Merge pull request #428 from embhorn/certgen_cleanup

Fix up readme and build issues in certgen examples

certgen/README.md

@@ -1,11 +1,13 @@
 # Certificate Generation and Signing examples
 
 To test the certgen or csr_example example(s) configure wolfssl with
-`./configure --enable-certgen --enable-certreq` or add the defines:
+`./configure --enable-certgen --enable-certreq --enable-keygen`
+or add the defines:
 
 ```
 #define WOLFSSL_CERT_REQ
 #define WOLFSSL_CERT_GEN
+#define WOLFSSL_KEY_GEN
 ```
 
 To test the csr_w_ed25519_example configure wolfssl with:
@@ -156,6 +158,18 @@ Saved CSR PEM to "ed25519-csr.pem"
 
 This example shows how to use a CSR to sign it using a CA cert and key to produce an X.509 certificate.
 
+To test the csr_sign example configure wolfssl with
+`./configure -enable-certreq --enable-certgen --enable-ecc --enable-certext CFLAGS=-DOPENSSL_EXTRA_X509_SMALL`
+or add the defines:
+
+```
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_EXT
+#define OPENSSL_EXTRA_X509_SMALL
+```
+
 ```
 % ./csr_sign ecc-csr.pem ca-ecc-cert.der ca-ecc-key.der
 Loading CA certificate
@@ -348,7 +362,7 @@ Tested with these wolfSSL build options:
 
 ```sh
 ./autogen.sh  # If cloned from GitHub
-./configure --enable-asn=template --enable-certreq --enable-keygen --enable-certgen --enable-certext CFLAGS="-DWOLFSSL_TEST_CERT -DHAVE_OID_DECODING -DHAVE_OID_ENCODING -DWOLFSSL_CUSTOM_OID -DWOLFSSL_CERT_EXT"
+./configure --enable-certreq --enable-certext --enable-keygen --enable-certgen --enable-certext CFLAGS="-DWOLFSSL_TEST_CERT -DHAVE_OID_DECODING -DHAVE_OID_ENCODING -DWOLFSSL_CUSTOM_OID"
 make
 make check
 sudo make install

certgen/certgen_ca_example.c

@@ -28,6 +28,9 @@
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/wc_port.h>
 
+#if defined(WOLFSSL_CERT_REQ) && defined(WOLFSSL_CERT_GEN) && \
+    defined(WOLFSSL_KEY_GEN) && defined(HAVE_ECC)
+
 #ifdef WOLFSSL_CAAM
     #include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
     static int devId = WOLFSSL_CAAM_DEVID;
@@ -35,8 +38,6 @@
     static int devId = INVALID_DEVID;
 #endif
 
-#if defined(WOLFSSL_CERT_REQ) && defined(WOLFSSL_CERT_GEN) && \
-    defined(WOLFSSL_KEY_GEN) && defined(HAVE_ECC)
 
 #define HEAP_HINT NULL
 #define LARGE_TEMP_SZ 4096

certgen/csr_sign.c

@@ -34,7 +34,7 @@
 #endif
 
 #if defined(WOLFSSL_CERT_REQ) && defined(WOLFSSL_CERT_GEN) && \
-    defined(HAVE_ECC)
+    defined(HAVE_ECC) && defined(WOLFSSL_CERT_EXT)
 
 #define HEAP_HINT NULL
 #define LARGE_TEMP_SZ 4096
@@ -358,9 +358,9 @@ exit:
 int main(int argc, char** argv)
 {
 #if !defined(WOLFSSL_CERT_REQ) || !defined(WOLFSSL_CERT_GEN) || \
-    !defined(HAVE_ECC)
+    !defined(HAVE_ECC) || !defined(WOLFSSL_CERT_EXT)
     printf("Please compile wolfSSL with --enable-certreq --enable-certgen "
-           "--enable-ecc CFLAGS=-DOPENSSL_EXTRA_X509_SMALL\n");
+           "--enable-ecc --enable-certext CFLAGS=-DOPENSSL_EXTRA_X509_SMALL\n");
     return 0;
 #else
     if (argc != 4) {

certgen/custom_ext.c

@@ -250,9 +250,9 @@ int main(int argc, char** argv)
 
 int main(int argc, char** argv)
 {
-    printf("Please compile wolfSSL with --enable-asn=template --enable-certgen "
-           "--enable-keygen CFLAGS=\"-DWOLFSSL_CUSTOM_OID -DHAVE_OID_ENCODING "
-           "-DWOLFSSL_CERT_EXT\"");
+    printf("Please configure wolfSSL with --enable-certgen --enable-certext "
+           "--enable-keygen CFLAGS=\"-DWOLFSSL_CUSTOM_OID "
+           "-DHAVE_OID_ENCODING\"\n");
     return 0;
 }
 

certgen/custom_ext_callback.c

@@ -143,7 +143,10 @@ static void check_ret(char* call, int ret)
 
 int main(void)
 {
-    printf("Not compiled in: Build wolfSSL using ./configure --enable-asn=template  --enable-certreq --enable-certgen CFLAGS=\"-DWOLFSSL_TEST_CERT -DHAVE_OID_DECODING -DWOLFSSL_CUSTOM_OID -DWOLFSSL_CERT_EXT\"\n");
+    printf("Not compiled in: Configure wolfSSL using ./configure"
+           "--enable-certreq --enable-certgen --enable-certext "
+           "CFLAGS=\"-DWOLFSSL_TEST_CERT -DHAVE_OID_DECODING "
+           "-DWOLFSSL_CUSTOM_OID \"\n");
     return 0;
 }