hush
/
hush3
9
0
Fork 11
Code Issues 145 Pull Requests 2 Projects Releases 16 Wiki Activity
Browse Source

Improve TLS error reporting

wolfssl
Duke Leto 3 years ago
parent
84ac805f11
commit
fe0d371165
2 changed files with 10 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      src/hush/tlsmanager.cpp
  2. 6
      src/hush/utiltls.cpp

5
src/hush/tlsmanager.cpp
View File

@ -425,8 +425,11 @@ bool TLSManager::CheckKeyCert()
return false; return false;
} }
if (wolfSSL_X509_verify(mycert, mykey) == WOLFSSL_SUCCESS) { int err = wolfSSL_X509_verify(mycert, mykey);
if (err == WOLFSSL_SUCCESS) {
return true; return true;
} else {
LogPrintf("%s: x509 verification error: %d = %s\n", __func__, err);
} }
LogPrintf("Generated key and certificate do not match!!!\n"); LogPrintf("Generated key and certificate do not match!!!\n");

6
src/hush/utiltls.cpp
View File

@ -43,6 +43,7 @@ WOLFSSL_EVP_PKEY* GenerateEcKey(int nid)
WOLFSSL_X509* GenerateCertificate(WOLFSSL_EVP_PKEY *keypair) WOLFSSL_X509* GenerateCertificate(WOLFSSL_EVP_PKEY *keypair)
{ {
if (!keypair) { if (!keypair) {
LogPrintf("%s: Null keypair!\n", __func__);
return NULL; return NULL;
} }
@ -60,12 +61,17 @@ WOLFSSL_X509* GenerateCertificate(WOLFSSL_EVP_PKEY *keypair)
// private key from keypair is used; signature will be set inside of the cert // private key from keypair is used; signature will be set inside of the cert
bCertSigned = wolfSSL_X509_sign(cert, keypair, wolfSSL_EVP_sha512()); bCertSigned = wolfSSL_X509_sign(cert, keypair, wolfSSL_EVP_sha512());
} }
} else {
LogPrintf("%s: Unable to alloc rand bytes!\n", __func__);
} }
if (!bCertSigned) { if (!bCertSigned) {
LogPrintf("%s: TLS cert not signed correctly!\n", __func__);
wolfSSL_X509_free(cert); wolfSSL_X509_free(cert);
cert = NULL; cert = NULL;
} }
} else {
LogPrintf("%s: Unable to create x509 cert!\n", __func__);
} }
return cert; return cert;

Write Preview
Loading…
Cancel
Save