Handle pki --debug and --options in a generic way for all command
This commit is contained in:
parent
4fdb9f6f74
commit
ae7452e87c
|
@ -14,12 +14,18 @@
|
|||
*/
|
||||
|
||||
#include "command.h"
|
||||
#include "pki.h"
|
||||
|
||||
|
||||
#define _GNU_SOURCE
|
||||
#include <getopt.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
|
||||
#include <library.h>
|
||||
#include <debug.h>
|
||||
#include <utils/optionsfrom.h>
|
||||
|
||||
/**
|
||||
* Registered commands.
|
||||
*/
|
||||
|
@ -40,15 +46,21 @@ static int registered = 0;
|
|||
*/
|
||||
static int help_idx;
|
||||
|
||||
static int argc;
|
||||
|
||||
static char **argv;
|
||||
|
||||
static options_t *options;
|
||||
|
||||
/**
|
||||
* Global options used by all subcommands
|
||||
*/
|
||||
struct option command_opts[MAX_COMMANDS > MAX_OPTIONS ?: MAX_OPTIONS];
|
||||
static struct option command_opts[MAX_COMMANDS > MAX_OPTIONS ?: MAX_OPTIONS];
|
||||
|
||||
/**
|
||||
* Global optstring used by all subcommands
|
||||
*/
|
||||
char command_optstring[(MAX_COMMANDS > MAX_OPTIONS ?: MAX_OPTIONS) * 3];
|
||||
static char command_optstring[(MAX_COMMANDS > MAX_OPTIONS ?: MAX_OPTIONS) * 3];
|
||||
|
||||
/**
|
||||
* Build command_opts/command_optstr for the active command
|
||||
|
@ -92,12 +104,62 @@ static void build_opts()
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* getopt_long wrapper
|
||||
*/
|
||||
int command_getopt(char **arg)
|
||||
{
|
||||
int op;
|
||||
|
||||
while (TRUE)
|
||||
{
|
||||
op = getopt_long(argc, argv, command_optstring, command_opts, NULL);
|
||||
switch (op)
|
||||
{
|
||||
case '+':
|
||||
if (!options->from(options, optarg, &argc, &argv, optind))
|
||||
{
|
||||
/* a error value */
|
||||
return 255;
|
||||
}
|
||||
continue;
|
||||
case 'v':
|
||||
dbg_level = atoi(optarg);
|
||||
continue;
|
||||
default:
|
||||
*arg = optarg;
|
||||
return op;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Register a command
|
||||
*/
|
||||
void command_register(command_t command)
|
||||
{
|
||||
cmds[registered++] = command;
|
||||
int i;
|
||||
|
||||
cmds[registered] = command;
|
||||
/* append default options, but not to --help */
|
||||
if (!active)
|
||||
{
|
||||
for (i = 0; i < countof(cmds[registered].options); i++)
|
||||
{
|
||||
if (cmds[registered].options[i].name)
|
||||
{
|
||||
continue;
|
||||
}
|
||||
cmds[registered].options[i++] = (command_option_t) {
|
||||
"debug", 'v', 1, "set debug level, default: 1"
|
||||
};
|
||||
cmds[registered].options[i++] = (command_option_t) {
|
||||
"options", '+', 1, "read command line options from file"
|
||||
};
|
||||
break;
|
||||
}
|
||||
}
|
||||
registered++;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -158,25 +220,37 @@ static int help(int argc, char *argv[])
|
|||
return command_usage(NULL);
|
||||
}
|
||||
|
||||
/**
|
||||
* Dispatch cleanup hook
|
||||
*/
|
||||
static void cleanup()
|
||||
{
|
||||
options->destroy(options);
|
||||
}
|
||||
|
||||
/**
|
||||
* Dispatch commands.
