65b5f5ca69dbf6cd6812ca16aa99f1c93127a1e5
[strongswan.git] / src / pki / commands / gen.c
1 /*
2 * Copyright (C) 2009 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "pki.h"
17
18 /**
19 * Generate a private key
20 */
21 static int gen(int argc, char *argv[])
22 {
23 key_encoding_type_t form = KEY_PRIV_ASN1_DER;
24 key_type_t type = KEY_RSA;
25 u_int size = 0;
26 private_key_t *key;
27 chunk_t encoding;
28
29 while (TRUE)
30 {
31 switch (getopt_long(argc, argv, "", command_opts, NULL))
32 {
33 case 'h':
34 return command_usage(NULL);
35 case 'v':
36 dbg_level = atoi(optarg);
37 continue;
38 case 't':
39 if (streq(optarg, "rsa"))
40 {
41 type = KEY_RSA;
42 }
43 else if (streq(optarg, "ecdsa"))
44 {
45 type = KEY_ECDSA;
46 }
47 else
48 {
49 return command_usage("invalid key type");
50 }
51 continue;
52 case 'o':
53 if (!get_form(optarg, &form, FALSE))
54 {
55 return command_usage("invalid key output format");
56 }
57 continue;
58 case 's':
59 size = atoi(optarg);
60 if (!size)
61 {
62 return command_usage("invalid key size");
63 }
64 continue;
65 case EOF:
66 break;
67 default:
68 return command_usage("invalid --gen option");
69 }
70 break;
71 }
72 /* default key sizes */
73 if (!size)
74 {
75 switch (type)
76 {
77 case KEY_RSA:
78 size = 2048;
79 break;
80 case KEY_ECDSA:
81 size = 384;
82 break;
83 default:
84 break;
85 }
86 }
87 key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
88 BUILD_KEY_SIZE, size, BUILD_END);
89 if (!key)
90 {
91 fprintf(stderr, "private key generation failed\n");
92 return 1;
93 }
94 if (!key->get_encoding(key, form, &encoding))
95 {
96 fprintf(stderr, "private key encoding failed\n");
97 key->destroy(key);
98 return 1;
99 }
100 key->destroy(key);
101 if (fwrite(encoding.ptr, encoding.len, 1, stdout) != 1)
102 {
103 fprintf(stderr, "writing private key failed\n");
104 free(encoding.ptr);
105 return 1;
106 }
107 free(encoding.ptr);
108 return 0;
109 }
110
111 /**
112 * Register the command.
113 */
114 static void __attribute__ ((constructor))reg()
115 {
116 command_register((command_t) {
117 gen, 'g', "gen", "generate a new private key",
118 {"[--type rsa|ecdsa] [--size bits] [--outform der|pem|pgp]"},
119 {
120 {"help", 'h', 0, "show usage information"},
121 {"type", 't', 1, "type of key, default: rsa"},
122 {"size", 's', 1, "keylength in bits, default: rsa 2048, ecdsa 384"},
123 {"outform", 'f', 1, "encoding of generated private key"},
124 {"debug", 'v', 1, "set debug level, default: 1"},
125 }
126 });
127 }
128