splitted PKI tool to a file per command
[strongswan.git] / src / pki / commands / keyid.c
1 /*
2 * Copyright (C) 2009 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "pki.h"
17
18 #include <credentials/certificates/certificate.h>
19 #include <credentials/certificates/x509.h>
20
21 /**
22 * Calculate the keyid of a key/certificate
23 */
24 static int keyid(int argc, char *argv[])
25 {
26 credential_type_t type = CRED_PRIVATE_KEY;
27 int subtype = KEY_RSA;
28 certificate_t *cert;
29 private_key_t *private;
30 public_key_t *public;
31 char *file = NULL;
32 void *cred;
33 chunk_t id;
34
35 while (TRUE)
36 {
37 switch (getopt_long(argc, argv, "", command_opts, NULL))
38 {
39 case 'h':
40 return command_usage(CMD_KEYID, NULL);
41 case 't':
42 if (streq(optarg, "rsa-priv"))
43 {
44 type = CRED_PRIVATE_KEY;
45 subtype = KEY_RSA;
46 }
47 else if (streq(optarg, "ecdsa-priv"))
48 {
49 type = CRED_PRIVATE_KEY;
50 subtype = KEY_ECDSA;
51 }
52 else if (streq(optarg, "pub"))
53 {
54 type = CRED_PUBLIC_KEY;
55 subtype = KEY_ANY;
56 }
57 else if (streq(optarg, "x509"))
58 {
59 type = CRED_CERTIFICATE;
60 subtype = CERT_X509;
61 }
62 else
63 {
64 return command_usage(CMD_KEYID, "invalid input type");
65 }
66 continue;
67 case 'i':
68 file = optarg;
69 continue;
70 case EOF:
71 break;
72 default:
73 return command_usage(CMD_KEYID, "invalid --keyid option");
74 }
75 break;
76 }
77 if (file)
78 {
79 cred = lib->creds->create(lib->creds, type, subtype,
80 BUILD_FROM_FILE, file, BUILD_END);
81 }
82 else
83 {
84 cred = lib->creds->create(lib->creds, type, subtype,
85 BUILD_FROM_FD, 0, BUILD_END);
86 }
87 if (!cred)
88 {
89 fprintf(stderr, "parsing input failed\n");
90 return 1;
91 }
92
93 if (type == CRED_PRIVATE_KEY)
94 {
95 private = cred;
96 if (private->get_fingerprint(private, KEY_ID_PUBKEY_SHA1, &id))
97 {
98 printf("subjectKeyIdentifier: %#B\n", &id);
99 }
100 if (private->get_fingerprint(private, KEY_ID_PUBKEY_INFO_SHA1, &id))
101 {
102 printf("subjectPublicKeyInfo hash: %#B\n", &id);
103 }
104 private->destroy(private);
105 }
106 else if (type == CRED_PUBLIC_KEY)
107 {
108 public = cred;
109 if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &id))
110 {
111 printf("subjectKeyIdentifier: %#B\n", &id);
112 }
113 if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &id))
114 {
115 printf("subjectPublicKeyInfo hash: %#B\n", &id);
116 }
117 public->destroy(public);
118 }
119 else
120 {
121 cert = cred;
122 public = cert->get_public_key(cert);
123 if (!public)
124 {
125 fprintf(stderr, "extracting public key from certificate failed");
126 return 1;
127 }
128 if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &id))
129 {
130 printf("subjectKeyIdentifier: %#B\n", &id);
131 }
132 if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &id))
133 {
134 printf("subjectPublicKeyInfo hash: %#B\n", &id);
135 }
136 public->destroy(public);
137 cert->destroy(cert);
138 }
139 return 0;
140 }
141
142 /**
143 * Register the command.
144 */
145 static void __attribute__ ((constructor))reg()
146 {
147 command_register(CMD_KEYID, (command_t)
148 { keyid, 'k', "keyid",
149 "calculate key identifiers of a key/certificate",
150 {"[--in file] [--type rsa-priv|ecdsa-priv|pub|x509]"},
151 {
152 {"help", 'h', 0, "show usage information"},
153 {"in", 'i', 1, "input file, default: stdin"},
154 {"type", 't', 1, "type of key, default: rsa-priv"},
155 }
156 });
157 }
158