int main(int argc, char **argv)
{
SECStatus rv;
char *nickname = NULL;
char *trusts = NULL;
char *progName;
PRFileDesc *infile;
CERTCertTrust trust = { 0 };
SECItem derItem = { 0 };
PRInt32 crlentry = 0;
PRInt32 mutuallyExclusiveOpts = 0;
PRBool decodeTrust = PR_FALSE;
secuCommand addbuiltin = { 0 };
addbuiltin.numOptions = sizeof(addbuiltin_options)/sizeof(secuCommandFlag);
addbuiltin.options = addbuiltin_options;
progName = strrchr(argv[0], '/');
progName = progName ? progName+1 : argv[0];
rv = SECU_ParseCommandLine(argc, argv, progName, &addbuiltin);
if (rv != SECSuccess)
Usage(progName);
if (addbuiltin.options[opt_Trust].activated)
++mutuallyExclusiveOpts;
if (addbuiltin.options[opt_Distrust].activated)
++mutuallyExclusiveOpts;
if (addbuiltin.options[opt_DistrustCRL].activated)
++mutuallyExclusiveOpts;
if (mutuallyExclusiveOpts != 1) {
fprintf(stderr, "%s: you must specify exactly one of -t or -D or -C\n",
progName);
Usage(progName);
}
if (addbuiltin.options[opt_DistrustCRL].activated) {
if (!addbuiltin.options[opt_CRLEnry].activated) {
fprintf(stderr, "%s: you must specify the CRL entry number.\n",
progName);
Usage(progName);
}
else {
crlentry = atoi(addbuiltin.options[opt_CRLEnry].arg);
if (crlentry < 1) {
fprintf(stderr, "%s: The CRL entry number must be > 0.\n",
progName);
Usage(progName);
}
}
}
if (!addbuiltin.options[opt_Nickname].activated) {
fprintf(stderr, "%s: you must specify parameter -n (a nickname or a label).\n",
progName);
Usage(progName);
}
if (addbuiltin.options[opt_Input].activated) {
infile = PR_Open(addbuiltin.options[opt_Input].arg, PR_RDONLY, 00660);
if (!infile) {
fprintf(stderr, "%s: failed to open input file.\n", progName);
exit(1);
}
} else {
#if defined(WIN32)
/* If we're going to read binary data from stdin, we must put stdin
** into O_BINARY mode or else incoming \r\n's will become \n's,
** and latin-1 characters will be altered.
*/
int smrv = _setmode(_fileno(stdin), _O_BINARY);
if (smrv == -1) {
fprintf(stderr,
"%s: Cannot change stdin to binary mode. Use -i option instead.\n",
progName);
exit(1);
}
#endif
infile = PR_STDIN;
}
nickname = strdup(addbuiltin.options[opt_Nickname].arg);
NSS_NoDB_Init(NULL);
if (addbuiltin.options[opt_Distrust].activated ||
addbuiltin.options[opt_DistrustCRL].activated) {
addbuiltin.options[opt_ExcludeCert].activated = PR_TRUE;
addbuiltin.options[opt_ExcludeHash].activated = PR_TRUE;
}
if (addbuiltin.options[opt_Distrust].activated) {
trusts = strdup("p,p,p");
decodeTrust = PR_TRUE;
}
else if (addbuiltin.options[opt_Trust].activated) {
trusts = strdup(addbuiltin.options[opt_Trust].arg);
decodeTrust = PR_TRUE;
}
if (decodeTrust) {
rv = CERT_DecodeTrustString(&trust, trusts);
if (rv) {
fprintf(stderr, "%s: incorrectly formatted trust string.\n", progName);
Usage(progName);
}
}
if (addbuiltin.options[opt_Trust].activated &&
addbuiltin.options[opt_ExcludeHash].activated) {
if ((trust.sslFlags | trust.emailFlags | trust.objectSigningFlags)
!= CERTDB_TERMINAL_RECORD) {
fprintf(stderr, "%s: Excluding the hash only allowed with distrust.\n", progName);
Usage(progName);
}
}
SECU_FileToItem(&derItem, infile);
/*printheader();*/
if (addbuiltin.options[opt_DistrustCRL].activated) {
rv = ConvertCRLEntry(&derItem, crlentry, nickname);
}
else {
rv = ConvertCertificate(&derItem, nickname, &trust,
addbuiltin.options[opt_ExcludeCert].activated,
addbuiltin.options[opt_ExcludeHash].activated);
if (rv) {
fprintf(stderr, "%s: failed to convert certificate.\n", progName);
exit(1);
}
}
if (NSS_Shutdown() != SECSuccess) {
exit(1);
}
return(SECSuccess);
}
int main(int argc, char **argv)
{
SECStatus rv;
char *nickname;
char *trusts;
char *progName;
PRFileDesc *infile;
CERTCertTrust trust = { 0 };
SECItem derCert = { 0 };
secuCommand addbuiltin = { 0 };
addbuiltin.numOptions = sizeof(addbuiltin_options)/sizeof(secuCommandFlag);
addbuiltin.options = addbuiltin_options;
progName = strrchr(argv[0], '/');
progName = progName ? progName+1 : argv[0];
rv = SECU_ParseCommandLine(argc, argv, progName, &addbuiltin);
if (rv != SECSuccess)
Usage(progName);
if (!addbuiltin.options[opt_Nickname].activated &&
!addbuiltin.options[opt_Trust].activated) {
fprintf(stderr, "%s: you must specify both a nickname and trust.\n",
progName);
Usage(progName);
}
if (addbuiltin.options[opt_Input].activated) {
infile = PR_Open(addbuiltin.options[opt_Input].arg, PR_RDONLY, 00660);
if (!infile) {
fprintf(stderr, "%s: failed to open input file.\n", progName);
exit(1);
}
} else {
#if defined(WIN32)
/* If we're going to read binary data from stdin, we must put stdin
** into O_BINARY mode or else incoming \r\n's will become \n's,
** and latin-1 characters will be altered.
*/
int smrv = _setmode(_fileno(stdin), _O_BINARY);
if (smrv == -1) {
fprintf(stderr,
"%s: Cannot change stdin to binary mode. Use -i option instead.\n",
progName);
exit(1);
}
#endif
infile = PR_STDIN;
}
nickname = strdup(addbuiltin.options[opt_Nickname].arg);
trusts = strdup(addbuiltin.options[opt_Trust].arg);
NSS_NoDB_Init(NULL);
rv = CERT_DecodeTrustString(&trust, trusts);
if (rv) {
fprintf(stderr, "%s: incorrectly formatted trust string.\n", progName);
Usage(progName);
}
SECU_FileToItem(&derCert, infile);
/*printheader();*/
rv = ConvertCertificate(&derCert, nickname, &trust);
if (rv) {
fprintf(stderr, "%s: failed to convert certificate.\n", progName);
exit(1);
}
if (NSS_Shutdown() != SECSuccess) {
exit(1);
}
return(SECSuccess);
}
