projects / strongswan.git / blob
? search:


5e7839fd6588848f065195ef146d9eaae888fdb5
[strongswan.git] / src / pki / commands / pub.c
1 /*
2 * Copyright (C) 2009 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "pki.h"
17
18 #include <credentials/certificates/certificate.h>
19 #include <credentials/certificates/x509.h>
20
21 /**
22 * Extract a public key from a private key/certificate
23 */
24 static int pub(int argc, char *argv[])
25 {
26 key_encoding_type_t form = KEY_PUB_SPKI_ASN1_DER;
27 credential_type_t type = CRED_PRIVATE_KEY;
28 int subtype = KEY_RSA;
29 certificate_t *cert;
30 private_key_t *private;
31 public_key_t *public;
32 chunk_t encoding;
33 char *file = NULL;
34 void *cred;
35
36 while (TRUE)
37 {
38 switch (getopt_long(argc, argv, "", command_opts, NULL))
39 {
40 case 'h':
41 return command_usage(CMD_PUB, NULL);
42 case 't':
43 if (streq(optarg, "rsa"))
44 {
45 type = CRED_PRIVATE_KEY;
46 subtype = KEY_RSA;
47 }
48 else if (streq(optarg, "ecdsa"))
49 {
50 type = CRED_PRIVATE_KEY;
51 subtype = KEY_ECDSA;
52 }
53 else if (streq(optarg, "x509"))
54 {
55 type = CRED_CERTIFICATE;
56 subtype = CERT_X509;
57 }
58 else
59 {
60 return command_usage(CMD_PUB, "invalid input type");
61 }
62 continue;
63 case 'f':
64 if (!get_form(optarg, &form, TRUE))
65 {
66 return command_usage(CMD_PUB, "invalid output format");
67 }
68 continue;
69 case 'i':
70 file = optarg;
71 continue;
72 case EOF:
73 break;
74 default:
75 return command_usage(CMD_PUB, "invalid --pub option");
76 }
77 break;
78 }
79 if (file)
80 {
81 cred = lib->creds->create(lib->creds, type, subtype,
82 BUILD_FROM_FILE, file, BUILD_END);
83 }
84 else
85 {
86 cred = lib->creds->create(lib->creds, type, subtype,
87 BUILD_FROM_FD, 0, BUILD_END);
88 }
89
90 if (type == CRED_PRIVATE_KEY)
91 {
92 private = cred;
93 if (!private)
94 {
95 fprintf(stderr, "parsing private key failed\n");
96 return 1;
97 }
98 public = private->get_public_key(private);
99 private->destroy(private);
100 }
101 else
102 {
103 cert = cred;
104 if (!cert)
105 {
106 fprintf(stderr, "parsing certificate failed\n");
107 return 1;
108 }
109 public = cert->get_public_key(cert);
110 cert->destroy(cert);
111 }
112 if (!public)
113 {
114 fprintf(stderr, "extracting public key failed\n");
115 return 1;
116 }
117 if (!public->get_encoding(public, form, &encoding))
118 {
119 fprintf(stderr, "public key encoding failed\n");
120 public->destroy(public);
121 return 1;
122 }
123 public->destroy(public);
124 if (fwrite(encoding.ptr, encoding.len, 1, stdout) != 1)
125 {
126 fprintf(stderr, "writing public key failed\n");
127 free(encoding.ptr);
128 return 1;
129 }
130 free(encoding.ptr);
131 return 0;
132 }
133
134 /**
135 * Register the command.
136 */
137 static void __attribute__ ((constructor))reg()
138 {
139 command_register(CMD_PUB, (command_t) {
140 pub, 'p', "pub",
141 "extract the public key from a private key/certificate",
142 {"[--in file] [--type rsa|ecdsa|x509] [--outform der|pem|pgp]"},
143 {
144 {"help", 'h', 0, "show usage information"},
145 {"in", 'i', 1, "input file, default: stdin"},
146 {"type", 't', 1, "type of credential, default: rsa"},
147 {"outform", 'f', 1, "encoding of extracted public key"},
148 }
149 });
150 }
151
strongSwan - IPsec VPN