int ndnsec_get_default(int argc, char** argv) { using namespace ndn; namespace po = boost::program_options; bool isGetDefaultId = true; bool isGetDefaultKey = false; bool isGetDefaultCert = false; bool isQuiet = false; std::string identityString; std::string keyName; po::options_description description("General Usage\n ndnsec get-default [-h] [-k|c] [-i identity|-K key] [-q]\nGeneral options"); description.add_options() ("help,h", "produce help message") ("default_key,k", "get default key") ("default_cert,c", "get default certificate") ("identity,i", po::value<std::string>(&identityString), "target identity") ("key,K", po::value<std::string>(&keyName), "target key") ("quiet,q", "don't output trailing newline") ; po::variables_map vm; try { po::store(po::parse_command_line(argc, argv, description), vm); po::notify(vm); } catch (const std::exception& e) { std::cerr << "ERROR: " << e.what() << std::endl; std::cerr << description << std::endl; return 1; } if (vm.count("help") != 0) { std::cerr << description << std::endl;; return 0; } if (vm.count("default_cert") != 0) { isGetDefaultCert = true; isGetDefaultId = false; } else if (vm.count("default_key") != 0) { isGetDefaultKey = true; isGetDefaultId = false; } if (vm.count("quiet") != 0) { isQuiet = true; } KeyChain keyChain; if (vm.count("key") != 0) { Name keyNdnName(keyName); if (isGetDefaultCert) { std::cout << keyChain.getDefaultCertificateNameForKey(keyNdnName); if (!isQuiet) std::cout << std::endl; return 0; } return 1; } else if (vm.count("identity") != 0) { Name identity(identityString); if (isGetDefaultKey) { std::cout << keyChain.getDefaultKeyNameForIdentity(identity); if (!isQuiet) std::cout << std::endl; return 0; } if (isGetDefaultCert) { std::cout << keyChain.getDefaultCertificateNameForIdentity(identity); if (!isQuiet) std::cout << std::endl; return 0; } return 1; } else { Name identity = keyChain.getDefaultIdentity(); if (isGetDefaultId) { std::cout << identity; if (!isQuiet) std::cout << std::endl; return 0; } if (isGetDefaultKey) { std::cout << keyChain.getDefaultKeyNameForIdentity(identity); if (!isQuiet) std::cout << std::endl; return 0; } if (isGetDefaultCert) { std::cout << keyChain.getDefaultCertificateNameForIdentity(identity); if (!isQuiet) std::cout << std::endl; return 0; } return 1; } }
int ndnsec_cert_dump(int argc, char** argv) { using namespace ndn; namespace po = boost::program_options; std::string name; bool isKeyName = false; bool isIdentityName = false; bool isCertName = true; // bool isFileName = false; bool isPretty = false; bool isStdOut = true; bool isRepoOut = false; std::string repoHost; std::string repoPort; // bool isDnsOut = false; po::options_description description("General Usage\n" " ndnsec cert-dump [-h] [-p] [-d] [-r [-H repo-host] " "[-P repo-port] ] [-i|k|f] name\n" "General options"); description.add_options() ("help,h", "produce help message") ("pretty,p", "display certificate in human readable format") ("identity,i", "treat the name parameter as identity name (e.g., /ndn/edu/ucla/alice") ("key,k", "treat the name parameter as key name " "(e.g., /ndn/edu/ucla/alice/ksk-123456789)") ("file,f", "treat the name parameter as file name with base64 encoded certificate, " "- for stdin") ("repo-output,r", "publish the certificate to the repo-ng") ("repo-host,H", po::value<std::string>(&repoHost)->default_value("localhost"), "the repo host if repo-output is specified") ("repo-port,P", po::value<std::string>(&repoPort)->default_value("7376"), "the repo port if repo-output is specified") // ("dns-output,d", "published the certificate to NDNS") ("name,n", po::value<std::string>(&name), "unless overridden with --identity or --key parameter, the certificate name, " "for example, /ndn/edu/ucla/KEY/cs/alice/ksk-1234567890" "/ID-CERT/%FD%FF%FF%FF%FF%FF%FF%FF") ; po::positional_options_description p; p.add("name", 1); po::variables_map vm; try { po::store(po::command_line_parser(argc, argv).options(description).positional(p).run(), vm); po::notify(vm); } catch (const std::exception& e) { std::cerr << "ERROR: " << e.what() << std::endl; std::cerr << description << std::endl; return 1; } if (vm.count("help") != 0) { std::cerr << description << std::endl; return 0; } if (vm.count("name") == 0) { std::cerr << "identity_name must be specified" << std::endl; std::cerr << description << std::endl; return 1; } if (vm.count("key") != 0) { isCertName = false; isKeyName = true; } else if (vm.count("identity") != 0) { isCertName = false; isIdentityName = true; } else if (vm.count("file") != 0) { isCertName = false; // isFileName = true; } if (vm.count("pretty") != 0) isPretty = true; if (vm.count("repo-output") != 0) { isRepoOut = true; isStdOut = false; } else if (vm.count("dns-output") != 0) { // isDnsOut = true; isStdOut = false; std::cerr << "Error: DNS output is not supported yet!" << std::endl; return 1; } if (isPretty && !isStdOut) { std::cerr << "Error: pretty option can only be specified when other " << "output option is specified" << std::endl; return 1; } shared_ptr<IdentityCertificate> certificate; KeyChain keyChain; if (isIdentityName || isKeyName || isCertName) { if (isIdentityName) { Name certName = keyChain.getDefaultCertificateNameForIdentity(name); certificate = keyChain.getCertificate(certName); } else if (isKeyName) { Name certName = keyChain.getDefaultCertificateNameForKey(name); certificate = keyChain.getCertificate(certName); } else certificate = keyChain.getCertificate(name); if (!static_cast<bool>(certificate)) { std::cerr << "No certificate found!" << std::endl; return 1; } } else { certificate = getIdentityCertificate(name); if (!static_cast<bool>(certificate)) { std::cerr << "No certificate read!" << std::endl; return 1; } } if (isPretty) { std::cout << *certificate << std::endl; } else { if (isStdOut) { io::save(*certificate, std::cout); return 0; } if (isRepoOut) { using namespace boost::asio::ip; tcp::iostream request_stream; request_stream.expires_from_now(boost::posix_time::milliseconds(3000)); request_stream.connect(repoHost, repoPort); if (!request_stream) { std::cerr << "fail to open the stream!" << std::endl; return 1; } request_stream.write(reinterpret_cast<const char*>(certificate->wireEncode().wire()), certificate->wireEncode().size()); return 0; } } return 0; }