Update based on peer review in #104

2020-10-06 10:08:29 -06:00 · 2020-10-06 10:08:29 -06:00 · 09ab4cc86e
parent b5954cdc07
commit 09ab4cc86e
6 changed files with 139 additions and 4 deletions
--- a/certfields/all-fields/Makefile
+++ b/certfields/all-fields/Makefile
@ -0,0 +1,13 @@
+CC=gcc
+WOLF_INSTALL_DIR=/usr/local
+
+CFLAGS=-I$(WOLF_INSTALL_DIR)/include -Wall
+LIBS=-L$(WOLF_INSTALL_DIR)/lib -lwolfssl
+
+app: main.o
+	$(CC) -o $@ $^ $(CFLAGS) $(LIBS)
+
+.PHONY: clean
+
+clean:
+	rm -f *.o app
--- a/certfields/all-fields/README.md
+++ b/certfields/all-fields/README.md
--- a/certfields/all-fields/main.c
+++ b/certfields/all-fields/main.c
@ -32,6 +32,7 @@
 #include <wolfssl/wolfcrypt/asn.h>
 #include <wolfssl/openssl/x509v3.h>

+#ifdef OPENSSL_EXTRA
 enum {
    RSA_KEY_TYPE = 2,
    ECC_KEY_TYPE = 3,
@ -46,10 +47,12 @@ static void err_sys(const char* msg, int ret)
    }
    exit(EXIT_FAILURE);
 }
+#endif

 int main(int argc, char** argv)
 {
    int   ret, i;
+#ifdef OPENSSL_EXTRA
    int   sigType;
    int   nameSz;
    int   derCertSz;
@ -187,7 +190,14 @@ int main(int argc, char** argv)

    wolfSSL_EVP_PKEY_free(pubKeyTmp);
    wolfSSL_X509_free(cert);
-
-    return 0;
+    wc_FreeRsaKey(&pubKeyRsa);
+    wc_FreeRsaKey(&pubKeyRsa);
+    wc_ecc_free(&pubKeyEcc);
+#else
+    (void) i;
+    printf("Please configure wolfSSL with --enable-opensslextra\n");
+    ret = -1;
+#endif
+    return ret;
 }

--- a/certfields/extract-pubkey-from-certfile/Makefile
+++ b/certfields/extract-pubkey-from-certfile/Makefile
@ -1,6 +1,8 @@
 CC=gcc
-CFLAGS=-Wall
-LIBS= -lwolfssl
+
+WOLFPATH=/usr/local
+CFLAGS= -I$(WOLFPATH)/include -Wall
+LIBS= -L$(WOLFPATH)/lib -lwolfssl

 app: main.o
 	$(CC) -o $@ $^ $(CFLAGS) $(LIBS)
--- a/certfields/extract-pubkey-from-certfile/README.md
+++ b/certfields/extract-pubkey-from-certfile/README.md
@ -0,0 +1,24 @@
+# wolfSSL X509 Field Extraction Example
+
+Example of parsing a DER encoded self-signed certificate and extracting
+public key and subject name information.
+
+## Compiling and Running the Example
+
+To compile, first build wolfSSL with the OpenSSL compatibilty layer enabled:
+
+```
+$ cd wolfssl-X.X.X
+$ ./configure --enable-opensslextra
+$ make
+$ sudo make install
+```
+
+Then, compile the example app:
+
+```
+$ make
+$ ./app
+```
+
+For support, please contact support@wolfssl.com
--- a/certfields/extract-pubkey-from-certfile/main.c
+++ b/certfields/extract-pubkey-from-certfile/main.c
@ -0,0 +1,86 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2020 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*
+ * Example of parsing a DER-encoded certificate and extracting
+ * public key
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <wolfssl/options.h>
+#include <wolfssl/version.h>
+#include <wolfssl/ssl.h>
+#include <wolfssl/wolfcrypt/rsa.h>
+
+int main(void)
+{
+    int ret = -1;
+#ifdef OPENSSL_EXTRA
+    WOLFSSL_X509* x509cert;
+    WOLFSSL_EVP_PKEY* pubKeyTmp;
+    RsaKey pubKey;
+    char* certFName = "../../certs/client-cert.pem";
+    word32 idx = 0;
+    int i;
+
+    (void) idx;
+
+    x509cert = wolfSSL_X509_load_certificate_file(certFName, WOLFSSL_FILETYPE_PEM);
+    if (x509cert == NULL) {
+        printf("Failed to load cert, abort!\n");
+        return ret;
+    }
+    printf("Loaded cert successfully\n");
+
+    pubKeyTmp = wolfSSL_X509_get_pubkey(x509cert);
+    if (pubKeyTmp == NULL) {
+        printf("Failed to extract public key, abort!\n");
+        return ret;
+    }
+    printf("Extracted public key successfully\n");
+
+    /* setup a key structure to receive the extracted key */
+    wc_InitRsaKey(&pubKey, 0);
+    ret = wc_RsaPublicKeyDecode((byte*)pubKeyTmp->pkey.ptr, &idx, &pubKey,
+                                 (word32) pubKeyTmp->pkey_sz);
+    if (ret != 0) {
+        printf("Failed to decode public key from pubKeyTmp, abort!\n");
+        return ret;
+    }
+    printf("Succesfully decoded public key\n");
+
+    printf("PUBLIC KEY:\n");
+    for (i = 0; i < pubKeyTmp->pkey_sz; i++) {
+        printf("%02X", pubKeyTmp->pkey.ptr[i] & 0xFF);
+    } printf("\n");
+
+
+    wolfSSL_EVP_PKEY_free(pubKeyTmp);
+    wolfSSL_X509_free(x509cert);
+    wc_FreeRsaKey(&pubKey);
+#else
+    printf("Please configure wolfssl with --enable-opensslextra to try using\n"
+           "this example\n");
+#endif
+    return ret;
+}