SecurityTests/clxutils/extenGrab/extenGrab.cpp

   1 /*
   2  * extenGrab - write the unparsed extension blobs of a specified
   3  * cert to files for external examination
   4  */
   5 #include <Security/SecAsn1Coder.h>
   6 #include <Security/X509Templates.h>
   7 #include <Security/cssmapple.h>
   8 #include <stdio.h>
   9 #include <string.h>
  10 #include <stdlib.h>
  11 #include <security_cdsa_utils/cuOidParser.h>
  12 #include <security_cdsa_utils/cuFileIo.h>
  13
  14 static void usage(char **argv)
  15 {
  16         printf("Usage: %s certFile outFileBase [r for CRL, default is cert]\n",
  17                 argv[0]);
  18         exit(1);
  19 }
  20
  21 /*
  22  * How many items in a NULL-terminated array of pointers?
  23  */
  24 static unsigned nssArraySize(
  25         const void **array)
  26 {
  27     unsigned count = 0;
  28     if (array) {
  29                 while (*array++) {
  30                         count++;
  31                 }
  32     }
  33     return count;
  34 }
  35
  36 int main(int argc, char **argv)
  37 {
  38         if(argc < 3) {
  39                 usage(argv);
  40         }
  41
  42         bool                                    doCert = true;
  43         NSS_Certificate                 signedCert;
  44         NSS_Crl                                 signedCrl;
  45         void                                    *decodeTarget;
  46         const SecAsn1Template   *templ;
  47         NSS_CertExtension               ***extenp;
  48
  49         for(int arg=3; arg<argc; arg++) {
  50                 switch(argv[arg][0]) {
  51                         case 'r':
  52                                 doCert = false;         // i.e. CRL
  53                                 break;
  54                         default:
  55                                 usage(argv);
  56                 }
  57         }
  58
  59         if(doCert) {
  60                 memset(&signedCert, 0, sizeof(signedCert));
  61                 decodeTarget = &signedCert;
  62                 templ = kSecAsn1SignedCertTemplate;
  63                 extenp = &signedCert.tbs.extensions;
  64         }
  65         else {
  66                 memset(&signedCrl, 0, sizeof(signedCrl));
  67                 decodeTarget = &signedCrl;
  68                 templ = kSecAsn1SignedCrlTemplate;
  69                 extenp = &signedCrl.tbs.extensions;
  70         }
  71
  72         const char *certFile = argv[1];
  73         const char *outBase = argv[2];
  74         unsigned char *rawCert;
  75         unsigned rawCertLen;
  76
  77         if(readFile(certFile, &rawCert, &rawCertLen)) {
  78                 printf("***Can't read cert file. Abortihng.\n");
  79                 exit(1);
  80         }
  81
  82         SecAsn1CoderRef         coder;
  83         CSSM_DATA                       rawItem = {rawCertLen, rawCert};
  84
  85         OSStatus ortn = SecAsn1CoderCreate(&coder);
  86         if(ortn) {
  87                 cssmPerror("SecAsn1CoderCreate", ortn);
  88
  89         }
  90         if(SecAsn1DecodeData(coder, &rawItem, templ, decodeTarget)) {
  91                 printf("SecAsn1DecodeData(signed) error\n");
  92                 exit(1);
  93         }
  94
  95         NSS_CertExtension **extens = *extenp;
  96         unsigned numExtens = nssArraySize((const void **)extens);
  97         if(numExtens == 0) {
  98                 printf("There appear to be zero extensions in this item.\n");
  99                 exit(0);
 100         }
 101
 102         OidParser parser;
 103         char oidStr[OID_PARSER_STRING_SIZE];
 104         char outFileName[200];
 105
 106         for(unsigned dex=0; dex<numExtens; dex++) {
 107                 NSS_CertExtension *exten = extens[dex];
 108                 parser.oidParse(exten->extnId.Data, exten->extnId.Length, oidStr);
 109                 printf("Extension %u : %s\n", dex, oidStr);
 110                 sprintf(outFileName, "%s_%u", outBase, dex);
 111                 if(writeFile(outFileName, exten->value.Data, exten->value.Length)) {
 112                         printf("***Error writing %s. Aborting.\n",
 113                                 outFileName);
 114                         exit(1);
 115                 }
 116                 else {
 117                         printf("...wrote %lu bytes to %s\n",
 118                                 exten->value.Length, outFileName);
 119                 }
 120         }
 121         SecAsn1CoderRelease(coder);
 122         printf("..done.\n");
 123         return 0;
 124 }