|
||||
*/
|
||||
int command_dispatch(int argc, char *argv[])
|
||||
int command_dispatch(int c, char *v[])
|
||||
{
|
||||
int op, i;
|
||||
|
||||
options = options_create();
|
||||
atexit(cleanup);
|
||||
active = help_idx = registered;
|
||||
argc = c;
|
||||
argv = v;
|
||||
command_register((command_t){help, 'h', "help", "show usage information"});
|
||||
|
||||
build_opts();
|
||||
op = getopt_long(argc, argv, command_optstring, command_opts, NULL);
|
||||
op = getopt_long(c, v, command_optstring, command_opts, NULL);
|
||||
for (i = 0; cmds[i].cmd; i++)
|
||||
{
|
||||
if (cmds[i].op == op)
|
||||
{
|
||||
active = i;
|
||||
build_opts();
|
||||
return cmds[i].call(argc, argv);
|
||||
return cmds[i].call();
|
||||
}
|
||||
}
|
||||
return command_usage("invalid operation");
|
||||
|
|
|
@ -21,9 +21,6 @@
|
|||
#ifndef COMMAND_H_
|
||||
#define COMMAND_H_
|
||||
|
||||
#define _GNU_SOURCE
|
||||
#include <getopt.h>
|
||||
|
||||
/**
|
||||
* Maximum number of commands.
|
||||
*/
|
||||
|
@ -40,14 +37,29 @@
|
|||
#define MAX_LINES 10
|
||||
|
||||
typedef struct command_t command_t;
|
||||
typedef struct command_option_t command_option_t;
|
||||
typedef enum command_type_t command_type_t;
|
||||
|
||||
/**
|
||||
* Option specification
|
||||
*/
|
||||
struct command_option_t {
|
||||
/** long option string of the option */
|
||||
char *name;
|
||||
/** short option character of the option */
|
||||
char op;
|
||||
/** expected argument to option, no/req/opt_argument */
|
||||
int arg;
|
||||
/** description of the option */
|
||||
char *desc;
|
||||
};
|
||||
|
||||
/**
|
||||
* Command specification.
|
||||
*/
|
||||
struct command_t {
|
||||
/** Function implementing the command */
|
||||
int (*call)(int, char*[]);
|
||||
int (*call)();
|
||||
/** short option character */
|
||||
char op;
|
||||
/** long option string */
|
||||
|
@ -57,27 +69,13 @@ struct command_t {
|
|||
/** usage summary of the command */
|
||||
char *line[MAX_LINES];
|
||||
/** list of options the command accepts */
|
||||
struct {
|
||||
/** long option string of the option */
|
||||
char *name;
|
||||
/** short option character of the option */
|
||||
char op;
|
||||
/** expected argument to option, no/req/opt_argument */
|
||||
int arg;
|
||||
/** description of the option */
|
||||
char *desc;
|
||||
} options[MAX_OPTIONS];
|
||||
command_option_t options[MAX_OPTIONS];
|
||||
};
|
||||
|
||||
/**
|
||||
* Options of the active command.
|
||||
* Get the next option, as with getopt.
|
||||
*/
|
||||
extern struct option command_opts[];
|
||||
|
||||
/**
|
||||
* Short option string of the active command.
|
||||
*/
|
||||
extern char command_optstring[];
|
||||
int command_getopt(char **arg);
|
||||
|
||||
/**
|
||||
* Register a command.
|
||||
|
|
|
@ -18,29 +18,30 @@
|
|||
/**
|
||||
* Generate a private key
|
||||
*/
|
||||
static int gen(int argc, char *argv[])
|
||||
static int gen()
|
||||
{
|
||||
key_encoding_type_t form = KEY_PRIV_ASN1_DER;
|
||||
key_type_t type = KEY_RSA;
|
||||
u_int size = 0;
|
||||
private_key_t *key;
|
||||
chunk_t encoding;
|
||||
char *arg;
|
||||
|
||||
while (TRUE)
|
||||
{
|
||||
