added additional properties to getPeerCertificate with test case

src/node_crypto.cc

@@ -63,6 +63,9 @@ using namespace v8;
 static Persistent<String> errno_symbol;
 static Persistent<String> syscall_symbol;
 static Persistent<String> subject_symbol;
+static Persistent<String> subjectaltname_symbol;
+static Persistent<String> modulus_symbol;
+static Persistent<String> exponent_symbol;
 static Persistent<String> issuer_symbol;
 static Persistent<String> valid_from_symbol;
 static Persistent<String> valid_to_symbol;
@@ -1087,6 +1090,46 @@ Handle<Value> Connection::GetPeerCertificate(const Arguments& args) {
     }
     (void) BIO_reset(bio);
 
+    char buf[256];
+    bio = NULL;
+    ASN1_OBJECT *oid;
+    oid = OBJ_txt2obj("2.5.29.17", 1); // OID 2.5.29.17 is Subject AltName
+    int count = 0, j;
+    count = X509_get_ext_count(peer_cert);
+    for (j = 0; j < count; j++) {
+        X509_EXTENSION *ext = X509_get_ext(peer_cert, j);
+        if (OBJ_cmp(ext->object, oid) == 0) {
+            bio = BIO_new(BIO_s_mem());
+            if (X509V3_EXT_print(bio, ext, 0, 0) == 1) {
+                memset(buf, 0, sizeof(buf));
+                BIO_read(bio, buf, sizeof(buf) - 1);
+                info->Set(subjectaltname_symbol, String::New(buf));
+            }
+            BIO_vfree(bio);
+            break;
+        }
+    }
+
+    EVP_PKEY *pkey = NULL;
+    RSA *rsa = NULL;
+    if( NULL != (pkey = X509_get_pubkey(peer_cert))
+        && NULL != (rsa = EVP_PKEY_get1_RSA(pkey)) ) {
+        bio = BIO_new(BIO_s_mem());
+        BN_print(bio, rsa->n);
+        memset(buf, 0, sizeof(buf));
+        BIO_read(bio, buf, sizeof(buf) - 1);
+        info->Set(modulus_symbol, String::New(buf) );
+        BIO_free(bio);
+
+        bio = BIO_new(BIO_s_mem());
+        BN_print(bio, rsa->e);
+        memset(buf, 0, sizeof(buf));
+        BIO_read(bio, buf, sizeof(buf) - 1);
+        info->Set(exponent_symbol, String::New(buf) );
+        BIO_free(bio);
+    }
+    (void) BIO_reset(bio);
+
     ASN1_TIME_print(bio, X509_get_notBefore(peer_cert));
     BIO_get_mem_ptr(bio, &mem);
     info->Set(valid_from_symbol, String::New(mem->data, mem->length));
@@ -3922,6 +3965,9 @@ void InitCrypto(Handle<Object> target) {
   issuer_symbol     = NODE_PSYMBOL("issuer");
   valid_from_symbol = NODE_PSYMBOL("valid_from");
   valid_to_symbol   = NODE_PSYMBOL("valid_to");
+  subjectaltname_symbol = NODE_PSYMBOL("subjectaltname");
+  modulus_symbol        = NODE_PSYMBOL("modulus");
+  exponent_symbol       = NODE_PSYMBOL("exponent");
   fingerprint_symbol   = NODE_PSYMBOL("fingerprint");
   name_symbol       = NODE_PSYMBOL("name");
   version_symbol    = NODE_PSYMBOL("version");

src/node_crypto.h

@@ -32,6 +32,7 @@
 #include <openssl/evp.h>
 #include <openssl/pem.h>
 #include <openssl/x509.h>
+#include <openssl/x509v3.h>
 #include <openssl/hmac.h>
 
