diff options
Diffstat (limited to 'cmd/certutil/certutil.c')
-rw-r--r-- | cmd/certutil/certutil.c | 290 |
1 files changed, 143 insertions, 147 deletions
diff --git a/cmd/certutil/certutil.c b/cmd/certutil/certutil.c index 16a9bf16e..e745a447f 100644 --- a/cmd/certutil/certutil.c +++ b/cmd/certutil/certutil.c @@ -2358,34 +2358,32 @@ typedef struct { #define NAME_SIZE(x) #x, sizeof(#x) - 1 -flagArray opFlagsArray[] = - { - { NAME_SIZE(encrypt), CKF_ENCRYPT }, - { NAME_SIZE(decrypt), CKF_DECRYPT }, - { NAME_SIZE(sign), CKF_SIGN }, - { NAME_SIZE(sign_recover), CKF_SIGN_RECOVER }, - { NAME_SIZE(verify), CKF_VERIFY }, - { NAME_SIZE(verify_recover), CKF_VERIFY_RECOVER }, - { NAME_SIZE(wrap), CKF_WRAP }, - { NAME_SIZE(unwrap), CKF_UNWRAP }, - { NAME_SIZE(derive), CKF_DERIVE } - }; +flagArray opFlagsArray[] = { + { NAME_SIZE(encrypt), CKF_ENCRYPT }, + { NAME_SIZE(decrypt), CKF_DECRYPT }, + { NAME_SIZE(sign), CKF_SIGN }, + { NAME_SIZE(sign_recover), CKF_SIGN_RECOVER }, + { NAME_SIZE(verify), CKF_VERIFY }, + { NAME_SIZE(verify_recover), CKF_VERIFY_RECOVER }, + { NAME_SIZE(wrap), CKF_WRAP }, + { NAME_SIZE(unwrap), CKF_UNWRAP }, + { NAME_SIZE(derive), CKF_DERIVE } +}; int opFlagsCount = PR_ARRAY_SIZE(opFlagsArray); -flagArray attrFlagsArray[] = - { - { NAME_SIZE(token), PK11_ATTR_TOKEN }, - { NAME_SIZE(session), PK11_ATTR_SESSION }, - { NAME_SIZE(private), PK11_ATTR_PRIVATE }, - { NAME_SIZE(public), PK11_ATTR_PUBLIC }, - { NAME_SIZE(modifiable), PK11_ATTR_MODIFIABLE }, - { NAME_SIZE(unmodifiable), PK11_ATTR_UNMODIFIABLE }, - { NAME_SIZE(sensitive), PK11_ATTR_SENSITIVE }, - { NAME_SIZE(insensitive), PK11_ATTR_INSENSITIVE }, - { NAME_SIZE(extractable), PK11_ATTR_EXTRACTABLE }, - { NAME_SIZE(unextractable), PK11_ATTR_UNEXTRACTABLE } - }; +flagArray attrFlagsArray[] = { + { NAME_SIZE(token), PK11_ATTR_TOKEN }, + { NAME_SIZE(session), PK11_ATTR_SESSION }, + { NAME_SIZE(private), PK11_ATTR_PRIVATE }, + { NAME_SIZE(public), PK11_ATTR_PUBLIC }, + { NAME_SIZE(modifiable), PK11_ATTR_MODIFIABLE }, + { NAME_SIZE(unmodifiable), PK11_ATTR_UNMODIFIABLE }, + { NAME_SIZE(sensitive), PK11_ATTR_SENSITIVE }, + { NAME_SIZE(insensitive), PK11_ATTR_INSENSITIVE }, + { NAME_SIZE(extractable), PK11_ATTR_EXTRACTABLE }, + { NAME_SIZE(unextractable), PK11_ATTR_UNEXTRACTABLE } +}; int attrFlagsCount = PR_ARRAY_SIZE(attrFlagsArray); @@ -2601,130 +2599,128 @@ enum certutilOpts { opt_Help }; -static const secuCommandFlag commands_init[] = - { - { /* cmd_AddCert */ 'A', PR_FALSE, 0, PR_FALSE }, - { /* cmd_CreateNewCert */ 'C', PR_FALSE, 0, PR_FALSE }, - { /* cmd_DeleteCert */ 'D', PR_FALSE, 0, PR_FALSE }, - { /* cmd_AddEmailCert */ 'E', PR_FALSE, 0, PR_FALSE }, - { /* cmd_DeleteKey */ 'F', PR_FALSE, 0, PR_FALSE }, - { /* cmd_GenKeyPair */ 'G', PR_FALSE, 0, PR_FALSE }, - { /* cmd_PrintHelp */ 'H', PR_FALSE, 0, PR_FALSE, "help" }, - { /* cmd_PrintSyntax */ 0, PR_FALSE, 0, PR_FALSE, - "syntax" }, - { /* cmd_ListKeys */ 'K', PR_FALSE, 0, PR_FALSE }, - { /* cmd_ListCerts */ 'L', PR_FALSE, 0, PR_FALSE }, - { /* cmd_ModifyCertTrust */ 'M', PR_FALSE, 0, PR_FALSE }, - { /* cmd_NewDBs */ 'N', PR_FALSE, 0, PR_FALSE }, - { /* cmd_DumpChain */ 'O', PR_FALSE, 0, PR_FALSE }, - { /* cmd_CertReq */ 'R', PR_FALSE, 0, PR_FALSE }, - { /* cmd_CreateAndAddCert */ 'S', PR_FALSE, 0, PR_FALSE }, - { /* cmd_TokenReset */ 'T', PR_FALSE, 0, PR_FALSE }, - { /* cmd_ListModules */ 'U', PR_FALSE, 0, PR_FALSE }, - { /* cmd_CheckCertValidity */ 'V', PR_FALSE, 0, PR_FALSE }, - { /* cmd_ChangePassword */ 'W', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Version */ 'Y', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Batch */ 'B', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Merge */ 0, PR_FALSE, 0, PR_FALSE, "merge" }, - { /* cmd_UpgradeMerge */ 0, PR_FALSE, 0, PR_FALSE, - "upgrade-merge" }, - { /* cmd_Rename */ 0, PR_FALSE, 0, PR_FALSE, - "rename" }, - { /* cmd_BuildFlags */ 0, PR_FALSE, 0, PR_FALSE, - "build-flags" } - }; +static const secuCommandFlag commands_init[] = { + { /* cmd_AddCert */ 'A', PR_FALSE, 0, PR_FALSE }, + { /* cmd_CreateNewCert */ 'C', PR_FALSE, 0, PR_FALSE }, + { /* cmd_DeleteCert */ 'D', PR_FALSE, 0, PR_FALSE }, + { /* cmd_AddEmailCert */ 'E', PR_FALSE, 0, PR_FALSE }, + { /* cmd_DeleteKey */ 'F', PR_FALSE, 0, PR_FALSE }, + { /* cmd_GenKeyPair */ 'G', PR_FALSE, 0, PR_FALSE }, + { /* cmd_PrintHelp */ 'H', PR_FALSE, 0, PR_FALSE, "help" }, + { /* cmd_PrintSyntax */ 0, PR_FALSE, 0, PR_FALSE, + "syntax" }, + { /* cmd_ListKeys */ 'K', PR_FALSE, 0, PR_FALSE }, + { /* cmd_ListCerts */ 'L', PR_FALSE, 0, PR_FALSE }, + { /* cmd_ModifyCertTrust */ 'M', PR_FALSE, 0, PR_FALSE }, + { /* cmd_NewDBs */ 'N', PR_FALSE, 0, PR_FALSE }, + { /* cmd_DumpChain */ 'O', PR_FALSE, 0, PR_FALSE }, + { /* cmd_CertReq */ 'R', PR_FALSE, 0, PR_FALSE }, + { /* cmd_CreateAndAddCert */ 'S', PR_FALSE, 0, PR_FALSE }, + { /* cmd_TokenReset */ 'T', PR_FALSE, 0, PR_FALSE }, + { /* cmd_ListModules */ 'U', PR_FALSE, 0, PR_FALSE }, + { /* cmd_CheckCertValidity */ 'V', PR_FALSE, 0, PR_FALSE }, + { /* cmd_ChangePassword */ 'W', PR_FALSE, 0, PR_FALSE }, + { /* cmd_Version */ 'Y', PR_FALSE, 0, PR_FALSE }, + { /* cmd_Batch */ 'B', PR_FALSE, 0, PR_FALSE }, + { /* cmd_Merge */ 0, PR_FALSE, 0, PR_FALSE, "merge" }, + { /* cmd_UpgradeMerge */ 0, PR_FALSE, 0, PR_FALSE, + "upgrade-merge" }, + { /* cmd_Rename */ 0, PR_FALSE, 0, PR_FALSE, + "rename" }, + { /* cmd_BuildFlags */ 0, PR_FALSE, 0, PR_FALSE, + "build-flags" } +}; #define NUM_COMMANDS ((sizeof commands_init) / (sizeof commands_init[0])) -static const secuCommandFlag options_init[] = - { - { /* opt_SSOPass */ '0', PR_TRUE, 0, PR_FALSE }, - { /* opt_AddKeyUsageExt */ '1', PR_FALSE, 0, PR_FALSE }, - { /* opt_AddBasicConstraintExt*/ '2', PR_FALSE, 0, PR_FALSE }, - { /* opt_AddAuthorityKeyIDExt*/ '3', PR_FALSE, 0, PR_FALSE }, - { /* opt_AddCRLDistPtsExt */ '4', PR_FALSE, 0, PR_FALSE }, - { /* opt_AddNSCertTypeExt */ '5', PR_FALSE, 0, PR_FALSE }, - { /* opt_AddExtKeyUsageExt */ '6', PR_FALSE, 0, PR_FALSE }, - { /* opt_ExtendedEmailAddrs */ '7', PR_TRUE, 0, PR_FALSE }, - { /* opt_ExtendedDNSNames */ '8', PR_TRUE, 0, PR_FALSE }, - { /* opt_ASCIIForIO */ 'a', PR_FALSE, 0, PR_FALSE }, - { /* opt_ValidityTime */ 'b', PR_TRUE, 0, PR_FALSE }, - { /* opt_IssuerName */ 'c', PR_TRUE, 0, PR_FALSE }, - { /* opt_CertDir */ 'd', PR_TRUE, 0, PR_FALSE }, - { /* opt_VerifySig */ 'e', PR_FALSE, 0, PR_FALSE }, - { /* opt_PasswordFile */ 'f', PR_TRUE, 0, PR_FALSE }, - { /* opt_KeySize */ 'g', PR_TRUE, 0, PR_FALSE }, - { /* opt_TokenName */ 'h', PR_TRUE, 0, PR_FALSE }, - { /* opt_InputFile */ 'i', PR_TRUE, 0, PR_FALSE }, - { /* opt_Emailaddress */ 0, PR_TRUE, 0, PR_FALSE, "email" }, - { /* opt_KeyIndex */ 'j', PR_TRUE, 0, PR_FALSE }, - { /* opt_KeyType */ 'k', PR_TRUE, 0, PR_FALSE }, - { /* opt_DetailedInfo */ 'l', PR_FALSE, 0, PR_FALSE }, - { /* opt_SerialNumber */ 'm', PR_TRUE, 0, PR_FALSE }, - { /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE }, - { /* opt_OutputFile */ 'o', PR_TRUE, 0, PR_FALSE }, - { /* opt_PhoneNumber */ 