switch (getopt_long(argc, argv, command_optstring, command_opts, NULL))
|
||||
switch (command_getopt(&arg))
|
||||
{
|
||||
case 'h':
|
||||
return command_usage(NULL);
|
||||
case 'v':
|
||||
dbg_level = atoi(optarg);
|
||||
dbg_level = atoi(arg);
|
||||
continue;
|
||||
case 't':
|
||||
if (streq(optarg, "rsa"))
|
||||
if (streq(arg, "rsa"))
|
||||
{
|
||||
type = KEY_RSA;
|
||||
}
|
||||
else if (streq(optarg, "ecdsa"))
|
||||
else if (streq(arg, "ecdsa"))
|
||||
{
|
||||
type = KEY_ECDSA;
|
||||
}
|
||||
|
@ -50,13 +51,13 @@ static int gen(int argc, char *argv[])
|
|||
}
|
||||
continue;
|
||||
case 'o':
|
||||
if (!get_form(optarg, &form, FALSE))
|
||||
if (!get_form(arg, &form, FALSE))
|
||||
{
|
||||
return command_usage("invalid key output format");
|
||||
}
|
||||
continue;
|
||||
case 's':
|
||||
size = atoi(optarg);
|
||||
size = atoi(arg);
|
||||
if (!size)
|
||||
{
|
||||
return command_usage("invalid key size");
|
||||
|
@ -121,7 +122,6 @@ static void __attribute__ ((constructor))reg()
|
|||
{"type", 't', 1, "type of key, default: rsa"},
|
||||
{"size", 's', 1, "keylength in bits, default: rsa 2048, ecdsa 384"},
|
||||
{"outform", 'f', 1, "encoding of generated private key"},
|
||||
{"debug", 'v', 1, "set debug level, default: 1"},
|
||||
}
|
||||
});
|
||||
}
|
||||
|
|
|
@ -19,7 +19,6 @@
|
|||
|
||||
#include <debug.h>
|
||||
#include <utils/linked_list.h>
|
||||
#include <utils/optionsfrom.h>
|
||||
#include <credentials/certificates/certificate.h>
|
||||
#include <credentials/certificates/x509.h>
|
||||
#include <credentials/certificates/pkcs10.h>
|
||||
|
@ -27,7 +26,7 @@
|
|||
/**
|
||||
* Issue a certificate using a CA certificate and key
|
||||
*/
|
||||
static int issue(int argc, char *argv[])
|
||||
static int issue()
|
||||
{
|
||||
hash_algorithm_t digest = HASH_SHA1;
|
||||
certificate_t *cert_req = NULL, *cert = NULL, *ca =NULL;
|
||||
|
@ -44,42 +43,31 @@ static int issue(int argc, char *argv[])
|
|||
time_t not_before, not_after;
|
||||
x509_flag_t flags = 0;
|
||||
x509_t *x509;
|
||||
options_t *options;
|
||||
char *arg;
|
||||
|
||||
options = options_create();
|
||||
san = linked_list_create();
|
||||
cdps = linked_list_create();
|
||||
ocsp = linked_list_create();
|
||||
|
||||
while (TRUE)
|
||||
{
|
||||
switch (getopt_long(argc, argv, command_optstring, command_opts, NULL))
|
||||
switch (command_getopt(&arg))
|
||||
{
|
||||
case 'h':
|
||||
goto usage;
|
||||
case 'v':
|
||||
dbg_level = atoi(optarg);
|
||||
continue;
|
||||
case '+':
|
||||
if (!options->from(options, optarg, &argc, &argv, optind))
|
||||
{
|
||||
error = "invalid options file";
|
||||
goto usage;
|
||||
}
|
||||
continue;
|
||||
case 't':
|
||||
if (streq(optarg, "pkcs10"))
|
||||
if (streq(arg, "pkcs10"))
|
||||
{
|
||||
pkcs10 = TRUE;
|
||||
}
|
||||
else if (!streq(optarg, "pub"))
|
||||
else if (!streq(arg, "pub"))
|
||||
{
|
||||
error = "invalid input type";
|
||||
goto usage;
|
||||
}
|
||||
continue;
|
||||
case 'g':
|
||||
digest = get_digest(optarg);
|
||||
digest = get_digest(arg);
|
||||
if (digest == HASH_UNKNOWN)
|
||||
{
|
||||
error = "invalid --digest type";
|
||||
|
@ -87,22 +75,22 @@ static int issue(int argc, char *argv[])
