diff options
Diffstat (limited to 'src/pki/commands/pub.c')
| -rw-r--r-- | src/pki/commands/pub.c | 157 |
1 files changed, 157 insertions, 0 deletions
diff --git a/src/pki/commands/pub.c b/src/pki/commands/pub.c new file mode 100644 index 000000000..de0444c1a --- /dev/null +++ b/src/pki/commands/pub.c @@ -0,0 +1,157 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "pki.h" + +#include <credentials/certificates/certificate.h> +#include <credentials/certificates/x509.h> + +/** + * Extract a public key from a private key/certificate + */ +static int pub() +{ + key_encoding_type_t form = KEY_PUB_SPKI_ASN1_DER; + credential_type_t type = CRED_PRIVATE_KEY; + int subtype = KEY_RSA; + certificate_t *cert; + private_key_t *private; + public_key_t *public; + chunk_t encoding; + char *file = NULL; + void *cred; + char *arg; + + while (TRUE) + { + switch (command_getopt(&arg)) + { + case 'h': + return command_usage(NULL); + case 't': + if (streq(arg, "rsa")) + { + type = CRED_PRIVATE_KEY; + subtype = KEY_RSA; + } + else if (streq(arg, "ecdsa")) + { + type = CRED_PRIVATE_KEY; + subtype = KEY_ECDSA; + } + else if (streq(arg, "pkcs10")) + { + type = CRED_CERTIFICATE; + subtype = CERT_PKCS10_REQUEST; + } + else if (streq(arg, "x509")) + { + type = CRED_CERTIFICATE; + subtype = CERT_X509; + } + else + { + return command_usage("invalid input type"); + } + continue; + case 'f': + if (!get_form(arg, &form, TRUE)) + { + return command_usage("invalid output format"); + } + continue; + case 'i': + file = arg; + continue; + case EOF: + break; + default: + return command_usage("invalid --pub option"); + } + break; + } + if (file) + { + cred = lib->creds->create(lib->creds, type, subtype, + BUILD_FROM_FILE, file, BUILD_END); + } + else + { + cred = lib->creds->create(lib->creds, type, subtype, + BUILD_FROM_FD, 0, BUILD_END); + } + + if (type == CRED_PRIVATE_KEY) + { + private = cred; + if (!private) + { + fprintf(stderr, "parsing private key failed\n"); + return 1; + } + public = private->get_public_key(private); + private->destroy(private); + } + else + { + cert = cred; + if (!cert) + { + fprintf(stderr, "parsing certificate failed\n"); + return 1; + } + public = cert->get_public_key(cert); + cert->destroy(cert); + } + if (!public) + { + fprintf(stderr, "extracting public key failed\n"); + return 1; + } + if (!public->get_encoding(public, form, &encoding)) + { + fprintf(stderr, "public key encoding failed\n"); + public->destroy(public); + return 1; + } + public->destroy(public); + if (fwrite(encoding.ptr, encoding.len, 1, stdout) != 1) + { + fprintf(stderr, "writing public key failed\n"); + free(encoding.ptr); + return 1; + } + free(encoding.ptr); + return 0; +} + +/** + * Register the command. + */ +static void __attribute__ ((constructor))reg() +{ + command_register((command_t) { + pub, 'p', "pub", + "extract the public key from a private key/certificate", + {"[--in file] [--type rsa|ecdsa|pkcs10|x509] [--outform der|pem|pgp]"}, + { + {"help", 'h', 0, "show usage information"}, + {"in", 'i', 1, "input file, default: stdin"}, + {"type", 't', 1, "type of credential, default: rsa"}, + {"outform", 'f', 1, "encoding of extracted public key"}, + } + }); +} + |