]> git.ipfire.org Git - people/ms/strongswan.git/blob - src/pki/commands/keyid.c
projects / people / ms / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
pki: Switch to binary mode on Windows when reading/writing DER to FDs
[people/ms/strongswan.git] / src / pki / commands / keyid.c
1 /*
2 * Copyright (C) 2009 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include <errno.h>
17
18 #include "pki.h"
19
20 #include <credentials/certificates/certificate.h>
21 #include <credentials/certificates/x509.h>
22
23 /**
24 * Calculate the keyid of a key/certificate
25 */
26 static int keyid()
27 {
28 credential_type_t type = CRED_PRIVATE_KEY;
29 int subtype = KEY_RSA;
30 certificate_t *cert;
31 private_key_t *private;
32 public_key_t *public;
33 char *file = NULL;
34 void *cred;
35 chunk_t id;
36 char *arg;
37
38 while (TRUE)
39 {
40 switch (command_getopt(&arg))
41 {
42 case 'h':
43 return command_usage(NULL);
44 case 't':
45 if (streq(arg, "rsa-priv"))
46 {
47 type = CRED_PRIVATE_KEY;
48 subtype = KEY_RSA;
49 }
50 else if (streq(arg, "ecdsa-priv"))
51 {
52 type = CRED_PRIVATE_KEY;
53 subtype = KEY_ECDSA;
54 }
55 else if (streq(arg, "pub"))
56 {
57 type = CRED_PUBLIC_KEY;
58 subtype = KEY_ANY;
59 }
60 else if (streq(arg, "pkcs10"))
61 {
62 type = CRED_CERTIFICATE;
63 subtype = CERT_PKCS10_REQUEST;
64 }
65 else if (streq(arg, "x509"))
66 {
67 type = CRED_CERTIFICATE;
68 subtype = CERT_X509;
69 }
70 else
71 {
72 return command_usage( "invalid input type");
73 }
74 continue;
75 case 'i':
76 file = arg;
77 continue;
78 case EOF:
79 break;
80 default:
81 return command_usage("invalid --keyid option");
82 }
83 break;
84 }
85 if (file)
86 {
87 cred = lib->creds->create(lib->creds, type, subtype,
88 BUILD_FROM_FILE, file, BUILD_END);
89 }
90 else
91 {
92 chunk_t chunk;
93
94 set_file_mode(stdin, CERT_ASN1_DER);
95 if (!chunk_from_fd(0, &chunk))
96 {
97 fprintf(stderr, "reading input failed: %s\n", strerror(errno));
98 return 1;
99 }
100 cred = lib->creds->create(lib->creds, type, subtype,
101 BUILD_BLOB, chunk, BUILD_END);
102 free(chunk.ptr);
103 }
104 if (!cred)
105 {
106 fprintf(stderr, "parsing input failed\n");
107 return 1;
108 }
109
110 if (type == CRED_PRIVATE_KEY)
111 {
112 private = cred;
113 if (private->get_fingerprint(private, KEYID_PUBKEY_SHA1, &id))
114 {
115 printf("subjectKeyIdentifier: %#B\n", &id);
116 }
117 if (private->get_fingerprint(private, KEYID_PUBKEY_INFO_SHA1, &id))
118 {
119 printf("subjectPublicKeyInfo hash: %#B\n", &id);
120 }
121 private->destroy(private);
122 }
123 else if (type == CRED_PUBLIC_KEY)
124 {
125 public = cred;
126 if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &id))
127 {
128 printf("subjectKeyIdentifier: %#B\n", &id);
129 }
130 if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &id))
131 {
132 printf("subjectPublicKeyInfo hash: %#B\n", &id);
133 }
134 public->destroy(public);
135 }
136 else
137 {
138 cert = cred;
139 public = cert->get_public_key(cert);
140 if (!public)
141 {
142 fprintf(stderr, "extracting public key from certificate failed");
143 return 1;
144 }
145 if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &id))
146 {
147 printf("subjectKeyIdentifier: %#B\n", &id);
148 }
149 if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &id))
150 {
151 printf("subjectPublicKeyInfo hash: %#B\n", &id);
152 }
153 public->destroy(public);
154 cert->destroy(cert);
155 }
156 return 0;
157 }
158
159 /**
160 * Register the command.
161 */
162 static void __attribute__ ((constructor))reg()
163 {
164 command_register((command_t)
165 { keyid, 'k', "keyid",
166 "calculate key identifiers of a key/certificate",
167 {"[--in file] [--type rsa-priv|ecdsa-priv|pub|pkcs10|x509]"},
168 {
169 {"help", 'h', 0, "show usage information"},
170 {"in", 'i', 1, "input file, default: stdin"},
171 {"type", 't', 1, "type of key, default: rsa-priv"},
172 }
173 });
174 }
Michael's strongswan development tree