155714Skris/* v3conf.c */
2194206Ssimon/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
355714Skris * project 1999.
455714Skris */
555714Skris/* ====================================================================
655714Skris * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
755714Skris *
855714Skris * Redistribution and use in source and binary forms, with or without
955714Skris * modification, are permitted provided that the following conditions
1055714Skris * are met:
1155714Skris *
1255714Skris * 1. Redistributions of source code must retain the above copyright
1355714Skris *    notice, this list of conditions and the following disclaimer.
1455714Skris *
1555714Skris * 2. Redistributions in binary form must reproduce the above copyright
1655714Skris *    notice, this list of conditions and the following disclaimer in
1755714Skris *    the documentation and/or other materials provided with the
1855714Skris *    distribution.
1955714Skris *
2055714Skris * 3. All advertising materials mentioning features or use of this
2155714Skris *    software must display the following acknowledgment:
2255714Skris *    "This product includes software developed by the OpenSSL Project
2355714Skris *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
2455714Skris *
2555714Skris * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
2655714Skris *    endorse or promote products derived from this software without
2755714Skris *    prior written permission. For written permission, please contact
2855714Skris *    licensing@OpenSSL.org.
2955714Skris *
3055714Skris * 5. Products derived from this software may not be called "OpenSSL"
3155714Skris *    nor may "OpenSSL" appear in their names without prior written
3255714Skris *    permission of the OpenSSL Project.
3355714Skris *
3455714Skris * 6. Redistributions of any form whatsoever must retain the following
3555714Skris *    acknowledgment:
3655714Skris *    "This product includes software developed by the OpenSSL Project
3755714Skris *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
3855714Skris *
3955714Skris * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
4055714Skris * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
4155714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
4255714Skris * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
4355714Skris * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
4455714Skris * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
4555714Skris * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
4655714Skris * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
4755714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
4855714Skris * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
4955714Skris * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
5055714Skris * OF THE POSSIBILITY OF SUCH DAMAGE.
5155714Skris * ====================================================================
5255714Skris *
5355714Skris * This product includes cryptographic software written by Eric Young
5455714Skris * (eay@cryptsoft.com).  This product includes software written by Tim
5555714Skris * Hudson (tjh@cryptsoft.com).
5655714Skris *
5755714Skris */
5855714Skris
5955714Skris
6055714Skris#include <stdio.h>
6155714Skris#include "cryptlib.h"
6255714Skris#include <openssl/asn1.h>
6355714Skris#include <openssl/conf.h>
6455714Skris#include <openssl/x509.h>
6555714Skris#include <openssl/x509v3.h>
6655714Skris
6755714Skris/* Test application to add extensions from a config file */
6855714Skris
6955714Skrisint main(int argc, char **argv)
7055714Skris{
7155714Skris	LHASH *conf;
7255714Skris	X509 *cert;
7355714Skris	FILE *inf;
7455714Skris	char *conf_file;
7555714Skris	int i;
7655714Skris	int count;
7755714Skris	X509_EXTENSION *ext;
7855714Skris	X509V3_add_standard_extensions();
7955714Skris	ERR_load_crypto_strings();
8055714Skris	if(!argv[1]) {
8155714Skris		fprintf(stderr, "Usage: v3conf cert.pem [file.cnf]\n");
8255714Skris		exit(1);
8355714Skris	}
8455714Skris	conf_file = argv[2];
8555714Skris	if(!conf_file) conf_file = "test.cnf";
8655714Skris	conf = CONF_load(NULL, "test.cnf", NULL);
8755714Skris	if(!conf) {
8855714Skris		fprintf(stderr, "Error opening Config file %s\n", conf_file);
8955714Skris		ERR_print_errors_fp(stderr);
9055714Skris		exit(1);
9155714Skris	}
9255714Skris
9355714Skris	inf = fopen(argv[1], "r");
9455714Skris	if(!inf) {
9555714Skris		fprintf(stderr, "Can't open certificate file %s\n", argv[1]);
9655714Skris		exit(1);
9755714Skris	}
9855714Skris	cert = PEM_read_X509(inf, NULL, NULL);
9955714Skris	if(!cert) {
10055714Skris		fprintf(stderr, "Error reading certificate file %s\n", argv[1]);
10155714Skris		exit(1);
10255714Skris	}
10355714Skris	fclose(inf);
10455714Skris
10555714Skris	sk_pop_free(cert->cert_info->extensions, X509_EXTENSION_free);
10655714Skris	cert->cert_info->extensions = NULL;
10755714Skris
10855714Skris	if(!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) {
10955714Skris		fprintf(stderr, "Error adding extensions\n");
11055714Skris		ERR_print_errors_fp(stderr);
11155714Skris		exit(1);
11255714Skris	}
11355714Skris
11455714Skris	count = X509_get_ext_count(cert);
11555714Skris	printf("%d extensions\n", count);
11655714Skris	for(i = 0; i < count; i++) {
11755714Skris		ext = X509_get_ext(cert, i);
11855714Skris		printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
11955714Skris		if(ext->critical) printf(",critical:\n");
12055714Skris		else printf(":\n");
121111147Snectar		X509V3_EXT_print_fp(stdout, ext, 0, 0);
12255714Skris		printf("\n");
12355714Skris
12455714Skris	}
12555714Skris	return 0;
12655714Skris}
12755714Skris
128