libcmd_cli_debug_la_SOURCES = cli-debug-args.def cli-debug-args.c cli-debug-args.h
#certtool
+COMMON_LIBS = $(LIBOPTS) $(LTLIBINTL)
+if ENABLE_MINITASN1
+COMMON_LIBS += ../lib/minitasn1/libminitasn1.la ../gl/libgnu.la
+else
+COMMON_LIBS += $(LIBTASN1_LIBS)
+endif
+
certtool_SOURCES = certtool.c certtool-common.c certtool-extras.c common.c
certtool_LDADD = ../lib/libgnutls.la
libcmd_certtool_la_SOURCES = certtool-args.c certtool-args.def certtool-args.h \
certtool-cfg.h certtool-cfg.c
libcmd_certtool_la_LIBADD = ../lib/libgnutls.la gl/libgnu_gpl.la ../gl/libgnu.la
-libcmd_certtool_la_LIBADD += $(LIBOPTS) $(LTLIBINTL)
+libcmd_certtool_la_LIBADD += $(COMMON_LIBS)
libcmd_certtool_la_LIBADD += $(LTLIBREADLINE) gl/libgnu_gpl.la
libcmd_certtool_la_LIBADD += $(INET_PTON_LIB) $(LIB_CLOCK_GETTIME)
+
danetool_SOURCES = danetool.c certtool-common.c certtool-extras.c common.c socket.c
danetool_LDADD = ../lib/libgnutls.la $(LIBIDN_LIBS)
danetool_LDADD += libcmd-danetool.la ../gl/libgnu.la gl/libgnu_gpl.la
libcmd_danetool_la_SOURCES = danetool-args.c danetool-args.def danetool-args.h \
certtool-cfg.h certtool-cfg.c
libcmd_danetool_la_LIBADD = ../lib/libgnutls.la gl/libgnu_gpl.la ../gl/libgnu.la
-libcmd_danetool_la_LIBADD += $(LIBOPTS)
-libcmd_danetool_la_LIBADD += $(LTLIBINTL)
+libcmd_danetool_la_LIBADD += $(COMMON_LIBS)
libcmd_danetool_la_LIBADD += $(LTLIBREADLINE)
libcmd_danetool_la_LIBADD += $(INET_PTON_LIB) $(LIB_CLOCK_GETTIME)
p11tool_SOURCES = p11tool-args.def p11tool.c pkcs11.c certtool-common.c \
certtool-extras.c p11tool.h common.c
p11tool_LDADD = ../lib/libgnutls.la
-p11tool_LDADD += libcmd-p11tool.la $(LIBOPTS) ../gl/libgnu.la gl/libgnu_gpl.la
-p11tool_LDADD += $(LTLIBINTL)
+p11tool_LDADD += libcmd-p11tool.la ../gl/libgnu.la gl/libgnu_gpl.la
+p11tool_LDADD += $(COMMON_LIBS)
noinst_LTLIBRARIES += libcmd-p11tool.la
libcmd_p11tool_la_SOURCES = p11tool-args.def p11tool-args.c p11tool-args.h \
tpmtool_SOURCES = tpmtool-args.def tpmtool.c certtool-common.c certtool-extras.c common.c
tpmtool_LDADD = ../lib/libgnutls.la
-tpmtool_LDADD += libcmd-tpmtool.la $(LIBOPTS) ../gl/libgnu.la gl/libgnu_gpl.la
-tpmtool_LDADD += $(LTLIBINTL)
+tpmtool_LDADD += libcmd-tpmtool.la ../gl/libgnu.la gl/libgnu_gpl.la
+tpmtool_LDADD += $(COMMON_LIBS)
noinst_LTLIBRARIES += libcmd-tpmtool.la
libcmd_tpmtool_la_SOURCES = tpmtool-args.def tpmtool-args.c tpmtool-args.h \
systemkey_SOURCES = systemkey.c certtool-common.c common.c
systemkey_LDADD = ../lib/libgnutls.la
-systemkey_LDADD += libcmd-systemkey.la $(LIBOPTS) ../gl/libgnu.la gl/libgnu_gpl.la
-systemkey_LDADD += $(LTLIBINTL)
+systemkey_LDADD += libcmd-systemkey.la ../gl/libgnu.la gl/libgnu_gpl.la
+systemkey_LDADD += $(COMMON_LIBS)
noinst_LTLIBRARIES += libcmd-systemkey.la
libcmd_systemkey_la_SOURCES = systemkey-args.def systemkey-args.c systemkey-args.h \
### Adding arbitrary extensions
# This requires to provide the extension OIDs, as well as the extension data in
-# hex format.
