_ Git - BearSSL/blob - tools/chain.c

   1 /*
   2  * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
   3  *
   4  * Permission is hereby granted, free of charge, to any person obtaining
   5  * a copy of this software and associated documentation files (the
   6  * "Software"), to deal in the Software without restriction, including
   7  * without limitation the rights to use, copy, modify, merge, publish,
   8  * distribute, sublicense, and/or sell copies of the Software, and to
   9  * permit persons to whom the Software is furnished to do so, subject to
  10  * the following conditions:
  11  *
  12  * The above copyright notice and this permission notice shall be
  13  * included in all copies or substantial portions of the Software.
  14  *
  15  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  16  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  17  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  18  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
  19  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
  20  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
  21  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  22  * SOFTWARE.
  23  */
  24
  25 #include <stdio.h>
  26 #include <stdlib.h>
  27 #include <string.h>
  28 #include <stdint.h>
  29 #include <errno.h>
  30
  31 #include "brssl.h"
  32 #include "bearssl.h"
  33
  34 static void
  35 print_blob(const char *name, const unsigned char *buf, size_t len)
  36 {
  37         size_t u;
  38
  39         printf("\nstatic const unsigned char %s[] = {", name);
  40         for (u = 0; u < len; u ++) {
  41                 if (u != 0) {
  42                         printf(",");
  43                 }
  44                 if (u % 12 == 0) {
  45                         printf("\n\t");
  46                 } else {
  47                         printf(" ");
  48                 }
  49                 printf("0x%02X", buf[u]);
  50         }
  51         printf("\n};\n");
  52 }
  53
  54 static void
  55 usage_chain(void)
  56 {
  57         fprintf(stderr,
  58 "usage: brssl chain [ options ] file...\n");
  59         fprintf(stderr,
  60 "options:\n");
  61         fprintf(stderr,
  62 "   -q            suppress verbose messages\n");
  63 }
  64
  65 /* see brssl.h */
  66 int
  67 do_chain(int argc, char *argv[])
  68 {
  69         int retcode;
  70         int verbose;
  71         int i, num_files;
  72         long k, ctr;
  73
  74         retcode = 0;
  75         verbose = 1;
  76         num_files = 0;
  77         for (i = 0; i < argc; i ++) {
  78                 const char *arg;
  79
  80                 arg = argv[i];
  81                 if (arg[0] != '-') {
  82                         num_files ++;
  83                         continue;
  84                 }
  85                 argv[i] = NULL;
  86                 if (eqstr(arg, "-v") || eqstr(arg, "-verbose")) {
  87                         verbose = 1;
  88                 } else if (eqstr(arg, "-q") || eqstr(arg, "-quiet")) {
  89                         verbose = 0;
  90                 } else {
  91                         fprintf(stderr, "ERROR: unknown option: '%s'\n", arg);
  92                         usage_chain();
  93                         goto chain_exit_error;
  94                 }
  95         }
  96         if (num_files == 0) {
  97                 fprintf(stderr, "ERROR: no certificate file provided\n");
  98                 usage_chain();
  99                 goto chain_exit_error;
 100         }
 101
 102         ctr = 0;
 103         for (i = 0; i < argc; i ++) {
 104                 const char *fname;
 105                 br_x509_certificate *xcs;
 106                 size_t u, num;
 107
 108                 fname = argv[i];
 109                 if (fname == NULL) {
 110                         continue;
 111                 }
 112                 if (verbose) {
 113                         fprintf(stderr, "Reading file '%s': ", fname);
 114                         fflush(stderr);
 115                 }
 116                 xcs = read_certificates(fname, &num);
 117                 if (xcs == NULL) {
 118                         goto chain_exit_error;
 119                 }
 120                 if (verbose) {
 121                         fprintf(stderr, "%lu certificate%s\n",
 122                                 (unsigned long)num, num > 1 ? "s" : "");
 123                 }
 124                 for (u = 0; u < num; u ++) {
 125                         char tmp[50];
 126
 127                         sprintf(tmp, "CERT%ld", ctr ++);
 128                         print_blob(tmp, xcs[u].data, xcs[u].data_len);
 129                         xfree(xcs[u].data);
 130                 }
 131                 xfree(xcs);
 132         }
 133
 134         printf("\nstatic const br_x509_certificate CHAIN[] = {");
 135         for (k = 0; k < ctr; k ++) {
 136                 if (k != 0) {
 137                         printf(",");
 138                 }
 139                 printf("\n\t{ (unsigned char *)CERT%ld, sizeof CERT%ld }",
 140                         k, k);
 141         }
 142         printf("\n};\n");
 143         printf("\n#define CHAIN_LEN   %ld\n", ctr);
 144
 145         /*
 146          * Release allocated structures.
 147          */
 148 chain_exit:
 149         return retcode;
 150
 151 chain_exit_error:
 152         retcode = -1;
 153         goto chain_exit;
 154 }