#include "pki.h"
+#include <debug.h>
#include <utils/linked_list.h>
#include <utils/optionsfrom.h>
#include <credentials/certificates/certificate.h>
while (TRUE)
{
- switch (getopt_long(argc, argv, "", command_opts, NULL))
+ switch (getopt_long(argc, argv, command_optstring, command_opts, NULL))
{
case 'h':
goto usage;
+ case 'v':
+ dbg_level = atoi(optarg);
+ continue;
case '+':
if (!options->from(options, optarg, &argc, &argv, optind))
{
goto end;
}
}
+
+ DBG2("Reading ca certificate:");
ca = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
BUILD_FROM_FILE, cacert, BUILD_END);
if (!ca)
error = "CA certificate misses CA basicConstraint";
goto end;
}
-
public = ca->get_public_key(ca);
if (!public)
{
error = "extracting CA certificate public key failed";
goto end;
}
+
+ DBG2("Reading ca private key:");
private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY,
public->get_type(public),
BUILD_FROM_FILE, cakey, BUILD_END);
identification_t *subjectAltName;
pkcs10_t *req;
+ DBG2("Reading certificate request");
if (file)
{
cert_req = lib->creds->create(lib->creds, CRED_CERTIFICATE,
}
else
{
+ DBG2("Reading public key:");
if (file)
{
public = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY,
not_before = time(NULL);
not_after = not_before + lifetime * 24 * 60 * 60;
-
+
cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
BUILD_SIGNING_KEY, private, BUILD_SIGNING_CERT, ca,
BUILD_PUBLIC_KEY, public, BUILD_SUBJECT, id,
{"crl", 'u', 1, "CRL distribution point URI to include"},
{"ocsp", 'o', 1, "OCSP AuthorityInfoAccess URI to include"},
{"digest", 'g', 1, "digest for signature creation, default: sha1"},
+ {"debug", 'v', 1, "set debug level, default: 1"},
{"options", '+', 1, "read command line options from file"},
}
});
projects / strongswan.git / blobdiff