pki: Add key object handle of smartcard or TPM private key as an argument to pki --keyid
This commit is contained in:
parent
cfdccc93f5
commit
ab94f76df6
|
@ -1,6 +1,7 @@
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2009 Martin Willi
|
* Copyright (C) 2009 Martin Willi
|
||||||
* Hochschule fuer Technik Rapperswil
|
* Copyright (C) 2017 Andreas Steffen
|
||||||
|
* HSR Hochschule fuer Technik Rapperswil
|
||||||
*
|
*
|
||||||
* This program is free software; you can redistribute it and/or modify it
|
* This program is free software; you can redistribute it and/or modify it
|
||||||
* under the terms of the GNU General Public License as published by the
|
* under the terms of the GNU General Public License as published by the
|
||||||
|
@ -30,7 +31,7 @@ static int keyid()
|
||||||
certificate_t *cert;
|
certificate_t *cert;
|
||||||
private_key_t *private;
|
private_key_t *private;
|
||||||
public_key_t *public;
|
public_key_t *public;
|
||||||
char *file = NULL;
|
char *file = NULL, *keyid = NULL;
|
||||||
void *cred;
|
void *cred;
|
||||||
chunk_t id;
|
chunk_t id;
|
||||||
char *arg;
|
char *arg;
|
||||||
|
@ -88,6 +89,9 @@ static int keyid()
|
||||||
case 'i':
|
case 'i':
|
||||||
file = arg;
|
file = arg;
|
||||||
continue;
|
continue;
|
||||||
|
case 'x':
|
||||||
|
keyid = arg;
|
||||||
|
continue;
|
||||||
case EOF:
|
case EOF:
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
@ -100,6 +104,15 @@ static int keyid()
|
||||||
cred = lib->creds->create(lib->creds, type, subtype,
|
cred = lib->creds->create(lib->creds, type, subtype,
|
||||||
BUILD_FROM_FILE, file, BUILD_END);
|
BUILD_FROM_FILE, file, BUILD_END);
|
||||||
}
|
}
|
||||||
|
else if (keyid)
|
||||||
|
{
|
||||||
|
chunk_t chunk;
|
||||||
|
|
||||||
|
chunk = chunk_from_hex(chunk_create(keyid, strlen(keyid)), NULL);
|
||||||
|
cred = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ANY,
|
||||||
|
BUILD_PKCS11_KEYID, chunk, BUILD_END);
|
||||||
|
free(chunk.ptr);
|
||||||
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
chunk_t chunk;
|
chunk_t chunk;
|
||||||
|
@ -177,10 +190,11 @@ static void __attribute__ ((constructor))reg()
|
||||||
command_register((command_t)
|
command_register((command_t)
|
||||||
{ keyid, 'k', "keyid",
|
{ keyid, 'k', "keyid",
|
||||||
"calculate key identifiers of a key/certificate",
|
"calculate key identifiers of a key/certificate",
|
||||||
{"[--in file] [--type priv|rsa|ecdsa|bliss|pub|pkcs10|x509]"},
|
{"[--in file|--keyid hex] [--type priv|rsa|ecdsa|bliss|pub|pkcs10|x509]"},
|
||||||
{
|
{
|
||||||
{"help", 'h', 0, "show usage information"},
|
{"help", 'h', 0, "show usage information"},
|
||||||
{"in", 'i', 1, "input file, default: stdin"},
|
{"in", 'i', 1, "input file, default: stdin"},
|
||||||
|
{"keyid", 'x', 1, "smartcard or TPM private key object handle"},
|
||||||
{"type", 't', 1, "type of key, default: priv"},
|
{"type", 't', 1, "type of key, default: priv"},
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
|
@ -7,7 +7,9 @@ pki \-\-keyid \- Calculate key identifiers of a key or certificate
|
||||||
.SH "SYNOPSIS"
|
.SH "SYNOPSIS"
|
||||||
.
|
.
|
||||||
.SY pki\ \-\-keyid
|
.SY pki\ \-\-keyid
|
||||||
.OP \-\-in file
|
.RB [ \-\-in
|
||||||
|
.IR file | \fB\-\-keyid\fR
|
||||||
|
.IR hex ]
|
||||||
.OP \-\-type type
|
.OP \-\-type type
|
||||||
.OP \-\-debug level
|
.OP \-\-debug level
|
||||||
.YS
|
.YS
|
||||||
|
@ -43,6 +45,10 @@ Read command line options from \fIfile\fR.
|
||||||
.BI "\-i, \-\-in " file
|
.BI "\-i, \-\-in " file
|
||||||
Input file. If not given the input is read from \fISTDIN\fR.
|
Input file. If not given the input is read from \fISTDIN\fR.
|
||||||
.TP
|
.TP
|
||||||
|
.BI "\-x, \-\-keyid " hex
|
||||||
|
Smartcard or TPM private key object handle in hex format with an optional
|
||||||
|
0x prefix.
|
||||||
|
.TP
|
||||||
.BI "\-t, \-\-type " type
|
.BI "\-t, \-\-type " type
|
||||||
Type of input. One of \fIpriv\fR (private key), \fIrsa\fR (RSA private key),
|
Type of input. One of \fIpriv\fR (private key), \fIrsa\fR (RSA private key),
|
||||||
\fIecdsa\fR (ECDSA private key), \fIbliss\fR (BLISS private key),
|
\fIecdsa\fR (ECDSA private key), \fIbliss\fR (BLISS private key),
|
||||||
|
@ -70,4 +76,4 @@ Calculate key identifiers of an X.509 certificate:
|
||||||
.
|
.
|
||||||
.SH "SEE ALSO"
|
.SH "SEE ALSO"
|
||||||
.
|
.
|
||||||
.BR pki (1)
|
.BR pki (1)
|
||||||
|
|
Loading…
Reference in New Issue