diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-10-27 09:50:26 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-10-27 09:50:26 +0000 |
commit | b613005c0d8380b24315cdca7cc7f6e1f390127a (patch) | |
tree | ce340c0017e027d5d038f417a49f4df694270bb8 | |
parent | e0fd011963b4ce74ffde08d2cd61c32388d30e3f (diff) | |
download | gnutls-b613005c0d8380b24315cdca7cc7f6e1f390127a.tar.gz |
added the --der option to certtool.
-rw-r--r-- | src/certtool-gaa.c | 68 | ||||
-rw-r--r-- | src/certtool-gaa.h | 10 | ||||
-rw-r--r-- | src/certtool.c | 36 | ||||
-rw-r--r-- | src/certtool.gaa | 6 |
4 files changed, 72 insertions, 48 deletions
diff --git a/src/certtool-gaa.c b/src/certtool-gaa.c index 89972e9fde..7097d78bbb 100644 --- a/src/certtool-gaa.c +++ b/src/certtool-gaa.c @@ -131,6 +131,7 @@ void gaa_help(void) __gaa_helpsingle('i', "certificate-info", "", "Print information on a certificate."); __gaa_helpsingle('k', "key-info", "", "Print information on a private key."); __gaa_helpsingle('8', "pkcs8", "", "Use PKCS #8 format for private keys."); + __gaa_helpsingle(0, "der", "", "Use DER format for certificates and private keys."); __gaa_helpsingle(0, "bits", "BITS ", "specify the number of bits for key generation."); __gaa_helpsingle(0, "outfile", "FILE ", "Output file."); __gaa_helpsingle(0, "infile", "FILE ", "Output file."); @@ -151,14 +152,16 @@ typedef struct _gaainfo gaainfo; struct _gaainfo { -#line 48 "certtool.gaa" +#line 51 "certtool.gaa" int debug; -#line 45 "certtool.gaa" +#line 48 "certtool.gaa" char *infile; -#line 42 "certtool.gaa" +#line 45 "certtool.gaa" char *outfile; -#line 39 "certtool.gaa" +#line 42 "certtool.gaa" int bits; +#line 39 "certtool.gaa" + int cert_format; #line 36 "certtool.gaa" int pkcs8; #line 28 "certtool.gaa" @@ -227,27 +230,28 @@ int gaa_error = 0; #define GAA_MULTIPLE_OPTION 3 #define GAA_REST 0 -#define GAA_NB_OPTION 20 +#define GAA_NB_OPTION 21 #define GAAOPTID_version 1 #define GAAOPTID_help 2 #define GAAOPTID_debug 3 #define GAAOPTID_infile 4 #define GAAOPTID_outfile 5 #define GAAOPTID_bits 6 -#define GAAOPTID_pkcs8 7 -#define GAAOPTID_key_info 8 -#define GAAOPTID_certificate_info 9 -#define GAAOPTID_load_ca_certificate 10 -#define GAAOPTID_load_ca_privkey 11 -#define GAAOPTID_load_certificate 12 -#define GAAOPTID_load_request 13 -#define GAAOPTID_load_privkey 14 -#define GAAOPTID_verify_chain 15 -#define GAAOPTID_generate_request 16 -#define GAAOPTID_generate_privkey 17 -#define GAAOPTID_update_certificate 18 -#define GAAOPTID_generate_certificate 19 -#define GAAOPTID_generate_self_signed 20 +#define GAAOPTID_der 7 +#define GAAOPTID_pkcs8 8 +#define GAAOPTID_key_info 9 +#define GAAOPTID_certificate_info 10 +#define GAAOPTID_load_ca_certificate 11 +#define GAAOPTID_load_ca_privkey 12 +#define GAAOPTID_load_certificate 13 +#define GAAOPTID_load_request 14 +#define GAAOPTID_load_privkey 15 +#define GAAOPTID_verify_chain 16 +#define GAAOPTID_generate_request 17 +#define GAAOPTID_generate_privkey 18 +#define GAAOPTID_update_certificate 19 +#define