Commit aab5f740 authored by PhoeniX's avatar PhoeniX

Write issued certificates into directory

parent 048d5202
......@@ -12,6 +12,7 @@
#include <sys/un.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
......@@ -30,6 +31,7 @@
EVP_PKEY *cakey, *enkey, *dskey;
X509 *cacer, *encer, *dscer;
const char* issued_dir;
int sock;
static int
......@@ -231,7 +233,28 @@ void do_certReq(int sock, const char* req, size_t len, const unsigned char* tran
}
}
X509_sign(ncert, cakey, EVP_sha256());
{
uint32_t hash = (uint32_t)X509_NAME_hash(ncert->cert_info->subject);
char hash_str[sizeof(hash)*2+1];
#ifdef __x86_64__
const char* fmt = "%08x";
#else
const char* fmt = "%08lx";
#endif
sprintf(hash_str, fmt, hash);
int i = 0;
char* filename = (char*)malloc(strlen(issued_dir)+strlen(hash_str)+8);
struct stat buf;
do {
sprintf(filename, "%s%s.%d", issued_dir, hash_str, i++);
if (stat(filename, &buf) != 0) break;
} while (1);
FILE *f = fopen(filename, "w+");
X509_print_ex_fp(f, ncert, 0, 0);
fclose(f);
free(filename);
}
PKCS7_set_type(pkcs, NID_pkcs7_signed);
PKCS7_content_new(pkcs, NID_pkcs7_data);
PKCS7_add_certificate(pkcs, ncert);
......@@ -500,15 +523,16 @@ static void* socket_proc (void* arg) {
}
int main(int argc, const char * argv[]) {
const char *cacerf, *cakeyf, *dscerf, *dskeyf, *encerf, *enkeyf, *sockf;
if (argc == 8) {
const char *cacerf, *cakeyf, *dscerf, *dskeyf, *encerf, *enkeyf, *issued, *sockf;
if (argc == 9) {
cacerf = argv[1];
cakeyf = argv[2];
dscerf = argv[3];
dskeyf = argv[4];
encerf = argv[5];
enkeyf = argv[6];
sockf = argv[7];
issued = argv[7];
sockf = argv[8];
} else return 1;
OPENSSL_init();
OpenSSL_add_all_algorithms();
......@@ -575,6 +599,7 @@ int main(int argc, const char * argv[]) {
printf(" [ DONE ]\n");
}
printf("Issued certs directory: %s\n",(issued_dir = issued));
printf("Starting server...");
{
short port = atoi(sockf);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment