Panda3D
 All Classes Functions Variables Enumerations
make_ca_bundle.cxx
1 // Filename: make_ca_bundle.cxx
2 // Created by: drose (07Oct09)
3 //
4 ////////////////////////////////////////////////////////////////////
5 //
6 // PANDA 3D SOFTWARE
7 // Copyright (c) Carnegie Mellon University. All rights reserved.
8 //
9 // All use of this software is subject to the terms of the revised BSD
10 // license. You should have received a copy of this license along
11 // with this source code in a file named "LICENSE."
12 //
13 ////////////////////////////////////////////////////////////////////
14 
15 #include "pandabase.h"
16 #include "openSSLWrapper.h"
17 #include <stdio.h>
18 
19 static const char *source_filename = "ca-bundle.crt";
20 static const char *target_filename = "ca_bundle_data_src.c";
21 
22 int
23 main(int argc, char *argv[]) {
24  FILE *fin = fopen(source_filename, "r");
25  if (fin == NULL) {
26  cerr << "Couldn't open " << source_filename << " for reading.\n";
27  return 1;
28  }
29 
30  // Initialize OpenSSL.
31  OpenSSLWrapper::get_global_ptr();
32 
33  // We have to be sure and clear the OpenSSL error state before we
34  // call this function, or it will get confused.
35  ERR_clear_error();
36  STACK_OF(X509_INFO) *inf;
37  inf = PEM_X509_INFO_read(fin, NULL, NULL, NULL);
38 
39  if (!inf) {
40  // Could not scan certificates.
41  cerr << "Couldn't read PEM file in " << source_filename << "\n";
42  return 0;
43  }
44 
45  cerr << "PEM_X509_INFO_read() found " << sk_X509_INFO_num(inf)
46  << " entries.\n";
47 
48  // Now convert the certificates to DER form.
49  stringstream der_stream;
50 
51  int cert_count = 0;
52  int num_entries = sk_X509_INFO_num(inf);
53  for (int i = 0; i < num_entries; i++) {
54  X509_INFO *itmp = sk_X509_INFO_value(inf, i);
55 
56  if (itmp->x509) {
57  X509 *cert = itmp->x509;
58 
59  int der_len = i2d_X509(cert, NULL);
60  unsigned char *der_buf = new unsigned char[der_len];
61  unsigned char *p = der_buf;
62  i2d_X509(cert, &p);
63  der_stream.write((const char *)der_buf, der_len);
64  delete[] der_buf;
65  cert_count++;
66  }
67  }
68  sk_X509_INFO_pop_free(inf, X509_INFO_free);
69 
70  fclose(fin);
71 
72  // Now write the data to the .c file, in a compilable form, similar
73  // to bin2c.
74  ofstream out;
75  Filename target = Filename::text_filename(string(target_filename));
76  if (!target.open_write(out)) {
77  cerr << "Couldn't open " << target_filename << " for writing.\n";
78  return (1);
79  }
80 
81  der_stream.seekg(0);
82  istream &in = der_stream;
83 
84  string table_type = "const unsigned char ";
85  string length_type = "const int ";
86  string table_name = "ca_bundle_data";
87  string static_keyword = "static ";
88  static const int col_width = 11;
89 
90  out << "\n"
91  << "/*\n"
92  << " * This table was generated by the command:\n"
93  << " *\n"
94  << " * make_ca_bundle\n"
95  << " *\n"
96  << " * which is a \"test\" program in the express directory; it reads\n"
97  << " * ca-bundle.crt and produces this file.\n"
98  << " *\n"
99  << " * This file represents the set of well-known certificate authorities\n"
100  << " * in DER form, for compiling into OpenSSLWrapper.\n"
101  << " */\n\n"
102  << static_keyword << table_type << table_name << "[] = {";
103  out << hex << setfill('0');
104  int count = 0;
105  int col = 0;
106  unsigned int ch;
107  ch = in.get();
108  while (!in.fail() && !in.eof()) {
109  if (col == 0) {
110  out << "\n ";
111  } else if (col == col_width) {
112  out << ",\n ";
113  col = 0;
114  } else {
115  out << ", ";
116  }
117  out << "0x" << setw(2) << ch;
118  col++;
119  count++;
120  ch = in.get();
121  }
122  out << "\n};\n\n"
123  << static_keyword << length_type << table_name << "_len = "
124  << dec << count << ";\n\n";
125 
126  cerr << "Wrote " << cert_count << " certificates to "
127  << target_filename << "\n";
128  return 0;
129 }
The name of a file, such as a texture file or an Egg file.
Definition: filename.h:44
bool open_write(ofstream &stream, bool truncate=true) const
Opens the indicated ifstream for writing the file, if possible.
Definition: filename.cxx:2045