diff options
author | David Monniaux <david.monniaux@univ-grenoble-alpes.fr> | 2019-02-02 12:03:44 +0100 |
---|---|---|
committer | David Monniaux <david.monniaux@univ-grenoble-alpes.fr> | 2019-02-02 12:03:44 +0100 |
commit | dc25573ed79a0d55c5a24b20474aa8504a758a2c (patch) | |
tree | 894a85209cb933b89b3d0fdb9c2320b43412424e /test/monniaux/BearSSL/tools/chain.c | |
parent | 44b2d04414b13811868a134f1eae9eaece506b69 (diff) | |
download | compcert-kvx-dc25573ed79a0d55c5a24b20474aa8504a758a2c.tar.gz compcert-kvx-dc25573ed79a0d55c5a24b20474aa8504a758a2c.zip |
BearSSL
Diffstat (limited to 'test/monniaux/BearSSL/tools/chain.c')
-rw-r--r-- | test/monniaux/BearSSL/tools/chain.c | 154 |
1 files changed, 154 insertions, 0 deletions
diff --git a/test/monniaux/BearSSL/tools/chain.c b/test/monniaux/BearSSL/tools/chain.c new file mode 100644 index 00000000..671f5e83 --- /dev/null +++ b/test/monniaux/BearSSL/tools/chain.c @@ -0,0 +1,154 @@ +/* + * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org> + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <stdint.h> +#include <errno.h> + +#include "brssl.h" +#include "bearssl.h" + +static void +print_blob(const char *name, const unsigned char *buf, size_t len) +{ + size_t u; + + printf("\nstatic const unsigned char %s[] = {", name); + for (u = 0; u < len; u ++) { + if (u != 0) { + printf(","); + } + if (u % 12 == 0) { + printf("\n\t"); + } else { + printf(" "); + } + printf("0x%02X", buf[u]); + } + printf("\n};\n"); +} + +static void +usage_chain(void) +{ + fprintf(stderr, +"usage: brssl chain [ options ] file...\n"); + fprintf(stderr, +"options:\n"); + fprintf(stderr, +" -q suppress verbose messages\n"); +} + +/* see brssl.h */ +int +do_chain(int argc, char *argv[]) +{ + int retcode; + int verbose; + int i, num_files; + long k, ctr; + + retcode = 0; + verbose = 1; + num_files = 0; + for (i = 0; i < argc; i ++) { + const char *arg; + + arg = argv[i]; + if (arg[0] != '-') { + num_files ++; + continue; + } + argv[i] = NULL; + if (eqstr(arg, "-v") || eqstr(arg, "-verbose")) { + verbose = 1; + } else if (eqstr(arg, "-q") || eqstr(arg, "-quiet")) { + verbose = 0; + } else { + fprintf(stderr, "ERROR: unknown option: '%s'\n", arg); + usage_chain(); + goto chain_exit_error; + } + } + if (num_files == 0) { + fprintf(stderr, "ERROR: no certificate file provided\n"); + usage_chain(); + goto chain_exit_error; + } + + ctr = 0; + for (i = 0; i < argc; i ++) { + const char *fname; + br_x509_certificate *xcs; + size_t u, num; + + fname = argv[i]; + if (fname == NULL) { + continue; + } + if (verbose) { + fprintf(stderr, "Reading file '%s': ", fname); + fflush(stderr); + } + xcs = read_certificates(fname, &num); + if (xcs == NULL) { + goto chain_exit_error; + } + if (verbose) { + fprintf(stderr, "%lu certificate%s\n", + (unsigned long)num, num > 1 ? "s" : ""); + } + for (u = 0; u < num; u ++) { + char tmp[50]; + + sprintf(tmp, "CERT%ld", ctr ++); + print_blob(tmp, xcs[u].data, xcs[u].data_len); + xfree(xcs[u].data); + } + xfree(xcs); + } + + printf("\nstatic const br_x509_certificate CHAIN[] = {"); + for (k = 0; k < ctr; k ++) { + if (k != 0) { + printf(","); + } + printf("\n\t{ (unsigned char *)CERT%ld, sizeof CERT%ld }", + k, k); + } + printf("\n};\n"); + printf("\n#define CHAIN_LEN %ld\n", ctr); + + /* + * Release allocated structures. + */ +chain_exit: + return retcode; + +chain_exit_error: + retcode = -1; + goto chain_exit; +} |