|
|||
}
|
||||
continue;
|
||||
case 'i':
|
||||
file = optarg;
|
||||
file = arg;
|
||||
continue;
|
||||
case 'c':
|
||||
cacert = optarg;
|
||||
cacert = arg;
|
||||
continue;
|
||||
case 'k':
|
||||
cakey = optarg;
|
||||
cakey = arg;
|
||||
continue;
|
||||
case 'd':
|
||||
dn = optarg;
|
||||
dn = arg;
|
||||
continue;
|
||||
case 'a':
|
||||
san->insert_last(san, identification_create_from_string(optarg));
|
||||
san->insert_last(san, identification_create_from_string(arg));
|
||||
continue;
|
||||
case 'l':
|
||||
lifetime = atoi(optarg);
|
||||
lifetime = atoi(arg);
|
||||
if (!lifetime)
|
||||
{
|
||||
error = "invalid --lifetime value";
|
||||
|
@ -110,16 +98,16 @@ static int issue(int argc, char *argv[])
|
|||
}
|
||||
continue;
|
||||
case 's':
|
||||
hex = optarg;
|
||||
hex = arg;
|
||||
continue;
|
||||
case 'b':
|
||||
flags |= X509_CA;
|
||||
continue;
|
||||
case 'u':
|
||||
cdps->insert_last(cdps, optarg);
|
||||
cdps->insert_last(cdps, arg);
|
||||
continue;
|
||||
case 'o':
|
||||
ocsp->insert_last(ocsp, optarg);
|
||||
ocsp->insert_last(ocsp, arg);
|
||||
continue;
|
||||
case EOF:
|
||||
break;
|
||||
|
@ -311,7 +299,6 @@ end:
|
|||
san->destroy_offset(san, offsetof(identification_t, destroy));
|
||||
cdps->destroy(cdps);
|
||||
ocsp->destroy(ocsp);
|
||||
options->destroy(options);
|
||||
free(encoding.ptr);
|
||||
free(serial.ptr);
|
||||
|
||||
|
@ -326,7 +313,6 @@ usage:
|
|||
san->destroy_offset(san, offsetof(identification_t, destroy));
|
||||
cdps->destroy(cdps);
|
||||
ocsp->destroy(ocsp);
|
||||
options->destroy(options);
|
||||
return command_usage(error);
|
||||
}
|
||||
|
||||
|
@ -341,8 +327,7 @@ static void __attribute__ ((constructor))reg()
|
|||
{"[--in file] [--type pub|pkcs10]",
|
||||
" --cacert file --cakey file --dn subject-dn [--san subjectAltName]+",
|
||||
"[--lifetime days] [--serial hex] [--ca] [--crl uri]+ [--ocsp uri]+",
|
||||
"[--digest md5|sha1|sha224|sha256|sha384|sha512]",
|
||||
"[--options file]"},
|
||||
"[--digest md5|sha1|sha224|sha256|sha384|sha512]"},
|
||||
{
|
||||
{"help", 'h', 0, "show usage information"},
|
||||
{"in", 'i', 1, "public key/request file to issue, default: stdin"},
|
||||
|
@ -357,8 +342,6 @@ static void __attribute__ ((constructor))reg()
|
|||
{"crl", 'u', 1, "CRL distribution point URI to include"},
|
||||
{"ocsp", 'o', 1, "OCSP AuthorityInfoAccess URI to include"},
|
||||
{"digest", 'g', 1, "digest for signature creation, default: sha1"},
|
||||
{"debug", 'v', 1, "set debug level, default: 1"},
|
||||
{"options", '+', 1, "read command line options from file"},
|
||||
}
|
||||
});
|
||||
}
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
/**
|
||||
* Calculate the keyid of a key/certificate
|
||||
*/
|
||||
static int keyid(int argc, char *argv[])
|
||||
static int keyid()
|
||||
{
|
||||
credential_type_t type = CRED_PRIVATE_KEY;
|
||||
int subtype = KEY_RSA;
|
||||
|
@ -31,38 +31,36 @@ static int keyid(int argc, char *argv[])
|
|||
char *file = NULL;
|
||||
void *cred;
|
||||
chunk_t id;
|
||||
char *arg;
|
||||
|
||||
while (TRUE)
|
||||
{
|
||||
switch (getopt_long(argc, argv, command_optstring, command_opts, NULL))
|
||||
