WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity
wolfssl-examples/certgen/custom_ext_callback.c

155 lines
4.0 KiB
C
Raw Blame History

/*
* custom_ext_callback.c
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* This is based off of ecc-key-decode.c */
#include <wolfssl/options.h>
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/wolfcrypt/asn.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/wc_port.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <stdio.h>
#if defined(WOLFSSL_ASN_TEMPLATE) && defined(WOLFSSL_CERT_REQ) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_TEST_CERT) && \
defined(HAVE_OID_DECODING) && defined(WOLFSSL_CUSTOM_OID) && \
defined(WOLFSSL_CERT_EXT)
static int myCustomExtCallback(const word16* oid, word32 oidSz, int crit,
const unsigned char* der, word32 derSz) {
word32 i;
printf("Custom Extension found!\n");
printf("(");
for (i = 0; i < oidSz; i++) {
printf("%d", oid[i]);
if (i < oidSz - 1) {
printf(".");
}
}
printf(") : ");
if (crit) {
printf("CRITICAL");
} else {
printf("NOT CRITICAL");
}
printf(" : ");
for (i = 0; i < derSz; i ++) {
printf("%x ", der[i]);
}
printf("\n");
/* NOTE: by returning zero, we are accepting this extension and informing
* wolfSSL that it is acceptable. If you find an extension that you
* do not find acceptable, you should return an error. The standard
* behavior upon encountering an unknown extension with the critical
* flag set is to return ASN_CRIT_EXT_E. For the sake of brevity,
* this example is always accepting every extension; you should use
* different logic. */
return 0;
}
static void check_ret(char*, int);
#ifndef MAX_BUF
#define MAX_BUF 4096
#endif
int main(int argc, char** argv)
{
DecodedCert decodedCert;
FILE* file;
byte derBuffer[MAX_BUF];
size_t bytes;
int ret;
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
#endif
if (argc != 2) {
printf("Usage: %s certifcate.der\n", argv[0]);
return 0;
}
wolfCrypt_Init();
/* TODO: change this once we start generating our own. */
file = fopen(argv[1], "rb");
if (!file) {
printf("Failed to open file\n");
exit(-99);
}
bytes = fread(derBuffer, 1, sizeof(derBuffer), file);
fclose(file);
printf("read bytes = %d\n", (int) bytes);
if (bytes <= 0) {
return -1;
}
InitDecodedCert(&decodedCert, derBuffer, (word32) bytes, 0);
ret = wc_SetUnknownExtCallback(&decodedCert, myCustomExtCallback);
check_ret("wc_SetUnknownExtCallback", ret);
ret = ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL);
check_ret("ParseCert", ret);
FreeDecodedCert(&decodedCert);
wolfCrypt_Cleanup();
printf("Success\n");
return 0;
}
static void check_ret(char* call, int ret)
{
if (ret != 0) {
printf("call: %s\n", call);
printf("ret = %d\n", ret);
exit(-99);
}
return;
}
#else
int main(void)
{
printf("Not compiled in: Configure wolfSSL using ./configure"
"--enable-certreq --enable-certgen --enable-certext "
"CFLAGS=\"-DWOLFSSL_TEST_CERT -DHAVE_OID_DECODING "
"-DWOLFSSL_CUSTOM_OID \"\n");
return 0;
}
#endif
Reference in New Issue View Git Blame Copy Permalink