]> git.saurik.com Git - apple/security.git/blob - SecurityTests/clxutils/extenGrab/extenGrab.cpp
Security-57336.1.9.tar.gz
[apple/security.git] / SecurityTests / clxutils / extenGrab / extenGrab.cpp
1 /*
2 * extenGrab - write the unparsed extension blobs of a specified
3 * cert to files for external examination
4 */
5 #include <Security/SecAsn1Coder.h>
6 #include <Security/X509Templates.h>
7 #include <Security/cssmapple.h>
8 #include <stdio.h>
9 #include <string.h>
10 #include <stdlib.h>
11 #include <security_cdsa_utils/cuOidParser.h>
12 #include <security_cdsa_utils/cuFileIo.h>
13
14 static void usage(char **argv)
15 {
16 printf("Usage: %s certFile outFileBase [r for CRL, default is cert]\n",
17 argv[0]);
18 exit(1);
19 }
20
21 /*
22 * How many items in a NULL-terminated array of pointers?
23 */
24 static unsigned nssArraySize(
25 const void **array)
26 {
27 unsigned count = 0;
28 if (array) {
29 while (*array++) {
30 count++;
31 }
32 }
33 return count;
34 }
35
36 int main(int argc, char **argv)
37 {
38 if(argc < 3) {
39 usage(argv);
40 }
41
42 bool doCert = true;
43 NSS_Certificate signedCert;
44 NSS_Crl signedCrl;
45 void *decodeTarget;
46 const SecAsn1Template *templ;
47 NSS_CertExtension ***extenp;
48
49 for(int arg=3; arg<argc; arg++) {
50 switch(argv[arg][0]) {
51 case 'r':
52 doCert = false; // i.e. CRL
53 break;
54 default:
55 usage(argv);
56 }
57 }
58
59 if(doCert) {
60 memset(&signedCert, 0, sizeof(signedCert));
61 decodeTarget = &signedCert;
62 templ = kSecAsn1SignedCertTemplate;
63 extenp = &signedCert.tbs.extensions;
64 }
65 else {
66 memset(&signedCrl, 0, sizeof(signedCrl));
67 decodeTarget = &signedCrl;
68 templ = kSecAsn1SignedCrlTemplate;
69 extenp = &signedCrl.tbs.extensions;
70 }
71
72 const char *certFile = argv[1];
73 const char *outBase = argv[2];
74 unsigned char *rawCert;
75 unsigned rawCertLen;
76
77 if(readFile(certFile, &rawCert, &rawCertLen)) {
78 printf("***Can't read cert file. Abortihng.\n");
79 exit(1);
80 }
81
82 SecAsn1CoderRef coder;
83 CSSM_DATA rawItem = {rawCertLen, rawCert};
84
85 OSStatus ortn = SecAsn1CoderCreate(&coder);
86 if(ortn) {
87 cssmPerror("SecAsn1CoderCreate", ortn);
88
89 }
90 if(SecAsn1DecodeData(coder, &rawItem, templ, decodeTarget)) {
91 printf("SecAsn1DecodeData(signed) error\n");
92 exit(1);
93 }
94
95 NSS_CertExtension **extens = *extenp;
96 unsigned numExtens = nssArraySize((const void **)extens);
97 if(numExtens == 0) {
98 printf("There appear to be zero extensions in this item.\n");
99 exit(0);
100 }
101
102 OidParser parser;
103 char oidStr[OID_PARSER_STRING_SIZE];
104 char outFileName[200];
105
106 for(unsigned dex=0; dex<numExtens; dex++) {
107 NSS_CertExtension *exten = extens[dex];
108 parser.oidParse(exten->extnId.Data, exten->extnId.Length, oidStr);
109 printf("Extension %u : %s\n", dex, oidStr);
110 sprintf(outFileName, "%s_%u", outBase, dex);
111 if(writeFile(outFileName, exten->value.Data, exten->value.Length)) {
112 printf("***Error writing %s. Aborting.\n",
113 outFileName);
114 exit(1);
115 }
116 else {
117 printf("...wrote %lu bytes to %s\n",
118 exten->value.Length, outFileName);
119 }
120 }
121 SecAsn1CoderRelease(coder);
122 printf("..done.\n");
123 return 0;
124 }