'p', PR_TRUE, 0, PR_FALSE }, - { /* opt_DBPrefix */ 'P', PR_TRUE, 0, PR_FALSE }, - { /* opt_PQGFile */ 'q', PR_TRUE, 0, PR_FALSE }, - { /* opt_BinaryDER */ 'r', PR_FALSE, 0, PR_FALSE }, - { /* opt_Subject */ 's', PR_TRUE, 0, PR_FALSE }, - { /* opt_Trust */ 't', PR_TRUE, 0, PR_FALSE }, - { /* opt_Usage */ 'u', PR_TRUE, 0, PR_FALSE }, - { /* opt_Validity */ 'v', PR_TRUE, 0, PR_FALSE }, - { /* opt_OffsetMonths */ 'w', PR_TRUE, 0, PR_FALSE }, - { /* opt_SelfSign */ 'x', PR_FALSE, 0, PR_FALSE }, - { /* opt_RW */ 'X', PR_FALSE, 0, PR_FALSE }, - { /* opt_Exponent */ 'y', PR_TRUE, 0, PR_FALSE }, - { /* opt_NoiseFile */ 'z', PR_TRUE, 0, PR_FALSE }, - { /* opt_Hash */ 'Z', PR_TRUE, 0, PR_FALSE }, - { /* opt_NewPasswordFile */ '@', PR_TRUE, 0, PR_FALSE }, - { /* opt_AddAuthInfoAccExt */ 0, PR_FALSE, 0, PR_FALSE, "extAIA" }, - { /* opt_AddSubjInfoAccExt */ 0, PR_FALSE, 0, PR_FALSE, "extSIA" }, - { /* opt_AddCertPoliciesExt */ 0, PR_FALSE, 0, PR_FALSE, "extCP" }, - { /* opt_AddPolicyMapExt */ 0, PR_FALSE, 0, PR_FALSE, "extPM" }, - { /* opt_AddPolicyConstrExt */ 0, PR_FALSE, 0, PR_FALSE, "extPC" }, - { /* opt_AddInhibAnyExt */ 0, PR_FALSE, 0, PR_FALSE, "extIA" }, - { /* opt_AddNameConstraintsExt*/ 0, PR_FALSE, 0, PR_FALSE, "extNC" }, - { /* opt_AddSubjectKeyIDExt */ 0, PR_FALSE, 0, PR_FALSE, - "extSKID" }, - { /* opt_AddCmdKeyUsageExt */ 0, PR_TRUE, 0, PR_FALSE, - "keyUsage" }, - { /* opt_AddCmdNSCertTypeExt */ 0, PR_TRUE, 0, PR_FALSE, - "nsCertType" }, - { /* opt_AddCmdExtKeyUsageExt*/ 0, PR_TRUE, 0, PR_FALSE, - "extKeyUsage" }, - - { /* opt_SourceDir */ 0, PR_TRUE, 0, PR_FALSE, - "source-dir" }, - { /* opt_SourcePrefix */ 0, PR_TRUE, 0, PR_FALSE, - "source-prefix" }, - { /* opt_UpgradeID */ 0, PR_TRUE, 0, PR_FALSE, - "upgrade-id" }, - { /* opt_UpgradeTokenName */ 0, PR_TRUE, 0, PR_FALSE, - "upgrade-token-name" }, - { /* opt_KeyOpFlagsOn */ 0, PR_TRUE, 0, PR_FALSE, - "keyOpFlagsOn" }, - { /* opt_KeyOpFlagsOff */ 0, PR_TRUE, 0, PR_FALSE, - "keyOpFlagsOff" }, - { /* opt_KeyAttrFlags */ 0, PR_TRUE, 0, PR_FALSE, - "keyAttrFlags" }, - { /* opt_EmptyPassword */ 0, PR_FALSE, 0, PR_FALSE, - "empty-password" }, - { /* opt_CertVersion */ 0, PR_TRUE, 0, PR_FALSE, - "certVersion" }, - { /* opt_AddSubjectAltExt */ 0, PR_TRUE, 0, PR_FALSE, "extSAN" }, - { /* opt_DumpExtensionValue */ 0, PR_TRUE, 0, PR_FALSE, - "dump-ext-val" }, - { /* opt_GenericExtensions */ 0, PR_TRUE, 0, PR_FALSE, - "extGeneric" }, - { /* opt_NewNickname */ 0, PR_TRUE, 0, PR_FALSE, - "new-n" }, - { /* opt_Pss */ 0, PR_FALSE, 0, PR_FALSE, - "pss" }, - { /* opt_PssSign */ 0, PR_FALSE, 0, PR_FALSE, - "pss-sign" }, - { /* opt_SimpleSelfSigned */ 0, PR_FALSE, 0, PR_FALSE, - "simple-self-signed" }, - }; +static const secuCommandFlag options_init[] = { + { /* opt_SSOPass */ '0', PR_TRUE, 0, PR_FALSE }, + { /* opt_AddKeyUsageExt */ '1', PR_FALSE, 0, PR_FALSE }, + { /* opt_AddBasicConstraintExt*/ '2', PR_FALSE, 0, PR_FALSE }, + { /* opt_AddAuthorityKeyIDExt*/ '3', PR_FALSE, 0, PR_FALSE }, + { /* opt_AddCRLDistPtsExt */ '4', PR_FALSE, 0, PR_FALSE }, + { /* opt_AddNSCertTypeExt */ '5', PR_FALSE, 0, PR_FALSE }, + { /* opt_AddExtKeyUsageExt */ '6', PR_FALSE, 0, PR_FALSE }, + { /* opt_ExtendedEmailAddrs */ '7', PR_TRUE, 0, PR_FALSE }, + { /* opt_ExtendedDNSNames */ '8', PR_TRUE, 0, PR_FALSE }, + { /* opt_ASCIIForIO */ 'a', PR_FALSE, 0, PR_FALSE }, + { /* opt_ValidityTime */ 'b', PR_TRUE, 0, PR_FALSE }, + { /* opt_IssuerName */ 'c', PR_TRUE, 0, PR_FALSE }, + { /* opt_CertDir */ 'd', PR_TRUE, 0, PR_FALSE }, + { /* opt_VerifySig */ 'e', PR_FALSE, 0, PR_FALSE }, + { /* opt_PasswordFile */ 'f', PR_TRUE, 0, PR_FALSE }, + { /* opt_KeySize */ 'g', PR_TRUE, 0, PR_FALSE }, + { /* opt_TokenName */ 'h', PR_TRUE, 0, PR_FALSE }, + { /* opt_InputFile */ 'i', PR_TRUE, 0, PR_FALSE }, + { /* opt_Emailaddress */ 0, PR_TRUE, 0, PR_FALSE, "email" }, + { /* opt_KeyIndex */ 'j', PR_TRUE, 0, PR_FALSE }, + { /* opt_KeyType */ 'k', PR_TRUE, 0, PR_FALSE }, + { /* opt_DetailedInfo */ 'l', PR_FALSE, 0, PR_FALSE }, + { /* opt_SerialNumber */ 'm', PR_TRUE, 0, PR_FALSE }, + { /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE }, + { /* opt_OutputFile */ 'o', PR_TRUE, 0, PR_FALSE }, + { /* opt_PhoneNumber */ 'p', PR_TRUE, 0, PR_FALSE }, + { /* opt_DBPrefix */ 'P', PR_TRUE, 0, PR_FALSE }, + { /* opt_PQGFile */ 'q', PR_TRUE, 0, PR_FALSE }, + { /* opt_BinaryDER */ 'r', PR_FALSE, 0, PR_FALSE }, + { /* opt_Subject */ 's', PR_TRUE, 0, PR_FALSE }, + { /* opt_Trust */ 't', PR_TRUE, 0, PR_FALSE }, + { /* opt_Usage */ 'u', PR_TRUE, 0, PR_FALSE }, + { /* opt_Validity */ 'v', PR_TRUE, 0, PR_FALSE }, + { /* opt_OffsetMonths */ 'w', PR_TRUE, 0, PR_FALSE }, + { /* opt_SelfSign */ 'x', PR_FALSE, 