barn/mutt-hash-fingerprints-patch.diff

## mutt-hash-fingerprints-patch.diff
--- a/mutt_ssl.c	Sun Jul 05 13:38:39 2015 -0700
+++ b/mutt_ssl.c	Tue Jul 14 19:00:46 2015 +0100
@@ -551,7 +551,7 @@
   return ret;
 }

-static void x509_fingerprint (char *s, int l, X509 * cert)
+static void x509_fingerprint_md5 (char *s, int l, X509 * cert)
 {
   unsigned char md[EVP_MAX_MD_SIZE];
   unsigned int n;
@@ -572,6 +572,48 @@
   }
 }

+static void x509_fingerprint_sha1 (char *s, int l, X509 * cert)
+{
+  unsigned char sha[EVP_MAX_MD_SIZE];
+  unsigned int n;
+  int j;
+
+  if (!X509_digest (cert, EVP_sha1 (), sha, &n))
+  {
+    snprintf (s, l, _("[unable to calculate]"));
+  }
+  else
+  {
+    for (j = 0; j < (int) n; j++)
+    {
+      char ch[16];
+      snprintf (ch, 16, "%02X%s", sha[j], (j % 2 ? " " : ""));
+      safe_strcat (s, l, ch);
+    }
+  }
+}
+
+static void x509_fingerprint_sha2 (char *s, int l, X509 * cert)
+{
+  unsigned char sha[EVP_MAX_MD_SIZE];
+  unsigned int n;
+  int j;
+
+  if (!X509_digest (cert, EVP_sha256 (), sha, &n))
+  {
+    snprintf (s, l, _("[unable to calculate]"));
+  }
+  else
+  {
+    for (j = 0; j < (int) n; j++)
+    {
+      char ch[32];
+      snprintf (ch, 32, "%02X%s", sha[j], (j % 2 ? " " : ""));
+      safe_strcat (s, l, ch);
+    }
+  }
+}
+
 static char *asn1time_to_string (ASN1_UTCTIME *tm)
 {
   static char buf[64];
@@ -980,7 +1022,7 @@

   dprint (2, (debugfile, "interactive_check_cert: %s\n", cert->name));

-  menu->max = 19;
+  menu->max = 21;
   menu->dialog = (char **) safe_calloc (1, menu->max * sizeof (char *));
   for (i = 0; i < menu->max; i++)
     menu->dialog[i] = (char *) safe_calloc (1, SHORT_STRING * sizeof (char));
@@ -1018,8 +1060,16 @@

   row++;
   buf[0] = '\0';
-  x509_fingerprint (buf, sizeof (buf), cert);
-  snprintf (menu->dialog[row++], SHORT_STRING, _("Fingerprint: %s"), buf);
+  x509_fingerprint_md5 (buf, sizeof (buf), cert);
+  snprintf (menu->dialog[row++], SHORT_STRING, _("MD5 Fingerprint: %s"), buf);
+
+  buf[0] = '\0';
+  x509_fingerprint_sha1 (buf, sizeof (buf), cert);
+  snprintf (menu->dialog[row++], SHORT_STRING, _("SHA1 Fingerprint: %s"), buf);
+
+  buf[0] = '\0';
+  x509_fingerprint_sha2 (buf, sizeof (buf), cert);
+  snprintf (menu->dialog[row++], SHORT_STRING, _("SHA2 Fingerprint: %s"), buf);

   snprintf (title, sizeof (title),
 	    _("SSL Certificate check (certificate %d of %d in chain)"),
	--- a/mutt_ssl.c Sun Jul 05 13:38:39 2015 -0700
	+++ b/mutt_ssl.c Tue Jul 14 19:00:46 2015 +0100
	@@ -551,7 +551,7 @@
	return ret;
	}

	-static void x509_fingerprint (char s, int l, X509 cert)
	+static void x509_fingerprint_md5 (char s, int l, X509 cert)
	{
	unsigned char md[EVP_MAX_MD_SIZE];
	unsigned int n;
	@@ -572,6 +572,48 @@
	}
	}

	+static void x509_fingerprint_sha1 (char s, int l, X509 cert)
	+{
	+ unsigned char sha[EVP_MAX_MD_SIZE];
	+ unsigned int n;
	+ int j;
	+
	+ if (!X509_digest (cert, EVP_sha1 (), sha, &n))
	+ {
	+ snprintf (s, l, _("[unable to calculate]"));
	+ }
	+ else
	+ {
	+ for (j = 0; j < (int) n; j++)
	+ {
	+ char ch[16];
	+ snprintf (ch, 16, "%02X%s", sha[j], (j % 2 ? " " : ""));
	+ safe_strcat (s, l, ch);
	+ }
	+ }
	+}
	+
	+static void x509_fingerprint_sha2 (char s, int l, X509 cert)
	+{
	+ unsigned char sha[EVP_MAX_MD_SIZE];
	+ unsigned int n;
	+ int j;
	+
	+ if (!X509_digest (cert, EVP_sha256 (), sha, &n))
	+ {
	+ snprintf (s, l, _("[unable to calculate]"));
	+ }
	+ else
	+ {
	+ for (j = 0; j < (int) n; j++)
	+ {
	+ char ch[32];
	+ snprintf (ch, 32, "%02X%s", sha[j], (j % 2 ? " " : ""));
	+ safe_strcat (s, l, ch);
	+ }
	+ }
	+}
	+
	static char asn1time_to_string (ASN1_UTCTIME tm)
	{
	static char buf[64];
	@@ -980,7 +1022,7 @@

	dprint (2, (debugfile, "interactive_check_cert: %s\n", cert->name));

	- menu->max = 19;
	+ menu->max = 21;
	menu->dialog = (char *) safe_calloc (1, menu->max sizeof (char *));
	for (i = 0; i < menu->max; i++)
	menu->dialog[i] = (char ) safe_calloc (1, SHORT_STRING sizeof (char));
	@@ -1018,8 +1060,16 @@

	row++;
	buf[0] = '\0';
	- x509_fingerprint (buf, sizeof (buf), cert);
	- snprintf (menu->dialog[row++], SHORT_STRING, _("Fingerprint: %s"), buf);
	+ x509_fingerprint_md5 (buf, sizeof (buf), cert);
	+ snprintf (menu->dialog[row++], SHORT_STRING, _("MD5 Fingerprint: %s"), buf);
	+
	+ buf[0] = '\0';
	+ x509_fingerprint_sha1 (buf, sizeof (buf), cert);
	+ snprintf (menu->dialog[row++], SHORT_STRING, _("SHA1 Fingerprint: %s"), buf);
	+
	+ buf[0] = '\0';
	+ x509_fingerprint_sha2 (buf, sizeof (buf), cert);
	+ snprintf (menu->dialog[row++], SHORT_STRING, _("SHA2 Fingerprint: %s"), buf);

	snprintf (title, sizeof (title),
	_("SSL Certificate check (certificate %d of %d in chain)"),