int main (int argc, char **argv) { int arg_idx = 0; char *privcert_file = NULL; char *pubcert_file = NULL; char *priv_file = NULL; char *pub_file = NULL; char *priv_id = NULL; char *pub_id = NULL; char *label = DEFAULT_LABEL; dckey *priv = NULL; dckey *pub = NULL; cert *priv_cert = NULL; cert *pub_cert = NULL; printf("argc count is: %d\n", argc); if((argc < 7) || (argc > 8)) { printf("Invalid number of arguments!!!\n"); usage (argv[0], argc); } printf("argc value is: %d\n", argc); ri (); priv_file = argv[++arg_idx]; privcert_file = argv[++arg_idx]; priv_id = argv[++arg_idx]; pub_file = argv[++arg_idx]; pubcert_file = argv[++arg_idx]; pub_id = argv[++arg_idx]; if (argc - 2 == arg_idx) { /* there was a label */ label = argv[++arg_idx]; } pub_cert = pki_check(pubcert_file, pub_file, pub_id); /* check above won't return if something was wrong */ pub = pub_cert->public_key; if (!cert_verify (priv_cert = cert_read (privcert_file))) { printf ("%s: trouble reading certificate from %s, " "or certificate expired\n", getprogname (), privcert_file); perror (getprogname ()); exit (-1); } else if (!dcareequiv(pub_cert->issuer,priv_cert->issuer)) { printf ("%s: certificates issued by different CAs.\n", getprogname ()); printf ("\tOwn (%s's) certificate in %s\n", priv_id, privcert_file); printf ("\tOther (%s's) certificate in %s\n", pub_id, pubcert_file); } else { priv = priv_from_file (priv_file); nidh (priv, pub, priv_id, pub_id, label); } return 0; }
int main (int argc, char **argv) { int fdca, fdpk; dckey *ca = NULL, *pk = NULL; char *id = NULL; char *cert_file = NULL, *pk_file = NULL; int duration = -1; ri (); if (argc < 2) usage (argv[0]); else if (argc == 2) { if (strcmp (argv[1], "init") != 0) usage (argv[0]); else { setprogname (argv[0]); pki_init (); } } else if (argc == 5) { if (strcmp (argv[1], "check") != 0) usage (argv[0]); else { setprogname (argv[0]); pki_check (argv[2], argv[3], argv[4]); } } else if (strcmp (argv[1], "cert") != 0) { usage (argv[0]); } else { /* cert commnad */ setprogname (argv[0]); /* first, let's take care of the options, if any */ parse_options (&pk, &cert_file, &duration, argc, argv); /* the last two args are ID and PK-FILE */ pk_file = argv[argc - 2]; id = argv[argc - 1]; /* set up default values for parameters not affected by the options */ if (!cert_file) { /* default cert_file is ID.cert */ if (cat_str (&cert_file, id) || cat_str (&cert_file, ".cert")) { xfree (cert_file); exit (1); } } if (duration == -1) /* default duration is 30 days */ duration = 30; /* take care of the public key that we are certifying */ /* if the -g option was used, we have to write the pk to pk_file */ if (pk) write_pkfile (pk_file, pk); /* otherwise, import pk from pk_file */ else { if ((fdpk = open (pk_file, O_RDONLY)) == -1) { if (errno == ENOENT) { usage (argv[0]); } else { perror (argv[0]); exit (1); } } else if (!(pk = import_pub_from_file (fdpk))) { fprintf (stderr, "%s: no public key found in %s\n", argv[0], pk_file); close (fdpk); exit (1); } close (fdpk); fdpk = -1; } /* now read the ca private key from ./.pki/ca.priv */ if ((fdca = open ("./.pki/ca.priv", O_RDONLY)) == -1) { if (errno == ENOENT) { usage (argv[0]); } else { perror (argv[0]); exit (1); } } else { if (!(ca = import_priv_from_file (fdca))) { fprintf (stderr, "%s: no private key found in %s\n", argv[0], "./.pki/ca.priv"); close (fdca); exit (1); } close (fdca); fdca = -1; /* prepare a cert, sign it and write it to cert_file */ switch (cert_sign_n_write (ca, id, pk, duration, cert_file)) { case 0: /* no error */ /* the ca signing key is not needed anymore: wipe it out */ dcfree (ca); ca = NULL; break; case -1: /* trouble with the write system call */ check_n_free (&cert_file); dcfree (ca); exit (1); case -2: /* trouble preparing/signinig the certificate */ check_n_free (&cert_file); dcfree (ca); exit (1); default: check_n_free (&cert_file); dcfree (ca); exit (1); } assert (cert_verify (cert_read (cert_file))); dcfree (pk); pk = NULL; } } check_n_free (&cert_file); return 0; }