switch (command_getopt(&arg))
|
||||
{
|
||||
case 'h':
|
||||
return command_usage(NULL);
|
||||
case 'v':
|
||||
dbg_level = atoi(optarg);
|
||||
continue;
|
||||
case 't':
|
||||
if (streq(optarg, "rsa-priv"))
|
||||
if (streq(arg, "rsa-priv"))
|
||||
{
|
||||
type = CRED_PRIVATE_KEY;
|
||||
subtype = KEY_RSA;
|
||||
}
|
||||
else if (streq(optarg, "ecdsa-priv"))
|
||||
else if (streq(arg, "ecdsa-priv"))
|
||||
{
|
||||
type = CRED_PRIVATE_KEY;
|
||||
subtype = KEY_ECDSA;
|
||||
}
|
||||
else if (streq(optarg, "pub"))
|
||||
else if (streq(arg, "pub"))
|
||||
{
|
||||
type = CRED_PUBLIC_KEY;
|
||||
subtype = KEY_ANY;
|
||||
}
|
||||
else if (streq(optarg, "pkcs10"))
|
||||
else if (streq(arg, "pkcs10"))
|
||||
{
|
||||
type = CRED_CERTIFICATE;
|
||||
subtype = CERT_PKCS10_REQUEST;
|
||||
}
|
||||
else if (streq(optarg, "x509"))
|
||||
else if (streq(arg, "x509"))
|
||||
{
|
||||
type = CRED_CERTIFICATE;
|
||||
subtype = CERT_X509;
|
||||
|
@ -73,7 +71,7 @@ static int keyid(int argc, char *argv[])
|
|||
}
|
||||
continue;
|
||||
case 'i':
|
||||
file = optarg;
|
||||
file = arg;
|
||||
continue;
|
||||
case EOF:
|
||||
break;
|
||||
|
@ -155,13 +153,11 @@ static void __attribute__ ((constructor))reg()
|
|||
command_register((command_t)
|
||||
{ keyid, 'k', "keyid",
|
||||
"calculate key identifiers of a key/certificate",
|
||||
{"[--in file] [--type rsa-priv|ecdsa-priv|pub|pkcs10|x509]",
|
||||
"[--debug 0|1|2|3|4]"},
|
||||
{"[--in file] [--type rsa-priv|ecdsa-priv|pub|pkcs10|x509]"},
|
||||
{
|
||||
{"help", 'h', 0, "show usage information"},
|
||||
{"in", 'i', 1, "input file, default: stdin"},
|
||||
{"type", 't', 1, "type of key, default: rsa-priv"},
|
||||
{"debug", 'v', 1, "set debug level, default: 1"},
|
||||
}
|
||||
});
|
||||
}
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
/**
|
||||
* Extract a public key from a private key/certificate
|
||||
*/
|
||||
static int pub(int argc, char *argv[])
|
||||
static int pub()
|
||||
{
|
||||
key_encoding_type_t form = KEY_PUB_SPKI_ASN1_DER;
|
||||
credential_type_t type = CRED_PRIVATE_KEY;
|
||||
|
@ -32,33 +32,31 @@ static int pub(int argc, char *argv[])
|
|||
chunk_t encoding;
|
||||
char *file = NULL;
|
||||
void *cred;
|
||||
char *arg;
|
||||
|
||||
while (TRUE)
|
||||
{
|
||||
switch (getopt_long(argc, argv, command_optstring, command_opts, NULL))
|
||||
switch (command_getopt(&arg))
|
||||
{
|
||||
case 'h':
|
||||
return command_usage(NULL);
|
||||
case 'v':
|
||||
dbg_level = atoi(optarg);
|
||||
continue;
|
||||
case 't':
|
||||
if (streq(optarg, "rsa"))
|
||||
if (streq(arg, "rsa"))
|
||||
{
|
||||
type = CRED_PRIVATE_KEY;
|
||||
subtype = KEY_RSA;
|
||||
}
|
||||
else if (streq(optarg, "ecdsa"))
|
||||
else if (streq(arg, "ecdsa"))
|
||||
{
|
||||
type = CRED_PRIVATE_KEY;
|
||||
subtype = KEY_ECDSA;
|
||||
}
|
||||
else if (streq(optarg, "pkcs10"))
|
||||
else if (streq(arg, "pkcs10"))
|
||||
{
|
||||
type = CRED_CERTIFICATE;
|
||||
subtype = CERT_PKCS10_REQUEST;
|
||||
}
|
||||
else if (streq(optarg, "x509"))
|
||||
else if (streq(arg, "x509"))
|
||||
{
|
||||
type = CRED_CERTIFICATE;
|
||||
subtype = CERT_X509;
|
||||
|
@ -69,13 +67,13 @@ static int pub(int argc, char *argv[])
