenSSL $ do 
    x509 <- liftM fromJust $ SSL.getPeerCertificate ssl 
    issuer <- X509.getIssuerName x509 False 
    subj <- X509.getSubjectName x509 False 
    putStrLn $ "\tsubject: " ++show subj 
    putStrLn $ "\tissuer: " ++show issuer 
    dg <- liftM fromJust $ EVP.getDigestByName "SHA1" 
    cert <- X509.printX509 x509 
    putStrLn cert 
    let s = EVP.digest dg cert 
    putStrLn $ "After Digest: "++s 
    return s 

我順利拿到證書，但摘要只有15字節長，而不是20 我不確定在將它傳遞給EVP.digest之前，我是否正確地將cert轉換爲字符串。 任何人都可以請給我一個如何正確使用它的例子嗎？

Answer 1

我不認識Haskell。但下面的代碼可能會幫助你。

X509 * x509; 
char sha1dig[SHA1_DIGEST_LENGTH]; 
/*Get X509 certificate in x509*/ 

//Call X509_check_purpose to set SHA1 hash. 
X509_check_purpose (x509, -1, 0); 

//Get the SHA1 hash into buffer. Use x509->sha1_hash 
memcpy(sha1dig, x509->sha1_hash, SHA1_DIGEST_LENGTH); 

我相信我的意見將幫助您將此程序轉換爲Haskell。