[Vm-dev] SqueakSSL + SAN certificates

Norbert Hartl norbert at hartl.name
Wed May 27 17:58:21 UTC 2015 

> Am 27.05.2015 um 19:22 schrieb Levente Uzonyi <leves at elte.hu>:
> 
> I thought you wanted to access the parsed data, which is not easily accessible. It's possible to export the certificate in some form (PEM or DER), but then you'd have to write a parser for that in Smalltalk.
> 
I've written an ASN.1 parser [1]. I have also a draft version for X.509 module. I can read DER/BER formats which I do already in the GSM stack stuff we did [2]. The ASN.1 implementation has only a runtime model (no generated classes). I usually export the runtime model with Fuel if I don't want to generate it. It wouldn't be a very performant approach but maybe it will be usable in some way. I'd give it a shot.

Norbert

[1] http://smalltalkhub.com/#!/~NorbertHartl/ASN1 <http://smalltalkhub.com/#!/~NorbertHartl/ASN1>
[2] http://smalltalkhub.com/#!/~osmocom <http://smalltalkhub.com/#!/~osmocom>




> Levente
> 
> On Wed, 27 May 2015, Norbert Hartl wrote:
> 
>> 
>> I don't understand. You are returning a field of the cert so you are parsing it somehow natively. Where is the difficulty just to return to whole binary certificate data?
>> 
>> Norbert
>> 
>> 
>>> Am 27.05.2015 um 03:23 schrieb Levente Uzonyi <leves at elte.hu>:
>>> 
>>> If it were possible, then there would be no need to add this.
>>> 
>>> Levente
>>> 
>>> On Wed, 27 May 2015, Norbert Hartl wrote:
>>> 
>>>> 
>>>> Sounds great! Is it possible to access to whole certificate data as well?
>>>> 
>>>> Norbert
>>>> 
>>>>> Am 26.05.2015 um 23:55 schrieb Levente Uzonyi <leves at elte.hu>:
>>>>> 
>>>>> Hi All,
>>>>> 
>>>>> I've implemented support for reading the domain names from the certificate's SAN extension[1] in SqueakSSL.
>>>>> The image side code is in the Inbox[2]. It is backwards compatible -- everything works as before without the VM changes.
>>>>> I've also uploaded the modified files[3][4] for the unix platform, and a diff[5] (which somehow doesn't include the changes of the .h file).
>>>>> 
>>>>> The VM support code for other platforms are to be done.
>>>>> 
>>>>> These changes fix the failing SqueakSSL test in the Trunk, so I suggest including the .mcz file in the 4.6 release.
>>>>> 
>>>>> Levente
>>>>> 
>>>>> [1] https://en.wikipedia.org/wiki/SubjectAltName
>>>>> [2] http://lists.squeakfoundation.org/pipermail/squeak-dev/2015-May/184581.html
>>>>> [3] http://leves.web.elte.hu/squeak/SqueakSSL/SqueakSSL.h
>>>>> [4] http://leves.web.elte.hu/squeak/SqueakSSL/sqUnixOpenSSL.c
>>>>> [5] http://leves.web.elte.hu/squeak/SqueakSSL/diff.txt
>>>> 
>>>> 
>> 
>> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.squeakfoundation.org/pipermail/vm-dev/attachments/20150527/0ef647a4/attachment.htm

More information about the Vm-dev mailing list