 #ifdef OPENSSL_NPN_NEGOTIATED

test/fixtures/foafssl.crt

@@ -0,0 +1,25 @@
+Bag Attributes
+    friendlyName: Me's Not a Certification Authority ID
+    localKeyID: 98 CC 02 91 83 8D 14 4A 60 40 B7 11 E8 EF A9 01 4B D7 16 8A 
+subject=/O=FOAF+SSL/OU=The Community Of Self Signers/UID=http://example.com/#me/CN=Me
+issuer=/O=FOAF+SSL/OU=The Community of Self Signers/CN=Not a Certification Authority
+-----BEGIN CERTIFICATE-----
+MIIDVDCCAr2gAwIBAgIQRLIhwZ2N3ciEdpWb6kPmPzANBgkqhkiG9w0BAQUFADBj
+MREwDwYDVQQKDAhGT0FGK1NTTDEmMCQGA1UECwwdVGhlIENvbW11bml0eSBvZiBT
+ZWxmIFNpZ25lcnMxJjAkBgNVBAMMHU5vdCBhIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5MB4XDTExMDgzMDE3MzIwNFoXDTEyMDgyMDE5MzIwNFowcDERMA8GA1UECgwI
+Rk9BRitTU0wxJjAkBgNVBAsMHVRoZSBDb21tdW5pdHkgT2YgU2VsZiBTaWduZXJz
+MSYwJAYKCZImiZPyLGQBAQwWaHR0cDovL2V4YW1wbGUuY29tLyNtZTELMAkGA1UE
+AwwCTWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm9EqcJXkUMSFP
+XIevngQBd6i7iayAP34Ju8OlUZ80nNm5xAvkNtCqgjqUFH4myJJIraK+PdTTTowo
+lkaUsgR9IXtPEpk3Hqk6g8iauUQHJBMeZfKwFh3pVgzenBNFVVKy9Jzw+wDY13Uy
+MkkT9vgP8p0KEx0p2wav+L4ZG3kg3C2uHCbqgqR4R6EDke879qq7PMQP+CEAsDpP
+D/GAknjk3f2n3pVO1W3HrZpH7rw313GjZvxgpby3I3O+wYBkmz76DpCScHIQtBuQ
+Ayuxi8kfIEbr2vEZH0pOJtcYecTHhnti/NUI6M5m6C0SinHpFYCfz0To3ndAZ/He
+XXC5wDaHAgMBAAGjeDB2MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgLsMBEG
+CWCGSAGG+EIBAQQEAwIFoDAdBgNVHQ4EFgQU3gJIUFpe8rKklsjEdsxlaT6rZhow
+JAYDVR0RAQH/BBowGIYWaHR0cDovL2V4YW1wbGUuY29tLyNtZTANBgkqhkiG9w0B
+AQUFAAOBgQBLhwWbYMdeSkVZ4biVUle+XHP4Gv8V9WSfldvgn1PntS1lpVR46Exl
+AkLO1SrnN5WHeAjv6VNb3KmTF+QhLt/4a1l9CEEeZSg5ml5aeXE+veobgypDoam+
+NKYAeIW9Wx+HcgBL4leIX3WiCKu/eal+a5ro18LQ8hkZqryHeVESIw==
+-----END CERTIFICATE-----

test/fixtures/foafssl.key

@@ -0,0 +1,32 @@
+Bag Attributes
+    friendlyName: Me's Not a Certification Authority ID
+    localKeyID: 98 CC 02 91 83 8D 14 4A 60 40 B7 11 E8 EF A9 01 4B D7 16 8A 
+Key Attributes: <No Attributes>
+-----BEGIN PRIVATE KEY-----
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCm9EqcJXkUMSFP
+XIevngQBd6i7iayAP34Ju8OlUZ80nNm5xAvkNtCqgjqUFH4myJJIraK+PdTTTowo
+lkaUsgR9IXtPEpk3Hqk6g8iauUQHJBMeZfKwFh3pVgzenBNFVVKy9Jzw+wDY13Uy
+MkkT9vgP8p0KEx0p2wav+L4ZG3kg3C2uHCbqgqR4R6EDke879qq7PMQP+CEAsDpP
+D/GAknjk3f2n3pVO1W3HrZpH7rw313GjZvxgpby3I3O+wYBkmz76DpCScHIQtBuQ
+Ayuxi8kfIEbr2vEZH0pOJtcYecTHhnti/NUI6M5m6C0SinHpFYCfz0To3ndAZ/He
+XXC5wDaHAgMBAAECggEAEhwrv7Zc5PDTYS1zVnx4iMQ3HGi5uouom1uvxE4PTAC7
+qWf3tkCv798Cha+XY5OcMqALKEHCxU0e7QQoEdchn4UzQAePcSg1STCkYQw5seCa
+5lA+vBUaF4aLDNa3TG0N9HWOVKGVnO/6OYC05qKClBBIMqCSKEkm942u6UBOql6q
+71Sj1Nd/4eP9AcvgO5cgyUszM2I25LzXIZW7JLgdqXiJRj8CuY3X5FVURvadENgk
+ctw5EjdT7LNdc67Ot9Bs6qcVr2ld/U+4ZSC2+cqtPyn7mnA4hrYXlpA1Ilv3oRwZ
+aUJfG5HVV4jjNVHxDqddBh3UhOxJYZ1DNEMndTBx8QKBgQDcsrLfkE6utaj8w/of
+Hk/aq1JRNLgSvhoP2wVmK7USvYFj7DIvL4CqyghY5TLgNk272v8mT0Q7R6AtsOUk
+Gf50uZFAtIoPvTsvBu6cbRsPTeGJ0i1+LLme/AJu3MexXLF6mlzoGmlx8V7CoFqI
+9hvqBA5rZ6ecoSjmU2q2xWKXKQKBgQDBqNqicSp2jnHiTXYbG/tsnxhFwALdEjvb
+EgZprmoBzo1eQFOY/DNBdDiEZBstu9mJBX3XWTU1F4c6tYRocNCMDwLBZAB6NnVM
+JjoddJApa5Qg3uoXmk53saZhcVkOzh+P/Dxg9c9O3q4DDUegnkM95ZSbCPtIBq6K
+bPA3OS+GLwKBgQCY0022LjGuHbFlRzg+sDjPzW71OLJ2mBln/VyhwYZj8cJVtUuT
+DSvmGHzrQduXE0OE4ENq/dzbx9+NhD9IXo+ruIxy6BHqkDkZeY1l2M+yK1YQn/BM
+vR/UjeIJbu0BTpS/t4C6YP+/nUrnLy9CRFpUFHb/vQl+FsNBq2XsJob88QKBgQCD
+6B5bbNduf2HEsdxTZMDhYJAo2jtZFxVcBzAFBb7A0k7qNsh6OLY0zBO+4Wy9vujR
+8sKfTuz157u9WmwAs27pJ0RKM3I7zCIjJxqIe5/CBruTlCJAx2LRFljsoEb31aAb
+88Owi12ULAq8m2wBVCsa2uhYnUqC6cIzGTaZdsMPEwKBgQDJXI+J2d36IWzFrByH
+yskssFldbLxm/7EexzAYuoSpHuQIxGJYHTHn6CZhqrX8UbxVnS909ES+17kdLZVP
+egvaxn1mtfZInnH64PiQDQrsNnbP4Zg8yvLvIcEVIPqnSQ5QrhdR29tjYuDwUIKM
+4BMR2yfkFp6URRX7ZD1UQsduww==
+-----END PRIVATE KEY-----

