]>
git.ipfire.org Git - people/ms/strongswan.git/blob - src/pki/commands/keyid.c
2 * Copyright (C) 2009 Martin Willi
3 * Hochschule fuer Technik Rapperswil
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 #include <credentials/certificates/certificate.h>
21 #include <credentials/certificates/x509.h>
24 * Calculate the keyid of a key/certificate
28 credential_type_t type
= CRED_PRIVATE_KEY
;
29 int subtype
= KEY_RSA
;
31 private_key_t
*private;
40 switch (command_getopt(&arg
))
43 return command_usage(NULL
);
45 if (streq(arg
, "rsa-priv"))
47 type
= CRED_PRIVATE_KEY
;
50 else if (streq(arg
, "ecdsa-priv"))
52 type
= CRED_PRIVATE_KEY
;
55 else if (streq(arg
, "pub"))
57 type
= CRED_PUBLIC_KEY
;
60 else if (streq(arg
, "pkcs10"))
62 type
= CRED_CERTIFICATE
;
63 subtype
= CERT_PKCS10_REQUEST
;
65 else if (streq(arg
, "x509"))
67 type
= CRED_CERTIFICATE
;
72 return command_usage( "invalid input type");
81 return command_usage("invalid --keyid option");
87 cred
= lib
->creds
->create(lib
->creds
, type
, subtype
,
88 BUILD_FROM_FILE
, file
, BUILD_END
);
94 set_file_mode(stdin
, CERT_ASN1_DER
);
95 if (!chunk_from_fd(0, &chunk
))
97 fprintf(stderr
, "reading input failed: %s\n", strerror(errno
));
100 cred
= lib
->creds
->create(lib
->creds
, type
, subtype
,
101 BUILD_BLOB
, chunk
, BUILD_END
);
106 fprintf(stderr
, "parsing input failed\n");
110 if (type
== CRED_PRIVATE_KEY
)
113 if (private->get_fingerprint(private, KEYID_PUBKEY_SHA1
, &id
))
115 printf("subjectKeyIdentifier: %#B\n", &id
);
117 if (private->get_fingerprint(private, KEYID_PUBKEY_INFO_SHA1
, &id
))
119 printf("subjectPublicKeyInfo hash: %#B\n", &id
);
121 private->destroy(private);
123 else if (type
== CRED_PUBLIC_KEY
)
126 if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1
, &id
))
128 printf("subjectKeyIdentifier: %#B\n", &id
);
130 if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1
, &id
))
132 printf("subjectPublicKeyInfo hash: %#B\n", &id
);
134 public->destroy(public);
139 public = cert
->get_public_key(cert
);
142 fprintf(stderr
, "extracting public key from certificate failed");
145 if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1
, &id
))
147 printf("subjectKeyIdentifier: %#B\n", &id
);
149 if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1
, &id
))
151 printf("subjectPublicKeyInfo hash: %#B\n", &id
);
153 public->destroy(public);
160 * Register the command.
162 static void __attribute__ ((constructor
))reg()
164 command_register((command_t
)
165 { keyid
, 'k', "keyid",
166 "calculate key identifiers of a key/certificate",
167 {"[--in file] [--type rsa-priv|ecdsa-priv|pub|pkcs10|x509]"},
169 {"help", 'h', 0, "show usage information"},
170 {"in", 'i', 1, "input file, default: stdin"},
171 {"type", 't', 1, "type of key, default: rsa-priv"},