aboutsummaryrefslogtreecommitdiffstats
path: root/package/utils/px5g-wolfssl
diff options
context:
space:
mode:
Diffstat (limited to 'package/utils/px5g-wolfssl')
-rw-r--r--package/utils/px5g-wolfssl/Makefile2
-rw-r--r--package/utils/px5g-wolfssl/px5g-wolfssl.c20
2 files changed, 21 insertions, 1 deletions
diff --git a/package/utils/px5g-wolfssl/Makefile b/package/utils/px5g-wolfssl/Makefile
index 90296008d6..95517c5c00 100644
--- a/package/utils/px5g-wolfssl/Makefile
+++ b/package/utils/px5g-wolfssl/Makefile
@@ -12,6 +12,8 @@ PKG_USE_MIPS16:=0
PKG_MAINTAINER:=Paul Spooren <mail@aparcar.org>
+PKG_CONFIG_DEPENDS:=CONFIG_WOLFSSL_ALT_NAMES
+
include $(INCLUDE_DIR)/package.mk
define Package/px5g-wolfssl
diff --git a/package/utils/px5g-wolfssl/px5g-wolfssl.c b/package/utils/px5g-wolfssl/px5g-wolfssl.c
index 763d7b4b71..86227d6afd 100644
--- a/package/utils/px5g-wolfssl/px5g-wolfssl.c
+++ b/package/utils/px5g-wolfssl/px5g-wolfssl.c
@@ -203,8 +203,23 @@ int selfsigned(WC_RNG *rng, char **arg) {
strncpy(newCert.subject.org, val, CTC_NAME_SIZE);
else if (!strcmp(key, "OU"))
strncpy(newCert.subject.unit, val, CTC_NAME_SIZE);
- else if (!strcmp(key, "CN"))
+ else if (!strcmp(key, "CN")) {
strncpy(newCert.subject.commonName, val, CTC_NAME_SIZE);
+
+#ifdef WOLFSSL_ALT_NAMES
+ if(strlen(val) + 2 > 256) {
+ fprintf(stderr, "error: CN is too long: %s\n", val);
+ return 1;
+ }
+
+ newCert.altNames[0] = 0x30; //Sequence with one element
+ newCert.altNames[1] = strlen(val) + 2; // Length of entire sequence
+ newCert.altNames[2] = 0x82; //8 - String, 2 - DNS Name
+ newCert.altNames[3] = strlen(val); //DNS Name length
+ memcpy(newCert.altNames + 4, val, strlen(val)); //DNS Name
+ newCert.altNamesSz = strlen(val) + 4;
+#endif
+ }
else if (!strcmp(key, "EMAIL"))
strncpy(newCert.subject.email, val, CTC_NAME_SIZE);
else
@@ -216,6 +231,9 @@ int selfsigned(WC_RNG *rng, char **arg) {
}
newCert.daysValid = days;
+ newCert.keyUsage = KEYUSE_DIGITAL_SIG | KEYUSE_CONTENT_COMMIT | KEYUSE_KEY_ENCIPHER;
+ newCert.extKeyUsage = EXTKEYUSE_SERVER_AUTH;
+
gen_key(rng, &ecKey, &rsaKey, type, keySz, exp, curve);
write_key(&ecKey, &rsaKey, type, keySz, keypath, pem);