0, PR_FALSE }, + { /* opt_RW */ 'X', PR_FALSE, 0, PR_FALSE }, + { /* opt_Exponent */ 'y', PR_TRUE, 0, PR_FALSE }, + { /* opt_NoiseFile */ 'z', PR_TRUE, 0, PR_FALSE }, + { /* opt_Hash */ 'Z', PR_TRUE, 0, PR_FALSE }, + { /* opt_NewPasswordFile */ '@', PR_TRUE, 0, PR_FALSE }, + { /* opt_AddAuthInfoAccExt */ 0, PR_FALSE, 0, PR_FALSE, "extAIA" }, + { /* opt_AddSubjInfoAccExt */ 0, PR_FALSE, 0, PR_FALSE, "extSIA" }, + { /* opt_AddCertPoliciesExt */ 0, PR_FALSE, 0, PR_FALSE, "extCP" }, + { /* opt_AddPolicyMapExt */ 0, PR_FALSE, 0, PR_FALSE, "extPM" }, + { /* opt_AddPolicyConstrExt */ 0, PR_FALSE, 0, PR_FALSE, "extPC" }, + { /* opt_AddInhibAnyExt */ 0, PR_FALSE, 0, PR_FALSE, "extIA" }, + { /* opt_AddNameConstraintsExt*/ 0, PR_FALSE, 0, PR_FALSE, "extNC" }, + { /* opt_AddSubjectKeyIDExt */ 0, PR_FALSE, 0, PR_FALSE, + "extSKID" }, + { /* opt_AddCmdKeyUsageExt */ 0, PR_TRUE, 0, PR_FALSE, + "keyUsage" }, + { /* opt_AddCmdNSCertTypeExt */ 0, PR_TRUE, 0, PR_FALSE, + "nsCertType" }, + { /* opt_AddCmdExtKeyUsageExt*/ 0, PR_TRUE, 0, PR_FALSE, + "extKeyUsage" }, + + { /* opt_SourceDir */ 0, PR_TRUE, 0, PR_FALSE, + "source-dir" }, + { /* opt_SourcePrefix */ 0, PR_TRUE, 0, PR_FALSE, + "source-prefix" }, + { /* opt_UpgradeID */ 0, PR_TRUE, 0, PR_FALSE, + "upgrade-id" }, + { /* opt_UpgradeTokenName */ 0, PR_TRUE, 0, PR_FALSE, + "upgrade-token-name" }, + { /* opt_KeyOpFlagsOn */ 0, PR_TRUE, 0, PR_FALSE, + "keyOpFlagsOn" }, + { /* opt_KeyOpFlagsOff */ 0, PR_TRUE, 0, PR_FALSE, + "keyOpFlagsOff" }, + { /* opt_KeyAttrFlags */ 0, PR_TRUE, 0, PR_FALSE, + "keyAttrFlags" }, + { /* opt_EmptyPassword */ 0, PR_FALSE, 0, PR_FALSE, + "empty-password" }, + { /* opt_CertVersion */ 0, PR_TRUE, 0, PR_FALSE, + "certVersion" }, + { /* opt_AddSubjectAltExt */ 0, PR_TRUE, 0, PR_FALSE, "extSAN" }, + { /* opt_DumpExtensionValue */ 0, PR_TRUE, 0, PR_FALSE, + "dump-ext-val" }, + { /* opt_GenericExtensions */ 0, PR_TRUE, 0, PR_FALSE, + "extGeneric" }, + { /* opt_NewNickname */ 0, PR_TRUE, 0, PR_FALSE, + "new-n" }, + { /* opt_Pss */ 0, PR_FALSE, 0, PR_FALSE, + "pss" }, + { /* opt_PssSign */ 0, PR_FALSE, 0, PR_FALSE, + "pss-sign" }, + { /* opt_SimpleSelfSigned */ 0, PR_FALSE, 0, PR_FALSE, + "simple-self-signed" }, +}; #define NUM_OPTIONS ((sizeof options_init) / (sizeof options_init[0])) static secuCommandFlag certutil_commands[NUM_COMMANDS]; |