certificate_t *cert_req = NULL, *cert = NULL, *ca =NULL;
private_key_t *private = NULL;
public_key_t *public = NULL;
+ credential_type_t type = CRED_PUBLIC_KEY;
+ key_type_t subtype = KEY_ANY;
bool pkcs10 = FALSE;
char *file = NULL, *dn = NULL, *hex = NULL, *cacert = NULL, *cakey = NULL;
char *error = NULL, *keyid = NULL;
{
pkcs10 = TRUE;
}
+ else if (streq(arg, "rsa"))
+ {
+ type = CRED_PRIVATE_KEY;
+ subtype = KEY_RSA;
+ }
+ else if (streq(arg, "ecdsa"))
+ {
+ type = CRED_PRIVATE_KEY;
+ subtype = KEY_ECDSA;
+ }
+ else if (streq(arg, "bliss"))
+ {
+ type = CRED_PRIVATE_KEY;
+ subtype = KEY_BLISS;
+ }
else if (!streq(arg, "pub"))
{
error = "invalid input type";
}
else
{
- DBG2(DBG_LIB, "Reading public key:");
+ DBG2(DBG_LIB, "Reading key:");
if (file)
{
- public = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY,
+ public = lib->creds->create(lib->creds, type, subtype,
BUILD_FROM_FILE, file, BUILD_END);
}
else
if (!chunk_from_fd(0, &chunk))
{
fprintf(stderr, "%s: ", strerror(errno));
- error = "reading public key failed";
+ error = "reading key failed";
goto end;
}
- public = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY,
+ public = lib->creds->create(lib->creds, type, subtype,
BUILD_BLOB, chunk, BUILD_END);
free(chunk.ptr);
}
+ if (public && type == CRED_PRIVATE_KEY)
+ {
+ private_key_t *priv = (private_key_t*)public;
+ public = priv->get_public_key(priv);
+ priv->destroy(priv);
+ }
}
if (!public)
{
key/request is read from \fISTDIN\fR.
.TP
.BI "\-t, \-\-type " type
-Type of the input. Either \fIpub\fR for a public key, or \fIpkcs10\fR for a
-PKCS#10 certificate request, defaults to \fIpub\fR.
+Type of the input. One of \fIpub\fR (public key), \fIrsa\fR (RSA private key),
+\fIecdsa\fR (ECDSA private key), or \fIpkcs10\fR (PKCS#10 certificate request),
+defaults to \fIpub\fR.
.TP
.BI "\-k, \-\-cakey " file
CA private key file. Either this or