From: Daan De Meyer Date: Fri, 12 Dec 2025 13:26:19 +0000 (+0100) Subject: keyutil: Rename public to extract-public X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9fc537437b4ba6d9a31fe51de5d6686aafa51c94;p=thirdparty%2Fsystemd.git keyutil: Rename public to extract-public --- diff --git a/man/systemd-keyutil.xml b/man/systemd-keyutil.xml index aaf760b948b..47ab28a055e 100644 --- a/man/systemd-keyutil.xml +++ b/man/systemd-keyutil.xml @@ -56,7 +56,7 @@ - public + extract-public This commands prints the public key in PEM format extracted from either the certificate given with or the private key given with diff --git a/src/keyutil/keyutil.c b/src/keyutil/keyutil.c index 1c283d2aa7f..0e4e5006c72 100644 --- a/src/keyutil/keyutil.c +++ b/src/keyutil/keyutil.c @@ -48,7 +48,7 @@ static int help(int argc, char *argv[], void *userdata) { "\n%5$sPerform various operations on private keys and certificates.%6$s\n" "\n%3$sCommands:%4$s\n" " validate Load and validate the given certificate and private key\n" - " public Extract a public key\n" + " extract-public Extract a public key\n" " pkcs7 Generate a PKCS#7 signature\n" "\n%3$sOptions:%4$s\n" " -h --help Show this help\n" @@ -247,7 +247,7 @@ static int verb_validate(int argc, char *argv[], void *userdata) { return 0; } -static int verb_public(int argc, char *argv[], void *userdata) { +static int verb_extract_public(int argc, char *argv[], void *userdata) { _cleanup_(EVP_PKEY_freep) EVP_PKEY *public_key = NULL; int r; @@ -399,10 +399,11 @@ static int verb_pkcs7(int argc, char *argv[], void *userdata) { static int run(int argc, char *argv[]) { static const Verb verbs[] = { - { "help", VERB_ANY, VERB_ANY, 0, help }, - { "validate", VERB_ANY, 1, 0, verb_validate }, - { "public", VERB_ANY, 1, 0, verb_public }, - { "pkcs7", VERB_ANY, VERB_ANY, 0, verb_pkcs7 }, + { "help", VERB_ANY, VERB_ANY, 0, help }, + { "validate", VERB_ANY, 1, 0, verb_validate }, + { "extract-public", VERB_ANY, 1, 0, verb_extract_public }, + { "public", VERB_ANY, 1, 0, verb_extract_public }, /* Deprecated but kept for backwards compat. */ + { "pkcs7", VERB_ANY, VERB_ANY, 0, verb_pkcs7 }, {} }; int r; diff --git a/src/ukify/ukify.py b/src/ukify/ukify.py index ad6560534ac..c98f8e2a5dd 100755 --- a/src/ukify/ukify.py +++ b/src/ukify/ukify.py @@ -1364,7 +1364,7 @@ def make_uki(opts: UkifyConfig) -> None: pcrpkey: Union[bytes, Path, None] = opts.pcrpkey if pcrpkey is None: keyutil_tool = find_tool('systemd-keyutil', '/usr/lib/systemd/systemd-keyutil') - cmd = [keyutil_tool, 'public'] + cmd = [keyutil_tool, 'extract-public'] if opts.pcr_public_keys and len(opts.pcr_public_keys) == 1: # If we're using an engine or provider, the public key will be an X.509 certificate. diff --git a/test/units/TEST-74-AUX-UTILS.keyutil.sh b/test/units/TEST-74-AUX-UTILS.keyutil.sh index 172939253e4..7cc9fd05f9f 100755 --- a/test/units/TEST-74-AUX-UTILS.keyutil.sh +++ b/test/units/TEST-74-AUX-UTILS.keyutil.sh @@ -37,14 +37,14 @@ testcase_validate() { /usr/lib/systemd/systemd-keyutil validate --certificate /tmp/test.crt --private-key /tmp/test.key } -testcase_public() { - PUBLIC="$(/usr/lib/systemd/systemd-keyutil public --certificate /tmp/test.crt)" +testcase_extract_public() { + PUBLIC="$(/usr/lib/systemd/systemd-keyutil extract-public --certificate /tmp/test.crt)" assert_eq "$PUBLIC" "$(openssl x509 -in /tmp/test.crt -pubkey -noout)" - PUBLIC="$(/usr/lib/systemd/systemd-keyutil public --private-key /tmp/test.key)" + PUBLIC="$(/usr/lib/systemd/systemd-keyutil extract-public --private-key /tmp/test.key)" assert_eq "$PUBLIC" "$(openssl x509 -in /tmp/test.crt -pubkey -noout)" - (! /usr/lib/systemd/systemd-keyutil public) + (! /usr/lib/systemd/systemd-keyutil extract-public) } verify_pkcs7() {