diff options
| author | Wolfgang Meyer zu Bergsten <w.bergsten@sirrix.com> | 2014-08-06 13:20:24 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-08-06 15:13:12 +0200 |
| commit | 3f0dcd51d5da4d5f3665e52e882c870eac6fc181 (patch) | |
| tree | 289282fc873b9e6d9be937ed0b111fd0e71feb9b /src | |
| parent | f2ed4fbdffc4058efe74a725156a6947fafae238 (diff) | |
| download | gnutls-3f0dcd51d5da4d5f3665e52e882c870eac6fc181.tar.gz | |
add public key export to p11tool
Signed-off-by: Wolfgang Meyer zu Bergsten <w.bergsten@sirrix.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/p11tool-args.def | 7 | ||||
| -rw-r--r-- | src/p11tool.c | 2 | ||||
| -rw-r--r-- | src/p11tool.h | 2 | ||||
| -rw-r--r-- | src/pkcs11.c | 35 |
4 files changed, 46 insertions, 0 deletions
diff --git a/src/p11tool-args.def b/src/p11tool-args.def index a20d2ef8e4..807be43686 100644 --- a/src/p11tool-args.def +++ b/src/p11tool-args.def @@ -122,6 +122,13 @@ flag = { doc = "Generates an RSA private-public key pair on the specified token."; }; + +flag = { + name = export-pubkey; + descrip = "Export the public key for a private key"; + doc = "Exports the public key for the specified private key"; +}; + flag = { name = label; arg-type = string; diff --git a/src/p11tool.c b/src/p11tool.c index e2d30edfc1..afd4413962 100644 --- a/src/p11tool.c +++ b/src/p11tool.c @@ -269,6 +269,8 @@ static void cmd_parser(int argc, char **argv) get_bits(key_type, bits, sec_param, 0), label, ENABLED_OPT(PRIVATE), detailed_url, login, &cinfo); + } else if (HAVE_OPT(EXPORT_PUBKEY)) { + pkcs11_export_pubkey(outfile, url, detailed_url, login, &cinfo); } else { USAGE(1); } diff --git a/src/p11tool.h b/src/p11tool.h index ba2ef1bf36..24dd0606d1 100644 --- a/src/p11tool.h +++ b/src/p11tool.h @@ -52,6 +52,8 @@ void pkcs11_generate(FILE * outfile, const char *url, gnutls_pk_algorithm_t type, unsigned int bits, const char *label, int private, int detailed, unsigned int login, common_info_st * info); +void pkcs11_export_pubkey(FILE * outfile, const char *url, int detailed, + unsigned int login, common_info_st * info); #define PKCS11_TYPE_CRT_ALL 1 #define PKCS11_TYPE_TRUSTED 2 diff --git a/src/pkcs11.c b/src/pkcs11.c index de91f43cf6..8fa9fe497b 100644 --- a/src/pkcs11.c +++ b/src/pkcs11.c @@ -577,6 +577,41 @@ pkcs11_generate(FILE * outfile, const char *url, gnutls_pk_algorithm_t pk, } void +pkcs11_export_pubkey(FILE * outfile, const char *url, int detailed, unsigned int login_flags, common_info_st * info) +{ + int ret; + unsigned int flags = 0; + gnutls_datum_t pubkey; + + if (login_flags) flags = login_flags; + + pkcs11_common(info); + + FIX(url, outfile, detailed, info); + CHECK_LOGIN_FLAG(login_flags); + + if (outfile == stderr || outfile == stdout) { + fprintf(stderr, "warning: no --outfile was specified and the public key will be printed on screen.\n"); + sleep(3); + } + + ret = + gnutls_pkcs11_privkey_get_pubkey(url, + GNUTLS_X509_FMT_PEM, &pubkey, + flags); + if (ret < 0) { + fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, + gnutls_strerror(ret)); + exit(1); + } + + fwrite(pubkey.data, 1, pubkey.size, outfile); + gnutls_free(pubkey.data); + + return; +} + +void pkcs11_init(FILE * outfile, const char *url, const char *label, common_info_st * info) { |