diff options
| author | Yves-Alexis Perez <corsac@corsac.net> | 2018-02-19 18:17:21 +0100 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@corsac.net> | 2018-02-19 18:17:21 +0100 |
| commit | 7793611ee71b576dd9c66dee327349fa64e38740 (patch) | |
| tree | f1379ec1aed52a3c772874d4ed690b90975b9623 /src/pki | |
| parent | e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e (diff) | |
| download | vyos-strongswan-7793611ee71b576dd9c66dee327349fa64e38740.tar.gz vyos-strongswan-7793611ee71b576dd9c66dee327349fa64e38740.zip | |
New upstream version 5.6.2
Diffstat (limited to 'src/pki')
| -rw-r--r-- | src/pki/commands/print.c | 21 | ||||
| -rw-r--r-- | src/pki/man/pki---print.1.in | 8 |
2 files changed, 23 insertions, 6 deletions
diff --git a/src/pki/commands/print.c b/src/pki/commands/print.c index 80210166a..2ab3e61fc 100644 --- a/src/pki/commands/print.c +++ b/src/pki/commands/print.c @@ -60,7 +60,8 @@ static int print() credential_type_t type = CRED_CERTIFICATE; int subtype = CERT_X509; void *cred; - char *arg, *file = NULL; + char *arg, *file = NULL, *keyid = NULL; + chunk_t chunk; while (TRUE) { @@ -126,6 +127,9 @@ static int print() case 'i': file = arg; continue; + case 'x': + keyid = arg; + continue; case EOF: break; default: @@ -133,15 +137,20 @@ static int print() } break; } - if (file) + if (keyid) + { + chunk = chunk_from_hex(chunk_create(keyid, strlen(keyid)), NULL); + cred = lib->creds->create(lib->creds, type, subtype, + BUILD_PKCS11_KEYID, chunk, BUILD_END); + free(chunk.ptr); + } + else if (file) { cred = lib->creds->create(lib->creds, type, subtype, BUILD_FROM_FILE, file, BUILD_END); } else { - chunk_t chunk; - set_file_mode(stdin, CERT_ASN1_DER); if (!chunk_from_fd(0, &chunk)) { @@ -187,10 +196,12 @@ static void __attribute__ ((constructor))reg() command_register((command_t) { print, 'a', "print", "print a credential in a human readable form", - {"[--in file] [--type x509|crl|ac|pub|priv|rsa|ecdsa|ed25519|bliss]"}, + {"[--in file|--keyid hex] " + "[--type x509|crl|ac|pub|priv|rsa|ecdsa|ed25519|bliss]"}, { {"help", 'h', 0, "show usage information"}, {"in", 'i', 1, "input file, default: stdin"}, + {"keyid", 'x', 1, "smartcard or TPM object handle"}, {"type", 't', 1, "type of credential, default: x509"}, } }); diff --git a/src/pki/man/pki---print.1.in b/src/pki/man/pki---print.1.in index ad85fb381..09b8a10c3 100644 --- a/src/pki/man/pki---print.1.in +++ b/src/pki/man/pki---print.1.in @@ -7,7 +7,9 @@ pki \-\-print \- Print a credential (key, certificate etc.) in human readable fo .SH "SYNOPSIS" . .SY pki\ \-\-print -.OP \-\-in file +.RB [ \-\-in +.IR file | \fB\-\-keyid\fR +.IR hex ] .OP \-\-type type .OP \-\-debug level .YS @@ -43,6 +45,10 @@ Read command line options from \fIfile\fR. .BI "\-i, \-\-in " file Input file. If not given the input is read from \fISTDIN\fR. .TP +.BI "\-x, \-\-keyid " hex +Smartcard or TPM private key or certificate object handle in hex format with +an optional 0x prefix. +.TP .BI "\-t, \-\-type " type Type of input. One of \fIx509\fR (X.509 certificate), \fIcrl\fR (Certificate Revocation List, CRL), \fIac\fR (Attribute Certificate), \fIpub\fR (public key), |