#include <stddef.h>
#include <stdio.h>

#include <openssl/pem.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>


int main()
{
  FILE *fp = fopen("testdata/www-fehcom-net.pem", "r");
  if (!fp) {
    fprintf(stderr, "Unable to open certificate file\n");
    return 1;
  }

  X509 *cert = PEM_read_X509(fp, NULL, NULL, NULL);
  if (!cert) {
    fprintf(stderr, "Unable to parse certificate\n");
    return 1;
  }

  fclose(fp);

  GENERAL_NAMES *san = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
  if (!san) {
    fprintf(stderr, "No Subject Alternative Names found\n");
    return 1;
  }

  int num_sans = sk_GENERAL_NAME_num(san);
  for (int i = 0; i < num_sans; i++) {
    const GENERAL_NAME *current_name = sk_GENERAL_NAME_value(san, i);

    switch (current_name->type) {
      case GEN_DNS:
        // these are alternative host names
        printf("DNS:        %s\n", ASN1_STRING_get0_data(current_name->d.dNSName));
        break;
      case GEN_EMAIL:
        printf("Email:      %s\n", ASN1_STRING_get0_data(current_name->d.rfc822Name));
        break;
      case GEN_URI:
        printf("URI:        %s\n", ASN1_STRING_get0_data(current_name->d.uniformResourceIdentifier));
        break;
      case GEN_IPADD:
        int len = ASN1_STRING_length(current_name->d.iPAddress);
        if (len != 4) {
          fprintf(stderr, "Length mismatch in ip\n");
          return 1;
        }
        const unsigned char *data = ASN1_STRING_get0_data(current_name->d.iPAddress);
        printf("IP Address: %d.%d.%d.%d\n", data[0], data[1], data[2], data[3]);
        break;
        // Add more types if needed
    }
  }
  GENERAL_NAMES_free(san);

  X509_free(cert);

  return EXIT_SUCCESS;
}