diff options
| author | cinap_lenrek <cinap_lenrek@felloff.net> | 2021-07-04 22:00:24 +0000 |
|---|---|---|
| committer | cinap_lenrek <cinap_lenrek@felloff.net> | 2021-07-04 22:00:24 +0000 |
| commit | 88060e7501de5c117b86e1d29bc24ec8e83141a8 (patch) | |
| tree | 3332d6fea36e77c622b81995cb3cb22465abbddc /sys/src/cmd/auth | |
| parent | 7010ad85c5a5648ea86d4f17a6b1547c10823938 (diff) | |
libsec: add X509reqtoRSApub() function and return subject alt names in X509to*pub() name buffer
We need a way to parse a rsa certificate request and return the public
key and subject names. The new function X509reqtoRSApub() works the
same way as X509toRSApub() but on a certificate request.
We also need to support certificates that are valid for multiple domain
names (as tlshand does not support certificate selection). For this
reason, a comma separated list is returned as the certificate subject,
making it symmetric to X509rsareq() handling.
A little helper is provided with this change (auth/x5092pub) that takes
a certificate (or a certificate request when -r flag is provided) and
outputs the RSA public key in plan 9 format appended with the subject
attribute.
Diffstat (limited to 'sys/src/cmd/auth')
| -rw-r--r-- | sys/src/cmd/auth/mkfile | 1 | ||||
| -rw-r--r-- | sys/src/cmd/auth/x5092pub.c | 63 |
2 files changed, 64 insertions, 0 deletions
diff --git a/sys/src/cmd/auth/mkfile b/sys/src/cmd/auth/mkfile index 833e257be..bf5dbff2d 100644 --- a/sys/src/cmd/auth/mkfile +++ b/sys/src/cmd/auth/mkfile @@ -35,6 +35,7 @@ TARG=\ userpasswd\ warning\ wrkey\ + x5092pub\ DIRS=\ factotum\ diff --git a/sys/src/cmd/auth/x5092pub.c b/sys/src/cmd/auth/x5092pub.c new file mode 100644 index 000000000..2b9ef2067 --- /dev/null +++ b/sys/src/cmd/auth/x5092pub.c @@ -0,0 +1,63 @@ +#include <u.h> +#include <libc.h> +#include <bio.h> +#include <auth.h> +#include <mp.h> +#include <libsec.h> + +int fd; +int req = 0; +char subject[1024]; + +void +usage(void) +{ + fprint(2, "usage: aux/x5092pub [-r] [file]\n"); + exits("usage"); +} + +void +main(int argc, char **argv) +{ + int tot, n; + uchar *buf; + RSApub *pub; + + quotefmtinstall(); + fmtinstall('B', mpfmt); + fmtinstall('H', encodefmt); + + ARGBEGIN{ + case 'r': + req = 1; + break; + default: + usage(); + }ARGEND + + fd = 0; + if(argc == 1) + fd = open(argv[0], OREAD); + else if(argc != 0) + usage(); + buf = nil; + tot = 0; + for(;;){ + buf = realloc(buf, tot+8192); + if(buf == nil) + sysfatal("realloc: %r"); + if((n = read(fd, buf+tot, 8192)) < 0) + sysfatal("read: %r"); + if(n == 0) + break; + tot += n; + } + if(req) + pub = X509reqtoRSApub(buf, tot, subject, sizeof(subject)); + else + pub = X509toRSApub(buf, tot, subject, sizeof(subject)); + if(pub == nil) + sysfatal("X509toRSApub: %r"); + print("key proto=rsa size=%d ek=%B n=%B subject=%q \n", mpsignif(pub->n), pub->ek, pub->n, subject); + exits(nil); +} |