#include <stdio.h>
#include <string.h>

struct SHA256HashValue {
  unsigned char data[32];
};

// Raw metadata.
struct EVMetadata {
  // kMaxOIDsPerCA is the number of OIDs that we can support per root CA. At
  // least one CA has different EV policies for business vs government
  // entities and, in the case of cross-signing, we might need to list another
  // CA's policy OID under the cross-signing root.
  static const size_t kMaxOIDsPerCA = 2;
  // This is the maximum length of an OID string (including the trailing NUL).
  static const size_t kMaxOIDLength = 32;

  // The SHA-256 fingerprint of the root CA certificate, used as a unique
  // identifier for a root CA certificate.
  SHA256HashValue fingerprint;

  // The EV policy OIDs of the root CA.
  char policy_oids[kMaxOIDsPerCA][kMaxOIDLength];
};

// Copy'n'paste the "static const EVMetadata ev_root_ca_metadata[]" struct as chrome_ev.h.
#include "chrome_ev.h"

int main() {
    int i, j, k;

    for (i = 0; i < (sizeof ev_root_ca_metadata / sizeof ev_root_ca_metadata[0]); i++) {
        for (j = 0; j < 2; j++) {
            if (strcmp(ev_root_ca_metadata[i].policy_oids[j], "")) {
                printf("INSERT INTO root_trust_purpose (CERTIFICATE_ID, TRUST_CONTEXT_ID, TRUST_PURPOSE_ID) SELECT c.ID, 6, tp.ID FROM certificate c, trust_purpose tp WHERE tp.PURPOSE_OID='%s' AND digest(c.CERTIFICATE, 'sha256') = E'\\\\x", ev_root_ca_metadata[i].policy_oids[j]);
                for (k = 0; k < 32; k++) {
                    printf("%02X", ev_root_ca_metadata[i].fingerprint.data[k]);
                }
                printf("';\n");
            }
        }
    }
}