certtool: allow using --fingerprint with sha384 or sha512

Resolves #295

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

diff --git a/src/certtool.c b/src/certtool.c
index 55f5184e48c5510aa365940a087b9bbd2e9b6e58..68d23f4410c13fa36984ac7ec0533ddbf8747f4b 100644 (file)
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -53,6 +53,8 @@
 #include "certtool-args.h"
 #include "certtool-common.h"
 
+#define MAX_HASH_SIZE 64
+
 static FILE *stdlog = NULL;
 
 static void print_crl_info(gnutls_x509_crl_t crl, FILE * out);
@@ -3848,8 +3850,8 @@ static
 void pubkey_keyid(common_info_st * cinfo)
 {
        gnutls_pubkey_t pubkey;
-       uint8_t fpr[64];
-       char txt[256];
+       uint8_t fpr[MAX_HASH_SIZE];
+       char txt[MAX_HASH_SIZE*2+1];
        int ret;
        size_t size, fpr_size;
        gnutls_datum_t tmp;
@@ -3866,7 +3868,7 @@ void pubkey_keyid(common_info_st * cinfo)
        else if (cinfo->hash == GNUTLS_DIG_SHA256)
                flags = GNUTLS_KEYID_USE_SHA256;
        else {
-               fprintf(stderr, "Cannot calculate key ID with the provided hash\n");
+               fprintf(stderr, "Cannot calculate key ID with the provided hash (use sha1, or sha256)\n");
                app_exit(1);
        }
 
@@ -3906,8 +3908,8 @@ void certificate_fpr(common_info_st * cinfo)
        int ret = 0;
        gnutls_datum_t pem, tmp;
        unsigned int crt_num;
-       uint8_t fpr[32];
-       char txt[128];
+       uint8_t fpr[MAX_HASH_SIZE];
+       char txt[MAX_HASH_SIZE*2+1];
        size_t fpr_size;
 
        crt = load_cert(0, cinfo);