Update README.md for certgen

[kraln]

As documented, the certgen example does not compile. At some point, an additional define/configuration of WolfSSL was introduced that is neccesary.

I've fixed the README with the updated information.

[dgarske]

Hi @kraln thank you for these documentation updates to add "certext". Can you tell us about your project and use-case? Are you planning to make additional contributions?

[kraln]

Can you tell us about your project and use-case?

developing some server certificate management tools for IoT devices (set up a CA, issue certificates, etc.) and I didn't want to do the standard "hold my nose and use openssl" that everyone does.

Are you planning to make additional contributions?

I mean, I always plan to give back to open source projects when I find something I can improve. I don't really plan on running into too many such areas within WolfSSL/WolfCrypt, given the maturity of the project and broad deployment base.

From that perspective, if you like, you can consider this as a "drive-by"--I tried to compile the examples, spent a few minutes figuring out why it wasn't compiling, noticed the documentation was lacking, droped a PR to fix the documentation, and will continue going about my merry way using WolfSSL until something else (and it'll likely be something else) breaks.

**edit to wit, I don't expect to be added to any sort of CONTRIBUTORS or HELPERS or whatever there exists for the project, it was less than 100 byte diff to fix the documentation :P

[embhorn]

Hi @kraln

I took a pass at cleaning these examples up. I'll close this PR in favor of #428

I did not find that --enable-certext was required for the certgen_example and csr_example. Could you confirm that was the issue you were having?

[kraln]

Could you confirm that was the issue you were having?

Indeed. The specific issue I was having was linking the example, where my linker issued "undefined reference to `wc_SetKeyUsage'". Digging in to the code, I found that wc_SetKeyUsage was gated by an ifdef looking for WOLFSSL_CERT_EXT. Adding that to my compilation of wolfssl (with the additional configuration flag) fixed the linker issue and the examples ran without issue.

[embhorn]

The only example that calls wc_SetKeyUsage is csr_sign:

wolfssl-examples/certgen/csr_sign.c

Line 266 in 17f1b3d

ret = wc_SetKeyUsage(&newCert, "digitalSignature"); /* comma sep list */

I added this blurb in the readme under the instructions for the csr_sign example:

To test the csr_sign example configure wolfssl with
`./configure -enable-certreq --enable-certgen --enable-ecc --enable-certext CFLAGS=-DOPENSSL_EXTRA_X509_SMALL`
or add the defines:

#define WOLFSSL_CERT_REQ
#define WOLFSSL_CERT_GEN
#define WOLFSSL_KEY_GEN
#define WOLFSSL_CERT_EXT
#define OPENSSL_EXTRA_X509_SMALL

Did you encounter this issue with any other examples?

[kraln]

Did you encounter this issue with any other examples?

I did not, just the certgen example. (I also only tried to compile the certgen example)

[embhorn]

Great, I'll go ahead and close this PR and proceed with the other. Thanks again for bringing this to our attention.