/***********************************************************************
*
* G e n e r a t e C e r t
*
* Runs the whole process of creating a new cert, getting info from the
* user, etc.
*/
int
GenerateCert(char *nickname, int keysize, char *token)
{
CERTCertDBHandle * db;
CERTCertificate * cert;
char *subject;
unsigned long serial;
char stdinbuf[160];
/* Print warning about having the browser open */
PR_fprintf(PR_STDOUT /*always go to console*/,
"\nWARNING: Performing this operation while the browser is running could cause"
"\ncorruption of your security databases. If the browser is currently running,"
"\nyou should exit the browser before continuing this operation. Enter "
"\n\"y\" to continue, or anything else to abort: ");
pr_fgets(stdinbuf, 160, PR_STDIN);
PR_fprintf(PR_STDOUT, "\n");
if (tolower(stdinbuf[0]) != 'y') {
PR_fprintf(errorFD, "Operation aborted at user's request.\n");
errorCount++;
return - 1;
}
db = CERT_GetDefaultCertDB();
if (!db) {
FatalError("Unable to open certificate database");
}
if (PK11_FindCertFromNickname(nickname, &pwdata)) {
PR_fprintf(errorFD,
"ERROR: Certificate with nickname \"%s\" already exists in database. You\n"
"must choose a different nickname.\n", nickname);
errorCount++;
exit(ERRX);
}
LL_L2UI(serial, PR_Now());
subject = GetSubjectFromUser(serial);
cert = GenerateSelfSignedObjectSigningCert(nickname, db, subject,
serial, keysize, token);
if (cert) {
output_ca_cert(cert, db);
CERT_DestroyCertificate(cert);
}
PORT_Free(subject);
return 0;
}
/*********************************************************************
*
* P r o c e s s C o m m a n d F i l e
*/
int
ProcessCommandFile()
{
PRFileDesc *fd;
#define CMD_FILE_BUFSIZE 1024
char buf[CMD_FILE_BUFSIZE];
char *equals;
int linenum = 0;
int retval = -1;
OPT_TYPE type;
fd = PR_Open(cmdFile, PR_RDONLY, 0777);
if (!fd) {
PR_fprintf(errorFD, "ERROR: Unable to open command file %s.\n");
errorCount++;
return -1;
}
while (pr_fgets(buf, CMD_FILE_BUFSIZE, fd)) {
char *eol;
linenum++;
/* Chop off final newline */
eol = PL_strchr(buf, '\r');
if (!eol) {
eol = PL_strchr(buf, '\n');
}
if (eol)
*eol = '\0';
equals = PL_strchr(buf, '=');
if (!equals) {
continue;
}
*equals = '\0';
equals++;
/* Now buf points to the attribute, and equals points to the value. */
/* This is pretty straightforward, just deal with whatever attribute
* this is */
if (!PL_strcasecmp(buf, "basename")) {
type = BASE_OPT;
} else if (!PL_strcasecmp(buf, "compression")) {
type = COMPRESSION_OPT;
} else if (!PL_strcasecmp(buf, "certdir")) {
type = CERT_DIR_OPT;
} else if (!PL_strcasecmp(buf, "extension")) {
type = EXTENSION_OPT;
} else if (!PL_strcasecmp(buf, "generate")) {
type = GENKEY_OPT;
} else if (!PL_strcasecmp(buf, "installScript")) {
type = INSTALL_SCRIPT_OPT;
} else if (!PL_strcasecmp(buf, "javascriptdir")) {
type = SCRIPTDIR_OPT;
} else if (!PL_strcasecmp(buf, "htmldir")) {
type = JAVASCRIPT_OPT;
if (jartree) {
PR_fprintf(errorFD,
"warning: directory to be signed specified more than once."
" Only last specification will be used.\n");
warningCount++;
PR_Free(jartree);
jartree = NULL;
}
jartree = PL_strdup(equals);
} else if (!PL_strcasecmp(buf, "certname")) {
type = CERTNAME_OPT;
} else if (!PL_strcasecmp(buf, "signdir")) {
type = SIGNDIR_OPT;
} else if (!PL_strcasecmp(buf, "list")) {
type = LIST_OBJSIGN_CERTS_OPT;
} else if (!PL_strcasecmp(buf, "listall")) {
type = LIST_ALL_CERTS_OPT;
} else if (!PL_strcasecmp(buf, "metafile")) {
type = METAFILE_OPT;
} else if (!PL_strcasecmp(buf, "modules")) {
type = MODULES_OPT;
} else if (!PL_strcasecmp(buf, "optimize")) {
type = OPTIMIZE_OPT;
} else if (!PL_strcasecmp(buf, "ocsp")) {
type = ENABLE_OCSP_OPT;
} else if (!PL_strcasecmp(buf, "password")) {
type = PASSWORD_OPT;
} else if (!PL_strcasecmp(buf, "verify")) {
type = VERIFY_OPT;
} else if (!PL_strcasecmp(buf, "who")) {
type = WHO_OPT;
} else if (!PL_strcasecmp(buf, "exclude")) {
type = EXCLUDE_OPT;
} else if (!PL_strcasecmp(buf, "notime")) {
type = NO_TIME_OPT;
} else if (!PL_strcasecmp(buf, "jarfile")) {
type = ZIPFILE_OPT;
} else if (!PL_strcasecmp(buf, "outfile")) {
type = OUTFILE_OPT;
} else if (!PL_strcasecmp(buf, "leavearc")) {
type = LEAVE_ARC_OPT;
} else if (!PL_strcasecmp(buf, "verbosity")) {
type = VERBOSITY_OPT;
} else if (!PL_strcasecmp(buf, "keysize")) {
type = KEYSIZE_OPT;
} else if (!PL_strcasecmp(buf, "token")) {
type = TOKEN_OPT;
} else if (!PL_strcasecmp(buf, "xpi")) {
type = XPI_ARC_OPT;
} else {
PR_fprintf(errorFD,
"warning: unknown attribute \"%s\" in command file, line %d.\n",
buf, linenum);
warningCount++;
type = UNKNOWN_OPT;
}
/* Process the option, whatever it is */
if (type != UNKNOWN_OPT) {
if (ProcessOneOpt(type, equals) == -1) {
goto finish;
}
}
}
retval = 0;
finish:
PR_Close(fd);
return retval;
}
