ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

pki: Add key object handle of smartcard or TPM private key as an argument to pki --keyid

This commit is contained in:
Andreas Steffen 2017-03-06 12:53:48 +01:00
parent cfdccc93f5
commit ab94f76df6
2 changed files with 25 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/pki/commands/keyid.c
View File

@ -1,6 +1,7 @@
/* /*
* Copyright (C) 2009 Martin Willi * Copyright (C) 2009 Martin Willi
* Hochschule fuer Technik Rapperswil * Copyright (C) 2017 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
* *
* This program is free software; you can redistribute it and/or modify it * This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the * under the terms of the GNU General Public License as published by the
@ -30,7 +31,7 @@ static int keyid()
certificate_t *cert; certificate_t *cert;
private_key_t *private; private_key_t *private;
public_key_t *public; public_key_t *public;
char *file = NULL; char *file = NULL, *keyid = NULL;
void *cred; void *cred;
chunk_t id; chunk_t id;
char *arg; char *arg;
@ -88,6 +89,9 @@ static int keyid()
case 'i': case 'i':
file = arg; file = arg;
continue; continue;
case 'x':
keyid = arg;
continue;
case EOF: case EOF:
break; break;
default: default:
@ -100,6 +104,15 @@ static int keyid()
cred = lib->creds->create(lib->creds, type, subtype, cred = lib->creds->create(lib->creds, type, subtype,
BUILD_FROM_FILE, file, BUILD_END); BUILD_FROM_FILE, file, BUILD_END);
} }
else if (keyid)
{
chunk_t chunk;
chunk = chunk_from_hex(chunk_create(keyid, strlen(keyid)), NULL);
cred = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ANY,
BUILD_PKCS11_KEYID, chunk, BUILD_END);
free(chunk.ptr);
}
else else
{ {
chunk_t chunk; chunk_t chunk;
@ -177,10 +190,11 @@ static void __attribute__ ((constructor))reg()
command_register((command_t) command_register((command_t)
{ keyid, 'k', "keyid", { keyid, 'k', "keyid",
"calculate key identifiers of a key/certificate", "calculate key identifiers of a key/certificate",
{"[--in file] [--type priv|rsa|ecdsa|bliss|pub|pkcs10|x509]"}, {"[--in file|--keyid hex] [--type priv|rsa|ecdsa|bliss|pub|pkcs10|x509]"},
{ {
{"help", 'h', 0, "show usage information"}, {"help", 'h', 0, "show usage information"},
{"in", 'i', 1, "input file, default: stdin"}, {"in", 'i', 1, "input file, default: stdin"},
{"keyid", 'x', 1, "smartcard or TPM private key object handle"},
{"type", 't', 1, "type of key, default: priv"}, {"type", 't', 1, "type of key, default: priv"},
} }
}); });

10
src/pki/man/pki---keyid.1.in
View File

@ -7,7 +7,9 @@ pki \-\-keyid \- Calculate key identifiers of a key or certificate
.SH "SYNOPSIS" .SH "SYNOPSIS"
. .
.SY pki\ \-\-keyid .SY pki\ \-\-keyid
.OP \-\-in file .RB [ \-\-in
.IR file | \fB\-\-keyid\fR
.IR hex ]
.OP \-\-type type .OP \-\-type type
.OP \-\-debug level .OP \-\-debug level
.YS .YS
@ -43,6 +45,10 @@ Read command line options from \fIfile\fR.
.BI "\-i, \-\-in " file .BI "\-i, \-\-in " file
Input file. If not given the input is read from \fISTDIN\fR. Input file. If not given the input is read from \fISTDIN\fR.
.TP .TP
.BI "\-x, \-\-keyid " hex
Smartcard or TPM private key object handle in hex format with an optional
0x prefix.
.TP
.BI "\-t, \-\-type " type .BI "\-t, \-\-type " type
Type of input. One of \fIpriv\fR (private key), \fIrsa\fR (RSA private key), Type of input. One of \fIpriv\fR (private key), \fIrsa\fR (RSA private key),
\fIecdsa\fR (ECDSA private key), \fIbliss\fR (BLISS private key), \fIecdsa\fR (ECDSA private key), \fIbliss\fR (BLISS private key),
@ -70,4 +76,4 @@ Calculate key identifiers of an X.509 certificate:
. .
.SH "SEE ALSO" .SH "SEE ALSO"
. .
.BR pki (1) .BR pki (1)