GAAOPTID_generate_certificate 20 +#define GAAOPTID_generate_self_signed 21 #line 168 "gaa.skel" @@ -530,6 +534,7 @@ int gaa_get_option_num(char *str, int status) #line 375 "gaa.skel" GAA_CHECK1STR("v", GAAOPTID_version); GAA_CHECK1STR("h", GAAOPTID_help); + GAA_CHECK1STR("", GAAOPTID_der); GAA_CHECK1STR("8", GAAOPTID_pkcs8); GAA_CHECK1STR("k", GAAOPTID_key_info); GAA_CHECK1STR("i", GAAOPTID_certificate_info); @@ -549,6 +554,7 @@ int gaa_get_option_num(char *str, int status) GAA_CHECKSTR("infile", GAAOPTID_infile); GAA_CHECKSTR("outfile", GAAOPTID_outfile); GAA_CHECKSTR("bits", GAAOPTID_bits); + GAA_CHECKSTR("der", GAAOPTID_der); GAA_CHECKSTR("pkcs8", GAAOPTID_pkcs8); GAA_CHECKSTR("key-info", GAAOPTID_key_info); GAA_CHECKSTR("certificate-info", GAAOPTID_certificate_info); @@ -606,14 +612,14 @@ int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) { case GAAOPTID_version: OK = 0; -#line 53 "certtool.gaa" +#line 56 "certtool.gaa" { certtool_version(); exit(0); ;}; return GAA_OK; break; case GAAOPTID_help: OK = 0; -#line 51 "certtool.gaa" +#line 54 "certtool.gaa" { gaa_help(); exit(0); ;}; return GAA_OK; @@ -623,7 +629,7 @@ int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_debug.arg1, gaa_getint, GAATMP_debug.size1); gaa_index++; -#line 49 "certtool.gaa" +#line 52 "certtool.gaa" { gaaval->debug = GAATMP_debug.arg1 ;}; return GAA_OK; @@ -633,7 +639,7 @@ int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_infile.arg1, gaa_getstr, GAATMP_infile.size1); gaa_index++; -#line 46 "certtool.gaa" +#line 49 "certtool.gaa" { gaaval->infile = GAATMP_infile.arg1 ;}; return GAA_OK; @@ -643,7 +649,7 @@ int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_outfile.arg1, gaa_getstr, GAATMP_outfile.size1); gaa_index++; -#line 43 "certtool.gaa" +#line 46 "certtool.gaa" { gaaval->outfile = GAATMP_outfile.arg1 ;}; return GAA_OK; @@ -653,11 +659,18 @@ int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_bits.arg1, gaa_getint, GAATMP_bits.size1); gaa_index++; -#line 40 "certtool.gaa" +#line 43 "certtool.gaa" { gaaval->bits = GAATMP_bits.arg1 ;}; return GAA_OK; break; + case GAAOPTID_der: + OK = 0; +#line 40 "certtool.gaa" +{ gaaval->cert_format=1 ;}; + + return GAA_OK; + break; case GAAOPTID_pkcs8: OK = 0; #line 37 "certtool.gaa" @@ -795,9 +808,10 @@ int gaa(int argc, char **argv, gaainfo *gaaval) if(inited == 0) { -#line 55 "certtool.gaa" +#line 58 "certtool.gaa" { gaaval->bits = 1024; gaaval->pkcs8 = 0; gaaval->privkey = NULL; gaaval->ca=NULL; gaaval->ca_privkey = NULL; - gaaval->debug=1; gaaval->request = NULL; gaaval->infile = NULL; gaaval->outfile = NULL; gaaval->cert = NULL; ;}; + gaaval->debug=1; gaaval->request = NULL; gaaval->infile = NULL; gaaval->outfile = NULL; gaaval->cert = NULL; + gaaval->cert_format = 0; ;}; } inited = 1; diff --git a/src/certtool-gaa.h b/src/certtool-gaa.h index e581876340..5b28a139b1 100644 --- a/src/certtool-gaa.h +++ b/src/certtool-gaa.h @@ -8,14 +8,16 @@ typedef struct _gaainfo gaainfo; struct _gaainfo { -#line 48 "certtool.gaa" +#line 51 "certtool.gaa" int