|
Packit |
549fdc |
/*
|
|
Packit |
549fdc |
* Copyright (C) 2006-2012 Free Software Foundation, Inc.
|
|
Packit |
549fdc |
* Author: Simon Josefsson, Howard Chu
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* This file is part of GnuTLS.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* GnuTLS is free software; you can redistribute it and/or modify it
|
|
Packit |
549fdc |
* under the terms of the GNU General Public License as published by
|
|
Packit |
549fdc |
* the Free Software Foundation; either version 3 of the License, or
|
|
Packit |
549fdc |
* (at your option) any later version.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* GnuTLS is distributed in the hope that it will be useful, but
|
|
Packit |
549fdc |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
549fdc |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit |
549fdc |
* General Public License for more details.
|
|
Packit |
549fdc |
*
|
|
Packit |
549fdc |
* You should have received a copy of the GNU General Public License
|
|
Packit |
549fdc |
* along with GnuTLS; if not, write to the Free Software Foundation,
|
|
Packit |
549fdc |
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|
|
Packit |
549fdc |
*/
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
#ifdef HAVE_CONFIG_H
|
|
Packit |
549fdc |
#include "config.h"
|
|
Packit |
549fdc |
#endif
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
#include <stdio.h>
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
#include <gnutls/gnutls.h>
|
|
Packit |
549fdc |
#include <gnutls/x509.h>
|
|
Packit |
549fdc |
#include "utils.h"
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
static char pem[] =
|
|
Packit |
549fdc |
"-----BEGIN CERTIFICATE-----\n"
|
|
Packit |
549fdc |
"MIIE6zCCA9OgAwIBAgIBdjANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJTRTEf\n"
|
|
Packit |
549fdc |
"MB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEgMB4GA1UEAxMXU3RvY2to\n"
|
|
Packit |
549fdc |
"b2xtIFVuaXZlcnNpdHkgQ0EwHhcNMDYwMzIyMDkxNTI4WhcNMDcwMzIyMDkxNTI4\n"
|
|
Packit |
549fdc |
"WjBDMQswCQYDVQQGEwJTRTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRl\n"
|
|
Packit |
549fdc |
"dDETMBEGA1UEAxMKc2lwMS5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC\n"
|
|
Packit |
549fdc |
"gYEArUzXTD36ZK7CwZJH/faUNTcdaqM7JyiZsfrO703d7cT/bJ3wKxT8trOOh/Ou\n"
|
|
Packit |
549fdc |
"WwgGFX2+r7ykun3aIUXUuD13Yle/yHqH/4g9vWX7UeFCBlSI0tAxnlqt0QqlPgSd\n"
|
|
Packit |
549fdc |
"GLHcoO4PPyjon9jj0A/zpJGZHiRUCooo63YqE9MYfr5HBfkCAwEAAaOCAl8wggJb\n"
|
|
Packit |
549fdc |
"MAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD\n"
|
|
Packit |
549fdc |
"VR0OBBYEFDpcXNHMLJ7fc/c72BtZseq4MDXFMH8GA1UdIwR4MHaAFJ4uMLo32VFE\n"
|
|
Packit |
549fdc |
"yZ2/GCHxvX7utYZIoVukWTBXMQswCQYDVQQGEwJTRTEYMBYGA1UEChMPVW1lYSBV\n"
|
|
Packit |
549fdc |
"bml2ZXJzaXR5MRMwEQYDVQQLEwpTd1VQS0ktUENBMRkwFwYDVQQDExBTd1VQS0kg\n"
|
|
Packit |
549fdc |
"UG9saWN5IENBggEQMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9jYS5zdS5zZS8y\n"
|
|
Packit |
549fdc |
"MDA1LTEvY3JsLXYyLmNybDB5BgNVHSAEcjBwMG4GCCqFcCsCAQEBMGIwHwYIKwYB\n"
|
|
Packit |
549fdc |
"BQUHAgEWE2h0dHA6Ly9jYS5zdS5zZS9DUFMwPwYIKwYBBQUHAgIwMxoxTGltaXRl\n"
|
|
Packit |
549fdc |
"ZCBMaWFiaWxpdHksIHNlZSBodHRwOi8vd3d3LnN3dXBraS5zdS5zZS9DUDAkBgNV\n"
|
|
Packit |
549fdc |
"HRIEHTAbgQhjYUBzdS5zZYYPaHR0cDovL2NhLnN1LnNlMIG3BgNVHREEga8wgayC\n"
|
|
Packit |
549fdc |
"F2luY29taW5ncHJveHkuc2lwLnN1LnNlghhpbmNvbWluZ3Byb3h5MS5zaXAuc3Uu\n"
|
|
Packit |
549fdc |
"c2WCF291dGdvaW5ncHJveHkuc2lwLnN1LnNlghhvdXRnb2luZ3Byb3h5MS5zaXAu\n"
