certsgen.c 5.11 KB
#include <openssl/rsa.h>
#include <openssl/bn.h>
#include <stdlib.h>
#include <sha1.h>
#include <PR/bbmetadata.h>
#include <PR/bbcert.h>
#include <openssl/rand.h>
#include <stdlib.h>
#include <bb_nn.h>
#include <util.h>
#include <bbtoolsapi.h>



#define MAX_KEY_SIZE 4096

     

int main(int argc, char **argv){
    RSA *prsa;
    unsigned char subjectname[64];
    unsigned char issuername[64];
    unsigned long certdata[SIZE_RSA_CERTBLOB_WORDS];
    char *temp_string;
    unsigned char tmp[256];
    int i, num_bits, num_bytes, chains;
    unsigned long number;
    FILE *certptr;
    FILE *rsawriteptr;
    FILE *rsareadptr;
    unsigned char rootfilename[256];
    unsigned char keyfilename[256];
    unsigned char signerfilename[256];
    unsigned char signerfileext[256];
    unsigned char keyfileext[256];

    FILE *cmdfileptr;
    int num_chains;

    
    certptr = fopen("cert.sys", "w");
    
    if(certptr == 0){
        fprintf(stderr,"cannot open file to write \n");
    }
    
    
    /* input file name is root key data, use it */

    if(argc ==2){
      cmdfileptr = fopen(argv[1], "r");
      if(cmdfileptr ==0){
	fprintf(stderr,"Cannot open cmd file\n");
	exit(1);
      }
      
    }
    else{
      printf("have to specify cmd file name \n");
      exit(1);
    }
     
    fscanf(cmdfileptr,"%s", rootfilename);
    prsa = RSA_new();
    rsareadptr = fopen(rootfilename, "r");
    if(rsareadptr ==0){
      fprintf(stderr,"Cannot open root key data file %s\n", rootfilename);
    }
    readRsaData(rsareadptr, prsa);

    if (validate(prsa, 4096) != 0){
      fprintf(stderr,"Key validation failed\n");
    }
    else{
      ;
#ifdef DEBUG
      printf("Key validation OK\n");
#endif
    }

    fclose(rsareadptr);
    free(prsa);

    
    /* read in number of chains */
    fscanf(cmdfileptr, "%d\n", &num_chains);
    /* write out number of certs in cert.sys 
     */
    number = htonl((num_chains*2));
    fwrite((void *)&number, 4, 1, certptr);

/* generate the two certs for chain and save and validate for each line*/
    
    for(chains =0; chains< num_chains; chains++){
      prsa = RSA_new();    
      num_bits = 2048;
      num_bytes = num_bits/8;
      prsa = RSA_generate_key(num_bits, 3, NULL, NULL);
    
      /* assign the names */
      /* null data first */
      fscanf(cmdfileptr, "%s", keyfilename);
      sprintf(tmp, "%s.key", keyfilename);
      rsawriteptr = fopen(tmp, "w");

      for(i = 0; i < 64; i++){
        issuername[i] = 0;
	subjectname[i] = 0;
      }
     
      fscanf(cmdfileptr, "%s", signerfilename);
      sprintf(tmp, "Root-%s", signerfilename);
      for(i = 0; i< strlen(tmp); i++){
        issuername[i] = tmp[i];
      }
      sprintf(tmp, "%s", keyfilename);
      for(i =0; i < strlen(tmp); i++){
        subjectname[i] = tmp[i];
      }

      /* save */
      sprintf(tmp, "Root-%s-%s",signerfilename,keyfilename);
      saveRsaDataNamed(rsawriteptr, prsa, tmp);
      fclose(rsawriteptr);
      
      /* validate */
      if (validate(prsa, 2048) != 0){
	fprintf(stderr,"Key validation failed\n");
      }
      else{
      ;
#ifdef DEBUG
      printf("Key validation OK\n");
#endif
      }
      free(prsa);
      /* create cert */
      /* read signer name */
      
#ifdef DEBUG
      for( i =0; i< 64; i++){
        printf("issuername = %02x\n", issuername[i]);
      }
      for( i =0; i< 64; i++){
        printf("subjectname = %02x\n", subjectname[i]);
      }
#endif
   
    
    /* sign it 
     */
    /* compute keys for CA for signing CP cert RSA 2048 bits */
   
      prsa = RSA_new();
      num_bits = 2048;
      num_bytes = num_bits/8;
      prsa = RSA_generate_key(num_bits, 3, NULL, NULL);
      
    /* write out data */
    
      sprintf(tmp, "%s.key", signerfilename); 
    
      rsawriteptr = fopen(tmp, "w");
      saveRsaDataNamed(rsawriteptr, prsa, issuername);
      fclose(rsawriteptr);
      
    /* validate */
    
      if (validate(prsa, 2048) != 0){
	fprintf(stderr,"Key validation failed\n");
      }
      else{
      ;
#ifdef DEBUG
      printf("Key validation OK\n");
#endif
      }
      sprintf(keyfileext, "%s.key", keyfilename);
      sprintf(signerfileext, "%s.key", signerfilename);

      /* Generate cert data */
      /*
      generateCertFromKeyData(keyfileext, signerfileext, subjectname, issuername, certdata);
      */
      generateCertFromKeyData(keyfileext, signerfileext, 0, 0, certdata);
      fwrite((void *)&certdata, 4, SIZE_RSA_CERTBLOB_WORDS, certptr);
          
      /* create custom cert of ca */
        
      for(i = 0; i < 64; i++){
	issuername[i] = 0;
	subjectname[i] = 0;
      }

      temp_string = "Root";
      for(i = 0; i< strlen(temp_string); i++){
	issuername[i] = temp_string[i];
      }
      sprintf(tmp, "%s", signerfilename);
      for(i =0; i < strlen(tmp); i++){
	subjectname[i] = tmp[i];
      }
      /*
      generateCertFromKeyData(signerfileext, rootfilename, subjectname, issuername, certdata);
      */
      generateCertFromKeyData(signerfileext, rootfilename, 0, 0, certdata);
      fwrite((void *)&certdata, 4, SIZE_RSA_CERTBLOB_WORDS, certptr);
      
      free(prsa);
    }
    
    fclose(certptr);
    fclose(cmdfileptr);
    return 0;
}