|
|||
}
|
||||
continue;
|
||||
case 'f':
|
||||
if (!get_form(optarg, &form, TRUE))
|
||||
if (!get_form(arg, &form, TRUE))
|
||||
{
|
||||
return command_usage("invalid output format");
|
||||
}
|
||||
continue;
|
||||
case 'i':
|
||||
file = optarg;
|
||||
file = arg;
|
||||
continue;
|
||||
case EOF:
|
||||
break;
|
||||
|
@ -147,14 +145,12 @@ static void __attribute__ ((constructor))reg()
|
|||
command_register((command_t) {
|
||||
pub, 'p', "pub",
|
||||
"extract the public key from a private key/certificate",
|
||||
{"[--in file] [--type rsa|ecdsa|pkcs10|x509] [--outform der|pem|pgp]",
|
||||
"[--debug 0|1|2|3|4]"},
|
||||
{"[--in file] [--type rsa|ecdsa|pkcs10|x509] [--outform der|pem|pgp]"},
|
||||
{
|
||||
{"help", 'h', 0, "show usage information"},
|
||||
{"in", 'i', 1, "input file, default: stdin"},
|
||||
{"type", 't', 1, "type of credential, default: rsa"},
|
||||
{"outform", 'f', 1, "encoding of extracted public key"},
|
||||
{"debug", 'v', 1, "set debug level, default: 1"},
|
||||
}
|
||||
});
|
||||
}
|
||||
|
|
|
@ -18,14 +18,13 @@
|
|||
#include "pki.h"
|
||||
|
||||
#include <utils/linked_list.h>
|
||||
#include <utils/optionsfrom.h>
|
||||
#include <credentials/certificates/certificate.h>
|
||||
#include <credentials/certificates/x509.h>
|
||||
|
||||
/**
|
||||
* Create a self signed certificate.
|
||||
*/
|
||||
static int self(int argc, char *argv[])
|
||||
static int self()
|
||||
{
|
||||
key_type_t type = KEY_RSA;
|
||||
hash_algorithm_t digest = HASH_SHA1;
|
||||
|
@ -40,34 +39,26 @@ static int self(int argc, char *argv[])
|
|||
chunk_t encoding = chunk_empty;
|
||||
time_t not_before, not_after;
|
||||
x509_flag_t flags = 0;
|
||||
options_t *options;
|
||||
char *arg;
|
||||
|
||||
options = options_create();
|
||||
san = linked_list_create();
|
||||
ocsp = linked_list_create();
|
||||
|
||||
while (TRUE)
|
||||
{
|
||||
switch (getopt_long(argc, argv, command_optstring, command_opts, NULL))
|
||||
switch (command_getopt(&arg))
|
||||
{
|
||||
case 'h':
|
||||
goto usage;
|
||||
case 'v':
|
||||
dbg_level = atoi(optarg);
|
||||
continue;
|
||||
case '+':
|
||||
if (!options->from(options, optarg, &argc, &argv, optind))
|
||||
{
|
||||
error = "invalid options file";
|
||||
goto usage;
|
||||
}
|
||||
dbg_level = atoi(arg);
|
||||
continue;
|
||||
case 't':
|
||||
if (streq(optarg, "rsa"))
|
||||
if (streq(arg, "rsa"))
|
||||
{
|
||||
type = KEY_RSA;
|
||||
}
|
||||
else if (streq(optarg, "ecdsa"))
|
||||
else if (streq(arg, "ecdsa"))
|
||||
{
|
||||
type = KEY_ECDSA;
|
||||
}
|
||||
|
@ -78,7 +69,7 @@ static int self(int argc, char *argv[])
|
|||
}
|
||||
continue;
|
||||
case 'g':
|
||||
digest = get_digest(optarg);
|
||||
digest = get_digest(arg);
|
||||
if (digest == HASH_UNKNOWN)
|
||||
{
|
||||
error = "invalid --digest type";
|
||||
|
@ -86,16 +77,16 @@ static int self(int argc, char *argv[])
|
|||
}
|
||||
continue;
|
||||
case 'i':
|
||||
file = optarg;
|
||||
file = arg;
|
||||
continue;
|
||||
case 'd':
|
||||
dn = optarg;
|
||||
dn = arg;
|
||||
continue;
|
||||
case 'a':
|
||||
san->insert_last(san, identification_create_from_string(optarg));
|
||||
