1 /* v3conf.c */

     2 /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL

     3  * project 1999.

     4  */

     5 /* ====================================================================

     6  * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.

     7  *

     8  * Redistribution and use in source and binary forms, with or without

     9  * modification, are permitted provided that the following conditions

    10  * are met:

    11  *

    12  * 1. Redistributions of source code must retain the above copyright

    13  *    notice, this list of conditions and the following disclaimer. 

    14  *

    15  * 2. Redistributions in binary form must reproduce the above copyright

    16  *    notice, this list of conditions and the following disclaimer in

    17  *    the documentation and/or other materials provided with the

    18  *    distribution.

    19  *

    20  * 3. All advertising materials mentioning features or use of this

    21  *    software must display the following acknowledgment:

    22  *    "This product includes software developed by the OpenSSL Project

    23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

    24  *

    25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

    26  *    endorse or promote products derived from this software without

    27  *    prior written permission. For written permission, please contact

    28  *    licensing@OpenSSL.org.

    29  *

    30  * 5. Products derived from this software may not be called "OpenSSL"

    31  *    nor may "OpenSSL" appear in their names without prior written

    32  *    permission of the OpenSSL Project.

    33  *

    34  * 6. Redistributions of any form whatsoever must retain the following

    35  *    acknowledgment:

    36  *    "This product includes software developed by the OpenSSL Project

    37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

    38  *

    39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

    40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

    41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

    42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

    43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

    44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

    45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

    46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

    47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

    48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

    49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

    50  * OF THE POSSIBILITY OF SUCH DAMAGE.

    51  * ====================================================================

    52  *

    53  * This product includes cryptographic software written by Eric Young

    54  * (eay@cryptsoft.com).  This product includes software written by Tim

    55  * Hudson (tjh@cryptsoft.com).

    56  *

    57  */

    58 

    59 

    60 #include <stdio.h>

    61 #include "cryptlib.h"

    62 #include <openssl/asn1.h>

    63 #include <openssl/conf.h>

    64 #include <openssl/x509.h>

    65 #include <openssl/x509v3.h>

    66 

    67 /* Test application to add extensions from a config file */

    68 

    69 int main(int argc, char **argv)

    70 {

    71 	LHASH *conf;

    72 	X509 *cert;

    73 	FILE *inf;

    74 	char *conf_file;

    75 	int i;

    76 	int count;

    77 	X509_EXTENSION *ext;

    78 	X509V3_add_standard_extensions();

    79 	ERR_load_crypto_strings();

    80 	if(!argv[1]) {

    81 		fprintf(stderr, "Usage: v3conf cert.pem [file.cnf]\n");

    82 		exit(1);

    83 	}

    84 	conf_file = argv[2];

    85 	if(!conf_file) conf_file = "test.cnf";

    86 	conf = CONF_load(NULL, "test.cnf", NULL);

    87 	if(!conf) {

    88 		fprintf(stderr, "Error opening Config file %s\n", conf_file);

    89 		ERR_print_errors_fp(stderr);

    90 		exit(1);

    91 	}

    92 

    93 	inf = fopen(argv[1], "r");

    94 	if(!inf) {

    95 		fprintf(stderr, "Can't open certificate file %s\n", argv[1]);

    96 		exit(1);

    97 	}

    98 	cert = PEM_read_X509(inf, NULL, NULL);

    99 	if(!cert) {

   100 		fprintf(stderr, "Error reading certificate file %s\n", argv[1]);

   101 		exit(1);

   102 	}

   103 	fclose(inf);

   104 

   105 	sk_pop_free(cert->cert_info->extensions, X509_EXTENSION_free);

   106 	cert->cert_info->extensions = NULL;

   107 

   108 	if(!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) {

   109 		fprintf(stderr, "Error adding extensions\n");

   110 		ERR_print_errors_fp(stderr);

   111 		exit(1);

   112 	}

   113 

   114 	count = X509_get_ext_count(cert);

   115 	printf("%d extensions\n", count);

   116 	for(i = 0; i < count; i++) {

   117 		ext = X509_get_ext(cert, i);

   118 		printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object)));

   119 		if(ext->critical) printf(",critical:\n");

   120 		else printf(":\n");

   121 		X509V3_EXT_print_fp(stdout, ext, 0, 0);

   122 		printf("\n");

   123 		

   124 	}

   125 	return 0;

   126 }

   127