+# hex format. The following two options are available since GnuTLS 3.5.3.
#add_extension = "1.2.3.4 0x0AAB01ACFE"
+# As above but encode the data as an octet string
+#add_extension = "1.2.3.4 octet_string(0x0AAB01ACFE)"
+
# For portability critical extensions shouldn't be set to certificates.
#add_critical_extension = "5.6.7.8 0x1AAB01ACFE"
#include <autoopts/options.h>
#include <intprops.h>
#include <gnutls/crypto.h>
+#include <libtasn1.h>
/* for inet_pton */
#include <sys/types.h>
}
}
+#define ACTION_NONE 0
+#define ENCODE_OCTET_STRING 1
+static unsigned char *decode_ext_string(char *str, unsigned int *ret_size)
+{
+ char *p, *p2;
+ unsigned char *tmp;
+ unsigned char *raw;
+ unsigned int raw_size;
+ unsigned action = ACTION_NONE;
+ unsigned char tag[ASN1_MAX_TL_SIZE];
+ unsigned int tag_len;
+ int ret, res;
+
+ p = strchr(str, '(');
+ if (p != 0) {
+ if (strncmp(str, "octet_string", 12) == 0) {
+ action = ENCODE_OCTET_STRING;
+ } else {
+ fprintf(stderr, "cannot parse: %s\n", str);
+ exit(1);
+ }
+ p++;
+ p2 = strchr(p, ')');
+ if (p2 == NULL) {
+ fprintf(stderr, "there is no terminating parenthesis in: %s\n", str);
+ exit(1);
+ }
+ *p2 = 0;
+ } else {
+ p = str;
+ }
+
+ if (strncmp(p, "0x", 2) == 0)
+ p+=2;
+ HEX_DECODE(p, raw, raw_size);
+
+ switch(action) {
+ case ENCODE_OCTET_STRING:
+ tag_len = sizeof(tag);
+ res = asn1_encode_simple_der(ASN1_ETYPE_OCTET_STRING, raw, raw_size, tag, &tag_len);
+ if (res != ASN1_SUCCESS) {
+ fprintf(stderr, "error in DER encoding: %s\n", asn1_strerror(res));
+ exit(1);
+ }
+ tmp = gnutls_malloc(raw_size+tag_len);
+ if (tmp == NULL) {
+ fprintf(stderr, "error in allocation\n");
+ exit(1);
+ }
+ memcpy(tmp, tag, tag_len);
+ memcpy(tmp+tag_len, raw, raw_size);
+ gnutls_free(raw);
+ raw = tmp;
+ raw_size += tag_len;
+ break;
+ }
+
+ *ret_size = raw_size;
+ return raw;
+}
+
void get_extensions_crt_set(int type, void *crt)
{
int ret, i;
unsigned char *raw = NULL;
unsigned raw_size;
- char *p;
if (batch) {
if (!cfg.extensions)
}
/* convert hex to bin */
- if (strncmp(cfg.extensions[i+1], "0x", 2) == 0)
- p = cfg.extensions[i+1]+2;
- else
- p = cfg.extensions[i+1];
- HEX_DECODE(p, raw, raw_size);
+ raw = decode_ext_string(cfg.extensions[i+1], &raw_size);
if (type == TYPE_CRT)
ret =
exit(1);
}
/* convert hex to bin */
- if (strncmp(cfg.crit_extensions[i+1], "0x", 2) == 0)
- p = cfg.crit_extensions[i+1]+2;
- else
- p = cfg.crit_extensions[i+1];
- HEX_DECODE(p, raw, raw_size);
+ raw = decode_ext_string(cfg.crit_extensions[i+1], &raw_size);
if (type == TYPE_CRT)
ret =
projects / thirdparty / gnutls.git / commitdiff
