Panda3D
|
00001 // Filename: make_ca_bundle.cxx 00002 // Created by: drose (07Oct09) 00003 // 00004 //////////////////////////////////////////////////////////////////// 00005 // 00006 // PANDA 3D SOFTWARE 00007 // Copyright (c) Carnegie Mellon University. All rights reserved. 00008 // 00009 // All use of this software is subject to the terms of the revised BSD 00010 // license. You should have received a copy of this license along 00011 // with this source code in a file named "LICENSE." 00012 // 00013 //////////////////////////////////////////////////////////////////// 00014 00015 #include "pandabase.h" 00016 #include "openSSLWrapper.h" 00017 #include <stdio.h> 00018 00019 static const char *source_filename = "ca-bundle.crt"; 00020 static const char *target_filename = "ca_bundle_data_src.c"; 00021 00022 int 00023 main(int argc, char *argv[]) { 00024 FILE *fin = fopen(source_filename, "r"); 00025 if (fin == NULL) { 00026 cerr << "Couldn't open " << source_filename << " for reading.\n"; 00027 return 1; 00028 } 00029 00030 // Initialize OpenSSL. 00031 OpenSSLWrapper::get_global_ptr(); 00032 00033 // We have to be sure and clear the OpenSSL error state before we 00034 // call this function, or it will get confused. 00035 ERR_clear_error(); 00036 STACK_OF(X509_INFO) *inf; 00037 inf = PEM_X509_INFO_read(fin, NULL, NULL, NULL); 00038 00039 if (!inf) { 00040 // Could not scan certificates. 00041 cerr << "Couldn't read PEM file in " << source_filename << "\n"; 00042 return 0; 00043 } 00044 00045 cerr << "PEM_X509_INFO_read() found " << sk_X509_INFO_num(inf) 00046 << " entries.\n"; 00047 00048 // Now convert the certificates to DER form. 00049 stringstream der_stream; 00050 00051 int cert_count = 0; 00052 int num_entries = sk_X509_INFO_num(inf); 00053 for (int i = 0; i < num_entries; i++) { 00054 X509_INFO *itmp = sk_X509_INFO_value(inf, i); 00055 00056 if (itmp->x509) { 00057 X509 *cert = itmp->x509; 00058 00059 int der_len = i2d_X509(cert, NULL); 00060 unsigned char *der_buf = new unsigned char[der_len]; 00061 unsigned char *p = der_buf; 00062 i2d_X509(cert, &p); 00063 der_stream.write((const char *)der_buf, der_len); 00064 delete[] der_buf; 00065 cert_count++; 00066 } 00067 } 00068 sk_X509_INFO_pop_free(inf, X509_INFO_free); 00069 00070 fclose(fin); 00071 00072 // Now write the data to the .c file, in a compilable form, similar 00073 // to bin2c. 00074 ofstream out; 00075 Filename target = Filename::text_filename(target_filename); 00076 if (!target.open_write(out)) { 00077 cerr << "Couldn't open " << target_filename << " for writing.\n"; 00078 return (1); 00079 } 00080 00081 der_stream.seekg(0); 00082 istream &in = der_stream; 00083 00084 string table_type = "const unsigned char "; 00085 string length_type = "const int "; 00086 string table_name = "ca_bundle_data"; 00087 string static_keyword = "static "; 00088 static const int col_width = 11; 00089 00090 out << "\n" 00091 << "/*\n" 00092 << " * This table was generated by the command:\n" 00093 << " *\n" 00094 << " * make_ca_bundle\n" 00095 << " *\n" 00096 << " * which is a \"test\" program in the express directory; it reads\n" 00097 << " * ca-bundle.crt and produces this file.\n" 00098 << " *\n" 00099 << " * This file represents the set of well-known certificate authorities\n" 00100 << " * in DER form, for compiling into OpenSSLWrapper.\n" 00101 << " */\n\n" 00102 << static_keyword << table_type << table_name << "[] = {"; 00103 out << hex << setfill('0'); 00104 int count = 0; 00105 int col = 0; 00106 unsigned int ch; 00107 ch = in.get(); 00108 while (!in.fail() && !in.eof()) { 00109 if (col == 0) { 00110 out << "\n "; 00111 } else if (col == col_width) { 00112 out << ",\n "; 00113 col = 0; 00114 } else { 00115 out << ", "; 00116 } 00117 out << "0x" << setw(2) << ch; 00118 col++; 00119 count++; 00120 ch = in.get(); 00121 } 00122 out << "\n};\n\n" 00123 << static_keyword << length_type << table_name << "_len = " 00124 << dec << count << ";\n\n"; 00125 00126 cerr << "Wrote " << cert_count << " certificates to " 00127 << target_filename << "\n"; 00128 return 0; 00129 }