test/simple/test-https-foafssl.js

@@ -0,0 +1,85 @@
+// Copyright Joyent, Inc. and other Node contributors.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a
+// copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to permit
+// persons to whom the Software is furnished to do so, subject to the
+// following conditions:
+//
+// The above copyright notice and this permission notice shall be included
+// in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+// USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+if (!process.versions.openssl) {
+  console.error("Skipping because node compiled without OpenSSL.");
+  process.exit(0);
+}
+
+var common = require('../common');
+var assert = require('assert');
+var join = require('path').join;
+
+var fs = require('fs');
+var exec = require('child_process').exec;
+
+var https = require('https');
+
+var options = {
+  key: fs.readFileSync(common.fixturesDir + '/agent.key'),
+  cert: fs.readFileSync(common.fixturesDir + '/agent.crt'),
+  requestCert: true
+};
+
+var reqCount = 0;
+var body = 'hello world\n';
+var cert;
+var subjectaltname;
+var modulus;
+var exponent;
+
+var server = https.createServer(options, function (req, res) {
+  reqCount++;
+  console.log("got request");
+
+  cert = req.connection.getPeerCertificate();
+
+  subjectaltname = cert.subjectaltname;
+  modulus = cert.modulus;
+  exponent = cert.exponent;
+
+  res.writeHead(200, { 'content-type': 'text/plain' });
+  res.end(body);
+})
+
+
+server.listen(common.PORT, function () {
+  var cmd = 'curl --insecure https://127.0.0.1:' + common.PORT +  '/';
+  cmd += ' --cert '+join(common.fixturesDir, 'foafssl.crt');
+  cmd += ' --key '+join(common.fixturesDir, 'foafssl.key');
+  console.error("executing %j", cmd);
+  exec(cmd, function(err, stdout, stderr) {
+    if (err) throw err;
+    common.error(common.inspect(stdout));
+    assert.equal(body, stdout);
+    server.close();
+  });
+
+});
+
+process.on('exit', function () {
+  assert.equal(subjectaltname, 'URI:http://example.com/#me');
+  assert.equal(modulus, 'A6F44A9C25791431214F5C87AF9E040177A8BB89AC803F7E09BBC\
+3A5519F349CD9B9C40BE436D0AA823A94147E26C89248ADA2BE3DD4D34E8C28964694B2047D217\
+B4F1299371EA93A83C89AB9440724131E65F2B0161DE9560CDE9C13455552B2F49CF0FB00D8D77\
+532324913F6F80FF29D0A131D29DB06AFF8BE191B7920D');
+  assert.equal(exponent, '10001');
+});