| version 1.12, 2022/11/11 17:07:39 |
version 1.13, 2023/03/06 14:32:06 |
|
|
| char *spkac; |
char *spkac; |
| char *spksect; |
char *spksect; |
| int verify; |
int verify; |
| } spkac_config; |
} cfg; |
| |
|
| static const struct option spkac_options[] = { |
static const struct option spkac_options[] = { |
| { |
{ |
|
|
| .argname = "string", |
.argname = "string", |
| .desc = "Specify challenge string if SPKAC is generated", |
.desc = "Specify challenge string if SPKAC is generated", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &spkac_config.challenge, |
.opt.arg = &cfg.challenge, |
| }, |
}, |
| { |
{ |
| .name = "in", |
.name = "in", |
| .argname = "file", |
.argname = "file", |
| .desc = "Input file (default stdin)", |
.desc = "Input file (default stdin)", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &spkac_config.infile, |
.opt.arg = &cfg.infile, |
| }, |
}, |
| { |
{ |
| .name = "key", |
.name = "key", |
| .argname = "file", |
.argname = "file", |
| .desc = "Create SPKAC using private key file", |
.desc = "Create SPKAC using private key file", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &spkac_config.keyfile, |
.opt.arg = &cfg.keyfile, |
| }, |
}, |
| { |
{ |
| .name = "noout", |
.name = "noout", |
| .desc = "Do not print text version of SPKAC", |
.desc = "Do not print text version of SPKAC", |
| .type = OPTION_FLAG, |
.type = OPTION_FLAG, |
| .opt.flag = &spkac_config.noout, |
.opt.flag = &cfg.noout, |
| }, |
}, |
| { |
{ |
| .name = "out", |
.name = "out", |
| .argname = "file", |
.argname = "file", |
| .desc = "Output file (default stdout)", |
.desc = "Output file (default stdout)", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &spkac_config.outfile, |
.opt.arg = &cfg.outfile, |
| }, |
}, |
| { |
{ |
| .name = "passin", |
.name = "passin", |
| .argname = "src", |
.argname = "src", |
| .desc = "Input file passphrase source", |
.desc = "Input file passphrase source", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &spkac_config.passargin, |
.opt.arg = &cfg.passargin, |
| }, |
}, |
| { |
{ |
| .name = "pubkey", |
.name = "pubkey", |
| .desc = "Output public key of an SPKAC (not used if creating)", |
.desc = "Output public key of an SPKAC (not used if creating)", |
| .type = OPTION_FLAG, |
.type = OPTION_FLAG, |
| .opt.flag = &spkac_config.pubkey, |
.opt.flag = &cfg.pubkey, |
| }, |
}, |
| { |
{ |
| .name = "spkac", |
.name = "spkac", |
| .argname = "name", |
.argname = "name", |
| .desc = "SPKAC name (default \"SPKAC\")", |
.desc = "SPKAC name (default \"SPKAC\")", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &spkac_config.spkac, |
.opt.arg = &cfg.spkac, |
| }, |
}, |
| { |
{ |
| .name = "spksect", |
.name = "spksect", |
|
|
| .desc = "Name of the section containing SPKAC (default" |
.desc = "Name of the section containing SPKAC (default" |
| " \"default\")", |
" \"default\")", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &spkac_config.spksect, |
.opt.arg = &cfg.spksect, |
| }, |
}, |
| { |
{ |
| .name = "verify", |
.name = "verify", |
| .desc = "Verify digital signature on supplied SPKAC", |
.desc = "Verify digital signature on supplied SPKAC", |
| .type = OPTION_FLAG, |
.type = OPTION_FLAG, |
| .opt.flag = &spkac_config.verify, |
.opt.flag = &cfg.verify, |
| }, |
}, |
| { NULL } |
{ NULL } |
| }; |
}; |
|
|
| exit(1); |
exit(1); |
| } |
} |
| |
|
| memset(&spkac_config, 0, sizeof(spkac_config)); |
memset(&cfg, 0, sizeof(cfg)); |
| spkac_config.spkac = "SPKAC"; |
cfg.spkac = "SPKAC"; |
| spkac_config.spksect = "default"; |
cfg.spksect = "default"; |
| |
|
| if (options_parse(argc, argv, spkac_options, NULL, NULL) != 0) { |
if (options_parse(argc, argv, spkac_options, NULL, NULL) != 0) { |
