Building Certificates Into Code

Below is code that, instead of reading a certificate from a file, it is build directly into the C code:

BIO * bio;
        X509_STORE * store;
	X509 * x509;

        static char certificate[] =
        "-----BEGIN CERTIFICATE-----\n"
        "MIIFeTCCBGGgAwIBAgIEATEv0DANBgkqhkiG9w0BAQQFADBpMQswCQYDVQQGEwJV\n"
		...
        "v97cCh8PsPOehr0XJQ==\n"
        "-----END CERTIFICATE-----\n";

	/* Make string into BIO */
        bio = BIO_new_mem_buf(certificate, sizeof(certificate)-1);
        if (bio == NULL)
                goto error;

	/* Convert string to certificate */
        x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
        BIO_free(bio);
        if (x509 == NULL)
                goto error;

	/* Add to certificate store */
        store = SSL_CTX_get_cert_store(puidcl->ctx);
        if (X509_STORE_add_cert(store, x509) == 0) {
                X509_free(x509);
                goto error;
        }

Last modified: 2008/02/14 08:58:8.896000 US/Eastern by curtis.f.smith.1
Created: 2008/02/14 08:54:48.990000 US/Eastern by curtis.f.smith.1.

Categories

• Knowledge Base > Programming > C/C++