debug; -#line 45 "certtool.gaa" +#line 48 "certtool.gaa" char *infile; -#line 42 "certtool.gaa" +#line 45 "certtool.gaa" char *outfile; -#line 39 "certtool.gaa" +#line 42 "certtool.gaa" int bits; +#line 39 "certtool.gaa" + int cert_format; #line 36 "certtool.gaa" int pkcs8; #line 28 "certtool.gaa" diff --git a/src/certtool.c b/src/certtool.c index 87156f66bc..303022e1cb 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -21,6 +21,7 @@ void generate_request(void); static gaainfo info; FILE* outfile; FILE* infile; +int cert_format; static unsigned char buffer[40*1024]; static const int buffer_size = sizeof(buffer); @@ -167,14 +168,14 @@ int size, ret; if (!info.pkcs8) { size = sizeof(buffer); - ret = gnutls_x509_privkey_export( key, GNUTLS_X509_FMT_PEM, buffer, &size); + ret = gnutls_x509_privkey_export( key, cert_format, buffer, &size); if (ret < 0) { fprintf(stderr, "privkey_export: %s\n", gnutls_strerror(ret)); exit(1); } } else { size = sizeof(buffer); - ret = gnutls_x509_privkey_export_pkcs8( key, GNUTLS_X509_FMT_PEM, NULL, GNUTLS_PKCS8_PLAIN, buffer, &size); + ret = gnutls_x509_privkey_export_pkcs8( key, cert_format, NULL, GNUTLS_PKCS8_PLAIN, buffer, &size); if (ret < 0) { fprintf(stderr, "privkey_export_pkcs8: %s\n", gnutls_strerror(ret)); exit(1); @@ -370,7 +371,7 @@ void generate_self_signed( void) print_private_key( key); size = sizeof(buffer); - result = gnutls_x509_crt_export( crt, GNUTLS_X509_FMT_PEM, buffer, &size); + result = gnutls_x509_crt_export( crt, cert_format, buffer, &size); if (result < 0) { fprintf(stderr, "crt_export: %s\n", gnutls_strerror(result)); exit(1); @@ -410,7 +411,7 @@ void generate_signed_certificate( void) print_private_key( key); size = sizeof(buffer); - result = gnutls_x509_crt_export( crt, GNUTLS_X509_FMT_PEM, buffer, &size); + result = gnutls_x509_crt_export( crt, cert_format, buffer, &size); if (result < 0) { fprintf(stderr, "crt_export: %s\n", gnutls_strerror(result)); exit(1); @@ -445,7 +446,7 @@ void update_signed_certificate( void) } size = sizeof(buffer); - result = gnutls_x509_crt_export( crt, GNUTLS_X509_FMT_PEM, buffer, &size); + result = gnutls_x509_crt_export( crt, cert_format, buffer, &size); if (result < 0) { fprintf(stderr, "crt_export: %s\n", gnutls_strerror(result)); exit(1); @@ -479,6 +480,9 @@ void gaa_parser(int argc, char **argv) exit(1); } } else infile = stdin; + + if (info.cert_format) cert_format = GNUTLS_X509_FMT_DER; + else cert_format = GNUTLS_X509_FMT_PEM; gnutls_global_init(); gnutls_global_set_log_function( tls_log_func); @@ -555,7 +559,7 @@ void certificate_info( void) pem.data = buffer; pem.size = size; - ret = gnutls_x509_crt_import(crt, &pem, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import(crt, &pem, cert_format); if (ret < 0) { fprintf(stderr, "Decoding error: %s\n", gnutls_strerror(ret)); exit(1); @@ -728,9 +732,9 @@ void privkey_info( void) pem.size = size; if (!info.pkcs8) { - ret = gnutls_x509_privkey_import(key, &pem, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import(key, &pem, cert_format); } else { - ret = gnutls_x509_privkey_import_pkcs8(key, &pem, GNUTLS_X509_FMT_PEM, NULL, GNUTLS_PKCS8_PLAIN); + ret = gnutls_x509_privkey_import_pkcs8(key, &pem, cert_format, NULL, GNUTLS_PKCS8_PLAIN); } if (ret < 0) { @@ -796,9 +800,9 @@ size_t size; dat.size = size; if (!info.pkcs8) - ret = gnutls_x509_privkey_import( key, &dat, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import( key, &dat, cert_format); else - ret = gnutls_x509_privkey_import_pkcs8( key, &dat, GNUTLS_X509_FMT_PEM, + ret = gnutls_x509_privkey_import_pkcs8( key, &dat, cert_format, NULL, 0); if (ret < 0) { @@ -839,7 +843,7 @@ size_t size; dat.data = buffer; dat.size = size; - ret = gnutls_x509_crq_import( crq, &dat, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crq_import( crq, &dat, cert_format); if (ret < 0) { fprintf(stderr, "crq_import: %s\n", gnutls_strerror(ret)); @@ -885,9 +889,9 @@ size_t size; dat.size = size; if (!info.pkcs8) - ret = gnutls_x509_privkey_import( key, &dat, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_privkey_import( key, &dat, cert_format); else - ret = gnutls_x509_privkey_import_pkcs8( key, &dat, GNUTLS_X509_FMT_PEM, + ret = gnutls_x509_privkey_import_pkcs8( key, &dat, cert_format, NULL, 0); if (ret < 0) { @@ -935,7 +939,7 @@ size_t size; dat.data = buffer; dat.size = size; - ret = gnutls_x509_crt_import( crt, &dat, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import( crt, &dat, cert_format); if (ret < 0) { fprintf(stderr, "crt_import: %s\n", gnutls_strerror(ret)); exit(1); @@ -981,7 +985,7 @@ size_t size; dat.data = buffer; dat.size = size; - ret = gnutls_x509_crt_import( crt, &dat, GNUTLS_X509_FMT_PEM); + ret = gnutls_x509_crt_import( crt, &dat, cert_format); if (ret < 0) { fprintf(stderr, "crt_import: %s\n", gnutls_strerror(ret)); exit(1); @@ -1052,7 +1056,7 @@ void generate_request(void) print_private_key( key); size = sizeof(buffer); - ret = gnutls_x509_crq_export( crq, GNUTLS_X509_FMT_PEM, buffer, &size); + ret = gnutls_x509_crq_export( crq, cert_format, buffer, &size); if (ret < 0) { fprintf(stderr, "export: %s\n", gnutls_strerror(ret)); exit(1); diff --git a/src/certtool.gaa b/src/certtool.gaa index 705e9695fc..9185d5f4b4 100644 --- a/src/certtool.gaa +++ b/src/certtool.gaa @@ -36,6 +36,9 @@ option (k, key-info) { $action = 6; } "Print information on a private key." #int pkcs8; option (8, pkcs8) { $pkcs8=1 } "Use PKCS #8 format for private keys." +#int cert_format; +option (der) { $cert_format=1 } "Use DER format for certificates and private keys." + #int bits; option (bits) INT "BITS" { $bits = $1 } "specify the number of bits for key generation." @@ -53,5 +56,6 @@ option (h, help) { gaa_help(); exit(0); } "shows this help text" option (v, version) { certtool_version(); exit(0); } "shows the program version" init { $bits = 1024; $pkcs8 = 0; $privkey = NULL; $ca=NULL; $ca_privkey = NULL; - $debug=1; $request = NULL; $infile = NULL; $outfile = NULL; $cert = NULL; } + $debug=1; $request = NULL; $infile = NULL; $outfile = NULL; $cert = NULL; + $cert_format = 0; } |