|
|
Packit |
549fdc |
"c3Uuc2WCDW91dC5zaXAuc3Uuc2WCE2FwcHNlcnZlci5zaXAuc3Uuc2WCFGFwcHNl\n"
|
|
Packit |
549fdc |
"cnZlcjEuc2lwLnN1LnNlggpzaXAxLnN1LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAR\n"
|
|
Packit |
549fdc |
"FYg7ytcph0E7WmvM44AN/8qru7tRX6aSFWrjLyVr/1Wk4prCK4y5JpfNw5dh9Z8f\n"
|
|
Packit |
549fdc |
"/gyFsr1iFsb6fS3nJTTd3fVlWRfcNCGIx5g8KuSb3u6f7VznkGOeiRMRESQc1G8B\n"
|
|
Packit |
549fdc |
"eh0zbdZS7BYO2g9EKlbGST5PwQnc4g9K7pqPyKSNVkzb60Nujg/+qYje7MCcN+ZR\n"
|
|
Packit |
549fdc |
"nUBo6U2NZ06/QEUFm+uUIhZ8IGM1gLehC7Q3G4+d4c38CDJxQnSPOgWiXuSvhhQm\n"
|
|
Packit |
549fdc |
"KDsbrKzRaeBRh5eEJbTkA8Dp0Emb0UrkRVhixeg97stxUcATAjdGljJ9MLnuHXnI\n"
|
|
Packit |
549fdc |
"7ihGdUfg5q/105vpsQpO\n" "-----END CERTIFICATE-----\n";
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
#define MAX_DATA_SIZE 1024
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
void doit(void)
|
|
Packit |
549fdc |
{
|
|
Packit |
549fdc |
int ret;
|
|
Packit |
549fdc |
gnutls_datum_t derCert = { (void *) pem, sizeof(pem) };
|
|
Packit |
549fdc |
gnutls_x509_crt_t cert;
|
|
Packit |
549fdc |
size_t data_len = MAX_DATA_SIZE;
|
|
Packit |
549fdc |
char data[MAX_DATA_SIZE];
|
|
Packit |
549fdc |
unsigned int critical = 0;
|
|
Packit |
549fdc |
int alt_name_count = 0;
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ret = global_init();
|
|
Packit |
549fdc |
if (ret < 0)
|
|
Packit |
549fdc |
fail("init %d\n", ret);
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ret = gnutls_x509_crt_init(&cert);
|
|
Packit |
549fdc |
if (ret < 0)
|
|
Packit |
549fdc |
fail("crt_init %d\n", ret);
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
ret = gnutls_x509_crt_import(cert, &derCert, GNUTLS_X509_FMT_PEM);
|
|
Packit |
549fdc |
if (ret < 0)
|
|
Packit |
549fdc |
fail("crt_import %d\n", ret);
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
for (alt_name_count = 0;; ++alt_name_count) {
|
|
Packit |
549fdc |
ret =
|
|
Packit |
549fdc |
gnutls_x509_crt_get_issuer_alt_name(cert,
|
|
Packit |
549fdc |
alt_name_count,
|
|
Packit |
549fdc |
data, &data_len,
|
|
Packit |
549fdc |
&critical);
|
|
Packit |
549fdc |
if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
|
|
Packit |
549fdc |
break;
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
if (ret < 0)
|
|
Packit |
549fdc |
fail("get_issuer_alt_name: %d\n", ret);
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
// TODO: print out / check results
|
|
Packit |
549fdc |
if (GNUTLS_SAN_URI == ret) {
|
|
Packit |
549fdc |
if (strcmp(data, "http://ca.su.se") != 0) {
|
|
Packit |
549fdc |
fail("unexpected issuer GNUTLS_SAN_URI: %s\n", data);
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
} else if (GNUTLS_SAN_RFC822NAME == ret) {
|
|
Packit |
549fdc |
if (strcmp(data, "ca@su.se") != 0) {
|
|
Packit |
549fdc |
fail("unexpected issuer GNUTLS_SAN_RFC822NAME: %s\n", data);
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
} else {
|
|
Packit |
549fdc |
fail("unexpected alt name type: %d\n", ret);
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
data_len = MAX_DATA_SIZE;
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
if (alt_name_count != 2) {
|
|
Packit |
549fdc |
fail("unexpected number of alt names: %i\n",
|
|
Packit |
549fdc |
alt_name_count);
|
|
Packit |
549fdc |
}
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
if (debug)
|
|
Packit |
549fdc |
success("done\n");
|
|
Packit |
549fdc |
|
|
Packit |
549fdc |
gnutls_x509_crt_deinit(cert);
|
|
Packit |
549fdc |
gnutls_global_deinit();
|
|
Packit |
549fdc |
}
|