cert_create: specify command line options in the CoT
This patch introduces a new API that allows to specify command
line options in the Chain of Trust description. These command line
options may be used to specify parameters related to the CoT (i.e.
keys or certificates), instead of keeping a hardcoded list of
options in main.c.
Change-Id: I282b0b01cb9add557b26bddc238a28253ce05e44
diff --git a/tools/cert_create/src/ext.c b/tools/cert_create/src/ext.c
index 6d09837..14aef66 100644
--- a/tools/cert_create/src/ext.c
+++ b/tools/cert_create/src/ext.c
@@ -35,6 +35,8 @@
#include <openssl/asn1t.h>
#include <openssl/err.h>
#include <openssl/x509v3.h>
+
+#include "cmd_opt.h"
#include "ext.h"
DECLARE_ASN1_ITEM(ASN1_INTEGER)
@@ -65,13 +67,26 @@
*
* Return: 0 = success, Otherwise: error
*/
-int ext_register(ext_t *exts)
+int ext_init(void)
{
ext_t *ext;
X509V3_EXT_METHOD *m;
- int i = 0, nid, ret;
+ int nid, ret;
+ unsigned int i;
- while ((ext = &exts[i++]) && ext->oid) {
+ for (i = 0; i < num_extensions; i++) {
+ ext = &extensions[i];
+ /* Register command line option */
+ if (ext->opt) {
+ if (cmd_opt_add(ext->opt, required_argument,
+ CMD_OPT_EXT)) {
+ return 1;
+ }
+ }
+ /* Register the extension OID in OpenSSL */
+ if (ext->oid == NULL) {
+ continue;
+ }
nid = OBJ_create(ext->oid, ext->sn, ext->ln);
if (ext->alias) {
X509V3_EXT_add_alias(nid, ext->alias);
@@ -295,3 +310,20 @@
return ex;
}
+
+ext_t *ext_get_by_opt(const char *opt)
+{
+ ext_t *ext = NULL;
+ unsigned int i;
+
+ /* Sequential search. This is not a performance concern since the number
+ * of extensions is bounded and the code runs on a host machine */
+ for (i = 0; i < num_extensions; i++) {
+ ext = &extensions[i];
+ if (ext->opt && !strcmp(ext->opt, opt)) {
+ return ext;
+ }
+ }
+
+ return NULL;
+}