san->insert_last(san, identification_create_from_string(arg));
|
||||
continue;
|
||||
case 'l':
|
||||
lifetime = atoi(optarg);
|
||||
lifetime = atoi(arg);
|
||||
if (!lifetime)
|
||||
{
|
||||
error = "invalid --lifetime value";
|
||||
|
@ -103,13 +94,13 @@ static int self(int argc, char *argv[])
|
|||
}
|
||||
continue;
|
||||
case 's':
|
||||
hex = optarg;
|
||||
hex = arg;
|
||||
continue;
|
||||
case 'b':
|
||||
flags |= X509_CA;
|
||||
continue;
|
||||
case 'o':
|
||||
ocsp->insert_last(ocsp, optarg);
|
||||
ocsp->insert_last(ocsp, arg);
|
||||
continue;
|
||||
case EOF:
|
||||
break;
|
||||
|
@ -201,7 +192,6 @@ end:
|
|||
DESTROY_IF(private);
|
||||
san->destroy_offset(san, offsetof(identification_t, destroy));
|
||||
ocsp->destroy(ocsp);
|
||||
options->destroy(options);
|
||||
free(encoding.ptr);
|
||||
free(serial.ptr);
|
||||
|
||||
|
@ -215,7 +205,6 @@ end:
|
|||
usage:
|
||||
san->destroy_offset(san, offsetof(identification_t, destroy));
|
||||
ocsp->destroy(ocsp);
|
||||
options->destroy(options);
|
||||
return command_usage(error);
|
||||
}
|
||||
|
||||
|
@ -230,8 +219,7 @@ static void __attribute__ ((constructor))reg()
|
|||
{"[--in file] [--type rsa|ecdsa]",
|
||||
" --dn distinguished-name [--san subjectAltName]+",
|
||||
"[--lifetime days] [--serial hex] [--ca] [--ocsp uri]+",
|
||||
"[--digest md5|sha1|sha224|sha256|sha384|sha512]",
|
||||
"[--options file]"},
|
||||
"[--digest md5|sha1|sha224|sha256|sha384|sha512]"},
|
||||
{
|
||||
{"help", 'h', 0, "show usage information"},
|
||||
{"in", 'i', 1, "private key input file, default: stdin"},
|
||||
|
@ -243,8 +231,6 @@ static void __attribute__ ((constructor))reg()
|
|||
{"ca", 'b', 0, "include CA basicConstraint, default: no"},
|
||||
{"ocsp", 'o', 1, "OCSP AuthorityInfoAccess URI to include"},
|
||||
{"digest", 'g', 1, "digest for signature creation, default: sha1"},
|
||||
{"debug", 'v', 1, "set debug level, default: 1"},
|
||||
{"options", '+', 1, "read command line options from file"},
|
||||
}
|
||||
});
|
||||
}
|
||||
|
|
|
@ -21,26 +21,24 @@
|
|||
/**
|
||||
* Verify a certificate signature
|
||||
*/
|
||||
static int verify(int argc, char *argv[])
|
||||
static int verify()
|
||||
{
|
||||
certificate_t *cert, *ca;
|
||||
char *file = NULL, *cafile = NULL;
|
||||
bool good = FALSE;
|
||||
char *arg;
|
||||
|
||||
while (TRUE)
|
||||
{
|
||||
switch (getopt_long(argc, argv, command_optstring, command_opts, NULL))
|
||||
switch (command_getopt(&arg))
|
||||
{
|
||||
case 'h':
|
||||
return command_usage(NULL);
|
||||
case 'v':
|
||||
dbg_level = atoi(optarg);
|
||||
continue;
|
||||
case 'i':
|
||||
file = optarg;
|
||||
file = arg;
|
||||
continue;
|
||||
case 'c':
|
||||
cafile = optarg;
|
||||
cafile = arg;
|
||||
continue;
|
||||
case EOF:
|
||||
break;
|
||||
|
@ -132,7 +130,6 @@ static void __attribute__ ((constructor))reg()
|
|||
{"help", 'h', 0, "show usage information"},
|
||||
{"in", 'i', 1, "x509 certifcate to verify, default: stdin"},
|
||||
{"cacert", 'c', 1, "CA certificate, default: verify self signed"},
|
||||
{"debug", 'v', 1, "set debug level, default: 1"},
|
||||
}
|
||||
});
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue