]>
Commit | Line | Data |
---|---|---|
9aeaf1b4 | 1 | /* v3conf.c */ |
2e597528 | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
9aeaf1b4 DSH |
3 | * project 1999. |
4 | */ | |
5 | /* ==================================================================== | |
6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | |
7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | |
11 | * | |
12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | |
14 | * | |
15 | * 2. Redistributions in binary form must reproduce the above copyright | |
16 | * notice, this list of conditions and the following disclaimer in | |
17 | * the documentation and/or other materials provided with the | |
18 | * distribution. | |
19 | * | |
20 | * 3. All advertising materials mentioning features or use of this | |
21 | * software must display the following acknowledgment: | |
22 | * "This product includes software developed by the OpenSSL Project | |
23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
24 | * | |
25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
26 | * endorse or promote products derived from this software without | |
27 | * prior written permission. For written permission, please contact | |
28 | * licensing@OpenSSL.org. | |
29 | * | |
30 | * 5. Products derived from this software may not be called "OpenSSL" | |
31 | * nor may "OpenSSL" appear in their names without prior written | |
32 | * permission of the OpenSSL Project. | |
33 | * | |
34 | * 6. Redistributions of any form whatsoever must retain the following | |
35 | * acknowledgment: | |
36 | * "This product includes software developed by the OpenSSL Project | |
37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
38 | * | |
39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | |
51 | * ==================================================================== | |
52 | * | |
53 | * This product includes cryptographic software written by Eric Young | |
54 | * (eay@cryptsoft.com). This product includes software written by Tim | |
55 | * Hudson (tjh@cryptsoft.com). | |
56 | * | |
57 | */ | |
e527ba09 DSH |
58 | |
59 | ||
9aeaf1b4 | 60 | #include <stdio.h> |
e527ba09 | 61 | #include "cryptlib.h" |
ec577822 | 62 | #include <openssl/asn1.h> |
ec577822 BM |
63 | #include <openssl/conf.h> |
64 | #include <openssl/x509.h> | |
65 | #include <openssl/x509v3.h> | |
9aeaf1b4 DSH |
66 | |
67 | /* Test application to add extensions from a config file */ | |
68 | ||
6b691a5c | 69 | int main(int argc, char **argv) |
9aeaf1b4 DSH |
70 | { |
71 | LHASH *conf; | |
72 | X509 *cert; | |
73 | FILE *inf; | |
74 | char *conf_file; | |
75 | int i; | |
76 | int count; | |
77 | X509_EXTENSION *ext; | |
78 | X509V3_add_standard_extensions(); | |
79 | ERR_load_crypto_strings(); | |
80 | if(!argv[1]) { | |
81 | fprintf(stderr, "Usage: v3conf cert.pem [file.cnf]\n"); | |
82 | exit(1); | |
83 | } | |
84 | conf_file = argv[2]; | |
85 | if(!conf_file) conf_file = "test.cnf"; | |
86 | conf = CONF_load(NULL, "test.cnf", NULL); | |
87 | if(!conf) { | |
88 | fprintf(stderr, "Error opening Config file %s\n", conf_file); | |
89 | ERR_print_errors_fp(stderr); | |
90 | exit(1); | |
91 | } | |
92 | ||
93 | inf = fopen(argv[1], "r"); | |
94 | if(!inf) { | |
95 | fprintf(stderr, "Can't open certificate file %s\n", argv[1]); | |
96 | exit(1); | |
97 | } | |
98 | cert = PEM_read_X509(inf, NULL, NULL); | |
99 | if(!cert) { | |
100 | fprintf(stderr, "Error reading certificate file %s\n", argv[1]); | |
101 | exit(1); | |
102 | } | |
103 | fclose(inf); | |
104 | ||
105 | sk_pop_free(cert->cert_info->extensions, X509_EXTENSION_free); | |
106 | cert->cert_info->extensions = NULL; | |
107 | ||
108 | if(!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) { | |
109 | fprintf(stderr, "Error adding extensions\n"); | |
110 | ERR_print_errors_fp(stderr); | |
111 | exit(1); | |
112 | } | |
113 | ||
114 | count = X509_get_ext_count(cert); | |
115 | printf("%d extensions\n", count); | |
116 | for(i = 0; i < count; i++) { | |
117 | ext = X509_get_ext(cert, i); | |
118 | printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object))); | |
119 | if(ext->critical) printf(",critical:\n"); | |
120 | else printf(":\n"); | |
0c055b20 | 121 | X509V3_EXT_print_fp(stdout, ext, 0, 0); |
9aeaf1b4 DSH |
122 | printf("\n"); |
123 | ||
124 | } | |
125 | return 0; | |
126 | } | |
127 |