155714Skris/* v3conf.c */ 2194206Ssimon/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 355714Skris * project 1999. 455714Skris */ 555714Skris/* ==================================================================== 655714Skris * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 755714Skris * 855714Skris * Redistribution and use in source and binary forms, with or without 955714Skris * modification, are permitted provided that the following conditions 1055714Skris * are met: 1155714Skris * 1255714Skris * 1. Redistributions of source code must retain the above copyright 1355714Skris * notice, this list of conditions and the following disclaimer. 1455714Skris * 1555714Skris * 2. Redistributions in binary form must reproduce the above copyright 1655714Skris * notice, this list of conditions and the following disclaimer in 1755714Skris * the documentation and/or other materials provided with the 1855714Skris * distribution. 1955714Skris * 2055714Skris * 3. All advertising materials mentioning features or use of this 2155714Skris * software must display the following acknowledgment: 2255714Skris * "This product includes software developed by the OpenSSL Project 2355714Skris * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 2455714Skris * 2555714Skris * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 2655714Skris * endorse or promote products derived from this software without 2755714Skris * prior written permission. For written permission, please contact 2855714Skris * licensing@OpenSSL.org. 2955714Skris * 3055714Skris * 5. Products derived from this software may not be called "OpenSSL" 3155714Skris * nor may "OpenSSL" appear in their names without prior written 3255714Skris * permission of the OpenSSL Project. 3355714Skris * 3455714Skris * 6. Redistributions of any form whatsoever must retain the following 3555714Skris * acknowledgment: 3655714Skris * "This product includes software developed by the OpenSSL Project 3755714Skris * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 3855714Skris * 3955714Skris * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 4055714Skris * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4155714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 4255714Skris * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 4355714Skris * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 4455714Skris * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 4555714Skris * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 4655714Skris * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4755714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 4855714Skris * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 4955714Skris * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 5055714Skris * OF THE POSSIBILITY OF SUCH DAMAGE. 5155714Skris * ==================================================================== 5255714Skris * 5355714Skris * This product includes cryptographic software written by Eric Young 5455714Skris * (eay@cryptsoft.com). This product includes software written by Tim 5555714Skris * Hudson (tjh@cryptsoft.com). 5655714Skris * 5755714Skris */ 5855714Skris 5955714Skris 6055714Skris#include <stdio.h> 6155714Skris#include "cryptlib.h" 6255714Skris#include <openssl/asn1.h> 6355714Skris#include <openssl/conf.h> 6455714Skris#include <openssl/x509.h> 6555714Skris#include <openssl/x509v3.h> 6655714Skris 6755714Skris/* Test application to add extensions from a config file */ 6855714Skris 6955714Skrisint main(int argc, char **argv) 7055714Skris{ 7155714Skris LHASH *conf; 7255714Skris X509 *cert; 7355714Skris FILE *inf; 7455714Skris char *conf_file; 7555714Skris int i; 7655714Skris int count; 7755714Skris X509_EXTENSION *ext; 7855714Skris X509V3_add_standard_extensions(); 7955714Skris ERR_load_crypto_strings(); 8055714Skris if(!argv[1]) { 8155714Skris fprintf(stderr, "Usage: v3conf cert.pem [file.cnf]\n"); 8255714Skris exit(1); 8355714Skris } 8455714Skris conf_file = argv[2]; 8555714Skris if(!conf_file) conf_file = "test.cnf"; 8655714Skris conf = CONF_load(NULL, "test.cnf", NULL); 8755714Skris if(!conf) { 8855714Skris fprintf(stderr, "Error opening Config file %s\n", conf_file); 8955714Skris ERR_print_errors_fp(stderr); 9055714Skris exit(1); 9155714Skris } 9255714Skris 9355714Skris inf = fopen(argv[1], "r"); 9455714Skris if(!inf) { 9555714Skris fprintf(stderr, "Can't open certificate file %s\n", argv[1]); 9655714Skris exit(1); 9755714Skris } 9855714Skris cert = PEM_read_X509(inf, NULL, NULL); 9955714Skris if(!cert) { 10055714Skris fprintf(stderr, "Error reading certificate file %s\n", argv[1]); 10155714Skris exit(1); 10255714Skris } 10355714Skris fclose(inf); 10455714Skris 10555714Skris sk_pop_free(cert->cert_info->extensions, X509_EXTENSION_free); 10655714Skris cert->cert_info->extensions = NULL; 10755714Skris 10855714Skris if(!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) { 10955714Skris fprintf(stderr, "Error adding extensions\n"); 11055714Skris ERR_print_errors_fp(stderr); 11155714Skris exit(1); 11255714Skris } 11355714Skris 11455714Skris count = X509_get_ext_count(cert); 11555714Skris printf("%d extensions\n", count); 11655714Skris for(i = 0; i < count; i++) { 11755714Skris ext = X509_get_ext(cert, i); 11855714Skris printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object))); 11955714Skris if(ext->critical) printf(",critical:\n"); 12055714Skris else printf(":\n"); 121111147Snectar X509V3_EXT_print_fp(stdout, ext, 0, 0); 12255714Skris printf("\n"); 12355714Skris 12455714Skris } 12555714Skris return 0; 12655714Skris} 12755714Skris 128