3 files changed, 56 insertions, 6 deletions

diff --git a/src/certificate.cc b/src/certificate.cc
index c447be76..420df8c3 100644
--- a/src/certificate.cc
+++ b/src/certificate.cc
@@ -421,6 +421,8 @@ Certificate::thumbprint () const
 {
 	DCP_ASSERT (_certificate);
 
+#if 0
+
 	uint8_t buffer[8192];
 	uint8_t* p = buffer;
 
@@ -429,19 +431,45 @@ Certificate::thumbprint () const
 #else
 	i2d_X509_CINF (_certificate->cert_info, &p);
 #endif
-	unsigned int const length = p - buffer;
-	if (length > sizeof (buffer)) {
-		throw MiscError ("buffer too small to generate thumbprint");
-	}
+	unsigned const int length = p - buffer;
+
+	auto foo = fopen("/home/carl/dump", "wb");
+	fwrite(buffer, 1, length, foo);
+	fclose(foo);
 
 	SHA_CTX sha;
 	SHA1_Init (&sha);
 	SHA1_Update (&sha, buffer, length);
-	uint8_t digest[20];
+	uint8_t digest[SHA_DIGEST_LENGTH];
 	SHA1_Final (digest, &sha);
 
 	char digest_base64[64];
-	return Kumu::base64encode (digest, 20, digest_base64, 64);
+	std::cout << Kumu::base64encode(digest, SHA_DIGEST_LENGTH, digest_base64, 64) << "\n";
+	return digest_base64;
+
+#endif
+
+	unsigned char* tbs = nullptr;
+	auto tbs_len = i2d_re_X509_tbs(_certificate, &tbs);
+	DCP_ASSERT(tbs_len != 0);
+
+	unsigned char md_value[EVP_MAX_MD_SIZE];
+	const EVP_MD* md = EVP_sha1();
+	auto rc = EVP_Digest(tbs, tbs_len, md_value, nullptr, md, nullptr);
+	DCP_ASSERT(rc != 0);
+	char md_base64[EVP_MAX_MD_SIZE * 4 / 3 + 2];
+	EVP_EncodeBlock((unsigned char*) md_base64, md_value, EVP_MD_meth_get_result_size(md));
+	return md_base64;
+
+#if 0
+	unsigned char digest[EVP_MAX_MD_SIZE];
+	unsigned int length;
+	auto const result = X509_pubkey_digest(_certificate, EVP_sha1(), digest, &length);
+	DCP_ASSERT(result == 1);
+
+	char digest_base64[64];
+	return Kumu::base64encode(digest, length, digest_base64, 64);
+#endif
 }
 
 
diff --git a/src/util.cc b/src/util.cc
index 9cc35ad6..105a7776 100644
--- a/src/util.cc
+++ b/src/util.cc
@@ -180,6 +180,7 @@ dcp::init (optional<boost::filesystem::path> given_resources_directory)
 	}
 
 	OpenSSL_add_all_algorithms();
+	OpenSSL_add_all_digests();
 
 	asdcp_smpte_dict = &ASDCP::DefaultSMPTEDict();
 
diff --git a/test/certificates_test.cc b/test/certificates_test.cc
index 4795e45e..9040ea1d 100644
--- a/test/certificates_test.cc
+++ b/test/certificates_test.cc
@@ -279,3 +279,24 @@ BOOST_AUTO_TEST_CASE (certificate_not_before_after)
 	BOOST_CHECK_EQUAL (not_after.month(), 6);
 	BOOST_CHECK_EQUAL (not_after.year(), 2025);
 }
+
+
+BOOST_AUTO_TEST_CASE(debug_it)
+{
+	std::vector<boost::filesystem::path> files = {
+		"1190143602-ICP-04_июл_2022.crt",
+		"1190143602-LD-04_июл_2022.crt.1",
+		"1190143602-LD-04_июл_2022.crt.2",
+		"1190143602-LD-04_июл_2022.crt.3",
+		"1190143602-LD-04_июл_2022.crt.4",
+		"1190143602-LD-04_июл_2022.crt.5",
+		"1190143602-LD-04_июл_2022.crt.6",
+		"1190162017-ICP-04_июл_2022.crt"
+	};
+
+	for (auto file: files) {
+		dcp::Certificate cert(dcp::file_to_string(boost::filesystem::path("/home/carl/bug/2507") / file));
+		std::cout << cert.thumbprint() << "\n";
+	}
+}
+