pki: --pub also accepts public keys (i.e. to convert them to a different format)
authorTobias Brunner <tobias@strongswan.org>
Thu, 15 Aug 2013 10:43:30 +0000 (12:43 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 13 Sep 2013 13:23:49 +0000 (15:23 +0200)
src/pki/commands/pub.c
src/pki/man/pki---pub.1.in

index d85ee9f..537af51 100644 (file)
@@ -51,6 +51,11 @@ static int pub()
                                        type = CRED_PRIVATE_KEY;
                                        subtype = KEY_ECDSA;
                                }
+                               else if (streq(arg, "pub"))
+                               {
+                                       type = CRED_PUBLIC_KEY;
+                                       subtype = KEY_ANY;
+                               }
                                else if (streq(arg, "pkcs10"))
                                {
                                        type = CRED_CERTIFICATE;
@@ -116,6 +121,15 @@ static int pub()
                public = private->get_public_key(private);
                private->destroy(private);
        }
+       else if (type == CRED_PUBLIC_KEY)
+       {
+               public = cred;
+               if (!public)
+               {
+                       fprintf(stderr, "parsing public key failed\n");
+                       return 1;
+               }
+       }
        else
        {
                cert = cred;
@@ -157,7 +171,7 @@ static void __attribute__ ((constructor))reg()
        command_register((command_t) {
                pub, 'p', "pub",
                "extract the public key from a private key/certificate",
-               {"[--in file|--keyid hex] [--type rsa|ecdsa|pkcs10|x509]",
+               {"[--in file|--keyid hex] [--type rsa|ecdsa|pub|pkcs10|x509]",
                 "[--outform der|pem|dnskey|sshkey]"},
                {
                        {"help",        'h', 0, "show usage information"},
index a1b9b0a..c57e03a 100644 (file)
@@ -48,8 +48,9 @@ Input file. If not given the input is read from \fISTDIN\fR.
 .TP
 .BI "\-t, \-\-type " type
 Type of input. One of \fIrsa\fR (RSA private key), \fIecdsa\fR (ECDSA
-private key), \fIpkcs10\fR (PKCS#10 certificate request), \fIx509\fR (X.509
-certificate), defaults to \fIrsa\fR.
+private key), \fIpub\fR (public key),
+\fIpkcs10\fR (PKCS#10 certificate request), or \fIx509\fR (X.509 certificate),
+defaults to \fIrsa\fR.
 .TP
 .BI "\-f, \-\-outform " encoding
 Encoding of the extracted public key. One of \fIder\fR (ASN.1 DER), \fIpem\fR