| spkac_usage(); |
spkac_usage(); |
| return (1); |
return (1); |
| } |
} |
| |
|
| if (!app_passwd(bio_err, spkac_config.passargin, NULL, &passin, NULL)) { |
if (!app_passwd(bio_err, cfg.passargin, NULL, &passin, NULL)) { |
| BIO_printf(bio_err, "Error getting password\n"); |
BIO_printf(bio_err, "Error getting password\n"); |
| goto end; |
goto end; |
| } |
} |
| |
|
| if (spkac_config.keyfile) { |
if (cfg.keyfile) { |
| pkey = load_key(bio_err, |
pkey = load_key(bio_err, |
| strcmp(spkac_config.keyfile, "-") ? spkac_config.keyfile |
strcmp(cfg.keyfile, "-") ? cfg.keyfile |
| : NULL, FORMAT_PEM, 1, passin, "private key"); |
: NULL, FORMAT_PEM, 1, passin, "private key"); |
| if (!pkey) { |
if (!pkey) { |
| goto end; |
goto end; |
| } |
} |
| spki = NETSCAPE_SPKI_new(); |
spki = NETSCAPE_SPKI_new(); |
| if (spkac_config.challenge) |
if (cfg.challenge) |
| ASN1_STRING_set(spki->spkac->challenge, |
ASN1_STRING_set(spki->spkac->challenge, |
| spkac_config.challenge, |
cfg.challenge, |
| (int) strlen(spkac_config.challenge)); |
(int) strlen(cfg.challenge)); |
| NETSCAPE_SPKI_set_pubkey(spki, pkey); |
NETSCAPE_SPKI_set_pubkey(spki, pkey); |
| NETSCAPE_SPKI_sign(spki, pkey, EVP_md5()); |
NETSCAPE_SPKI_sign(spki, pkey, EVP_md5()); |
| spkstr = NETSCAPE_SPKI_b64_encode(spki); |
spkstr = NETSCAPE_SPKI_b64_encode(spki); |
|
|
| goto end; |
goto end; |
| } |
} |
| |
|
| if (spkac_config.outfile) |
if (cfg.outfile) |
| out = BIO_new_file(spkac_config.outfile, "w"); |
out = BIO_new_file(cfg.outfile, "w"); |
| else |
else |
| out = BIO_new_fp(stdout, BIO_NOCLOSE); |
out = BIO_new_fp(stdout, BIO_NOCLOSE); |
| |
|
|
|
| free(spkstr); |
free(spkstr); |
| goto end; |
goto end; |
| } |
} |
| if (spkac_config.infile) |
if (cfg.infile) |
| in = BIO_new_file(spkac_config.infile, "r"); |
in = BIO_new_file(cfg.infile, "r"); |
| else |
else |
| in = BIO_new_fp(stdin, BIO_NOCLOSE); |
in = BIO_new_fp(stdin, BIO_NOCLOSE); |
| |
|
|
|
| ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
| goto end; |
goto end; |
| } |
} |
| spkstr = NCONF_get_string(conf, spkac_config.spksect, |
spkstr = NCONF_get_string(conf, cfg.spksect, |
| spkac_config.spkac); |
cfg.spkac); |
| |
|
| if (!spkstr) { |
if (!spkstr) { |
| BIO_printf(bio_err, "Can't find SPKAC called \"%s\"\n", |
BIO_printf(bio_err, "Can't find SPKAC called \"%s\"\n", |
| spkac_config.spkac); |
cfg.spkac); |
| ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
| goto end; |
goto end; |
| } |
} |
|
|
| ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
| goto end; |
goto end; |
| } |
} |
| if (spkac_config.outfile) |
if (cfg.outfile) |
| out = BIO_new_file(spkac_config.outfile, "w"); |
out = BIO_new_file(cfg.outfile, "w"); |
| else { |
else { |
| out = BIO_new_fp(stdout, BIO_NOCLOSE); |
out = BIO_new_fp(stdout, BIO_NOCLOSE); |
| } |
} |
|
|
| ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
| goto end; |
goto end; |
| } |
} |
| if (!spkac_config.noout) |
if (!cfg.noout) |
| NETSCAPE_SPKI_print(out, spki); |
NETSCAPE_SPKI_print(out, spki); |
| pkey = NETSCAPE_SPKI_get_pubkey(spki); |
pkey = NETSCAPE_SPKI_get_pubkey(spki); |
| if (spkac_config.verify) { |
if (cfg.verify) { |
| i = NETSCAPE_SPKI_verify(spki, pkey); |
i = NETSCAPE_SPKI_verify(spki, pkey); |
| if (i > 0) |
if (i > 0) |
| BIO_printf(bio_err, "Signature OK\n"); |
BIO_printf(bio_err, "Signature OK\n"); |
|
|
| goto end; |
goto end; |
| } |
} |
| } |
} |
| if (spkac_config.pubkey) |
if (cfg.pubkey) |
| PEM_write_bio_PUBKEY(out, pkey); |
PEM_write_bio_PUBKEY(out, pkey); |
| |
|
| ret = 0; |
ret = 0; |
![[BACK]](/icons/back.gif){kind=icon}
Return to spkac.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / openssl