int main(int argc, char **argv) { SECStatus rv; char *nickname = NULL; char *trusts = NULL; char *progName; PRFileDesc *infile; CERTCertTrust trust = { 0 }; SECItem derItem = { 0 }; PRInt32 crlentry = 0; PRInt32 mutuallyExclusiveOpts = 0; PRBool decodeTrust = PR_FALSE; secuCommand addbuiltin = { 0 }; addbuiltin.numOptions = sizeof(addbuiltin_options)/sizeof(secuCommandFlag); addbuiltin.options = addbuiltin_options; progName = strrchr(argv[0], '/'); progName = progName ? progName+1 : argv[0]; rv = SECU_ParseCommandLine(argc, argv, progName, &addbuiltin); if (rv != SECSuccess) Usage(progName); if (addbuiltin.options[opt_Trust].activated) ++mutuallyExclusiveOpts; if (addbuiltin.options[opt_Distrust].activated) ++mutuallyExclusiveOpts; if (addbuiltin.options[opt_DistrustCRL].activated) ++mutuallyExclusiveOpts; if (mutuallyExclusiveOpts != 1) { fprintf(stderr, "%s: you must specify exactly one of -t or -D or -C\n", progName); Usage(progName); } if (addbuiltin.options[opt_DistrustCRL].activated) { if (!addbuiltin.options[opt_CRLEnry].activated) { fprintf(stderr, "%s: you must specify the CRL entry number.\n", progName); Usage(progName); } else { crlentry = atoi(addbuiltin.options[opt_CRLEnry].arg); if (crlentry < 1) { fprintf(stderr, "%s: The CRL entry number must be > 0.\n", progName); Usage(progName); } } } if (!addbuiltin.options[opt_Nickname].activated) { fprintf(stderr, "%s: you must specify parameter -n (a nickname or a label).\n", progName); Usage(progName); } if (addbuiltin.options[opt_Input].activated) { infile = PR_Open(addbuiltin.options[opt_Input].arg, PR_RDONLY, 00660); if (!infile) { fprintf(stderr, "%s: failed to open input file.\n", progName); exit(1); } } else { #if defined(WIN32) /* If we're going to read binary data from stdin, we must put stdin ** into O_BINARY mode or else incoming \r\n's will become \n's, ** and latin-1 characters will be altered. */ int smrv = _setmode(_fileno(stdin), _O_BINARY); if (smrv == -1) { fprintf(stderr, "%s: Cannot change stdin to binary mode. Use -i option instead.\n", progName); exit(1); } #endif infile = PR_STDIN; } nickname = strdup(addbuiltin.options[opt_Nickname].arg); NSS_NoDB_Init(NULL); if (addbuiltin.options[opt_Distrust].activated || addbuiltin.options[opt_DistrustCRL].activated) { addbuiltin.options[opt_ExcludeCert].activated = PR_TRUE; addbuiltin.options[opt_ExcludeHash].activated = PR_TRUE; } if (addbuiltin.options[opt_Distrust].activated) { trusts = strdup("p,p,p"); decodeTrust = PR_TRUE; } else if (addbuiltin.options[opt_Trust].activated) { trusts = strdup(addbuiltin.options[opt_Trust].arg); decodeTrust = PR_TRUE; } if (decodeTrust) { rv = CERT_DecodeTrustString(&trust, trusts); if (rv) { fprintf(stderr, "%s: incorrectly formatted trust string.\n", progName); Usage(progName); } } if (addbuiltin.options[opt_Trust].activated && addbuiltin.options[opt_ExcludeHash].activated) { if ((trust.sslFlags | trust.emailFlags | trust.objectSigningFlags) != CERTDB_TERMINAL_RECORD) { fprintf(stderr, "%s: Excluding the hash only allowed with distrust.\n", progName); Usage(progName); } } SECU_FileToItem(&derItem, infile); /*printheader();*/ if (addbuiltin.options[opt_DistrustCRL].activated) { rv = ConvertCRLEntry(&derItem, crlentry, nickname); } else { rv = ConvertCertificate(&derItem, nickname, &trust, addbuiltin.options[opt_ExcludeCert].activated, addbuiltin.options[opt_ExcludeHash].activated); if (rv) { fprintf(stderr, "%s: failed to convert certificate.\n", progName); exit(1); } } if (NSS_Shutdown() != SECSuccess) { exit(1); } return(SECSuccess); }
int main(int argc, char **argv) { SECStatus rv; char *nickname; char *trusts; char *progName; PRFileDesc *infile; CERTCertTrust trust = { 0 }; SECItem derCert = { 0 }; secuCommand addbuiltin = { 0 }; addbuiltin.numOptions = sizeof(addbuiltin_options)/sizeof(secuCommandFlag); addbuiltin.options = addbuiltin_options; progName = strrchr(argv[0], '/'); progName = progName ? progName+1 : argv[0]; rv = SECU_ParseCommandLine(argc, argv, progName, &addbuiltin); if (rv != SECSuccess) Usage(progName); if (!addbuiltin.options[opt_Nickname].activated && !addbuiltin.options[opt_Trust].activated) { fprintf(stderr, "%s: you must specify both a nickname and trust.\n", progName); Usage(progName); } if (addbuiltin.options[opt_Input].activated) { infile = PR_Open(addbuiltin.options[opt_Input].arg, PR_RDONLY, 00660); if (!infile) { fprintf(stderr, "%s: failed to open input file.\n", progName); exit(1); } } else { #if defined(WIN32) /* If we're going to read binary data from stdin, we must put stdin ** into O_BINARY mode or else incoming \r\n's will become \n's, ** and latin-1 characters will be altered. */ int smrv = _setmode(_fileno(stdin), _O_BINARY); if (smrv == -1) { fprintf(stderr, "%s: Cannot change stdin to binary mode. Use -i option instead.\n", progName); exit(1); } #endif infile = PR_STDIN; } nickname = strdup(addbuiltin.options[opt_Nickname].arg); trusts = strdup(addbuiltin.options[opt_Trust].arg); NSS_NoDB_Init(NULL); rv = CERT_DecodeTrustString(&trust, trusts); if (rv) { fprintf(stderr, "%s: incorrectly formatted trust string.\n", progName); Usage(progName); } SECU_FileToItem(&derCert, infile); /*printheader();*/ rv = ConvertCertificate(&derCert, nickname, &trust); if (rv) { fprintf(stderr, "%s: failed to convert certificate.\n", progName); exit(1); } if (NSS_Shutdown() != SECSuccess) { exit(1); } return(SECSuccess); }