1 Provide additional "csr" action for px5g.
3 Signed-off-by: Lars Kruse <devel@sumpfralle.de>
5 --- a/openwrt/package/utils/px5g-standalone/src/px5g.c
6 +++ b/openwrt/package/utils/px5g-standalone/src/px5g.c
7 @@ -75,23 +75,23 @@ int rsakey(char **arg) {
11 -int selfsigned(char **arg) {
12 +// prepare an x509 object for "selfsigned" or "csr"
13 +int prepare_x509(char **arg, rsa_context *rsa_ptr, x509_raw *cert_ptr, int *flag_ptr, char **certpath) {
19 unsigned int ksize = 512;
21 unsigned int days = 30;
22 - char *keypath = NULL, *certpath = NULL;
23 - int flag = X509_OUTPUT_PEM;
24 + char *keypath = NULL;
25 time_t from = time(NULL), to;
26 char fstr[20], tstr[20];
27 + *flag_ptr = X509_OUTPUT_PEM;
29 while (*arg && **arg == '-') {
30 if (!strcmp(*arg, "-der")) {
31 - flag = X509_OUTPUT_DER;
32 + *flag_ptr = X509_OUTPUT_DER;
33 } else if (!strcmp(*arg, "-newkey") && arg[1]) {
34 if (strncmp(arg[1], "rsa:", 4)) {
35 fprintf(stderr, "error: invalid algorithm");
36 @@ -106,7 +106,7 @@ int selfsigned(char **arg) {
39 } else if (!strcmp(*arg, "-out") && arg[1]) {
43 } else if (!strcmp(*arg, "-subj") && arg[1]) {
44 if (arg[1][0] != '/' || strchr(arg[1], ';')) {
45 @@ -140,16 +140,16 @@ int selfsigned(char **arg) {
49 - rsa_init(&rsa, RSA_PKCS_V15, 0, havege_rand, &hs);
50 + rsa_init(rsa_ptr, RSA_PKCS_V15, 0, havege_rand, &hs);
51 x509write_init_node(&node);
52 fprintf(stderr, "Generating RSA private key, %i bit long modulus\n", ksize);
53 - if (rsa_gen_key(&rsa, ksize, exp)) {
54 + if (rsa_gen_key(rsa_ptr, ksize, exp)) {
55 fprintf(stderr, "error: key generation failed\n");
60 - if (x509write_keyfile(&rsa, keypath, flag)) {
61 + if (x509write_keyfile(rsa_ptr, keypath, *flag_ptr)) {
62 fprintf(stderr, "error: I/O error\n");
65 @@ -162,15 +162,29 @@ int selfsigned(char **arg) {
67 strftime(tstr, sizeof(tstr), "%F %H:%M:%S", gmtime(&to));
70 - x509write_init_raw(&cert);
71 - x509write_add_pubkey(&cert, &rsa);
72 - x509write_add_subject(&cert, (unsigned char*)subject);
73 - x509write_add_validity(&cert, (unsigned char*)fstr, (unsigned char*)tstr);
74 - fprintf(stderr, "Generating selfsigned certificate with subject '%s'"
75 + x509write_init_raw(cert_ptr);
76 + x509write_add_pubkey(cert_ptr, rsa_ptr);
77 + x509write_add_subject(cert_ptr, (unsigned char*)subject);
78 + x509write_add_validity(cert_ptr, (unsigned char*)fstr, (unsigned char*)tstr);
79 + fprintf(stderr, "Generating x509 object with subject '%s'"
80 " and validity %s-%s\n", subject, fstr, tstr);
84 +int selfsigned(char **arg) {
88 + char *certpath = NULL;
90 + if (prepare_x509(arg, &rsa, &cert, &flag, &certpath)) {
91 + fprintf(stderr, "error: preparing x509 object failed\n");
95 if (x509write_create_selfsign(&cert, &rsa)) {
96 fprintf(stderr, "error: certificate generation failed\n");
100 if (x509write_crtfile(&cert, (unsigned char*)certpath, flag)) {
101 @@ -183,6 +197,32 @@ int selfsigned(char **arg) {
105 +int csr(char **arg) {
109 + char *csrpath = NULL;
111 + if (prepare_x509(arg, &rsa, &csr, &flag, &csrpath)) {
112 + fprintf(stderr, "error: preparing x509 object failed\n");
116 + if (x509write_create_csr(&csr, &rsa)) {
117 + fprintf(stderr, "error: CSR generation failed\n");
121 + if (x509write_csrfile(&csr, (unsigned char*)csrpath, flag)) {
122 + fprintf(stderr, "error: I/O error\n");
126 + x509write_free_raw(&csr);
131 int main(int argc, char *argv[]) {
134 @@ -190,11 +230,13 @@ int main(int argc, char *argv[]) {
135 return rsakey(argv+2);
136 } else if (!strcmp(argv[1], "selfsigned")) {
137 return selfsigned(argv+2);
138 + } else if (!strcmp(argv[1], "csr")) {
139 + return csr(argv+2);
143 "PX5G X.509 Certificate Generator Utility v" PX5G_VERSION "\n" PX5G_COPY
144 "\nbased on PolarSSL by Christophe Devine and Paul Bakker\n\n");
145 - fprintf(stderr, "Usage: %s [rsakey|selfsigned]\n", *argv);
146 + fprintf(stderr, "Usage: %s [rsakey|selfsigned|csr]\n", *argv);
1.8.8 
