static Z_OriginProposal_0 *z_get_OriginProposal_0(ODR o, const char *charset)
{
int form = get_form(charset);
Z_OriginProposal_0 *p0 =
(Z_OriginProposal_0*)odr_malloc(o, sizeof(*p0));
memset(p0, 0, sizeof(*p0));
if (form > 0)
{ /* ISO 10646 (UNICODE) */
char oidname[20];
Z_Iso10646 *is = (Z_Iso10646 *) odr_malloc(o, sizeof(*is));
p0->which = Z_OriginProposal_0_iso10646;
p0->u.iso10646 = is;
is->collections = 0;
sprintf(oidname, "1.0.10646.1.0.%d", form);
is->encodingLevel = odr_getoidbystr(o, oidname);
}
else
{ /* private ones */
Z_PrivateCharacterSet *pc =
(Z_PrivateCharacterSet *)odr_malloc(o, sizeof(*pc));
memset(pc, 0, sizeof(*pc));
p0->which = Z_OriginProposal_0_private;
p0->u.zprivate = pc;
pc->which = Z_PrivateCharacterSet_externallySpecified;
pc->u.externallySpecified = z_ext_record2(o, charset);
}
return p0;
}
static VALUE rbncurs_c_free_form(VALUE rb_form) {
VALUE forms_hash = rb_iv_get(mForm, "@forms_hash");
FORM* form = get_form(rb_form);
VALUE form_adress = INT2NUM((long)(form));
rb_funcall(forms_hash, rb_intern("delete"), 1, form_adress);
rb_iv_set(rb_form, "@destroyed", Qtrue);
return INT2NUM(free_form(form));
}
string aggregator_add_feed()
{
map <string, map <string, string> > form;
map <string, string> feed;
aggregator_feed_form( form, feed );
return get_form("aggregator_add_feed", form);
}
string profile_edit()
{
map <string, string> item;
map <string, map<string,string> > form;
string fid = arg(3);
if(isset( fid ) )
{
if(DB_TYPE==1)
{
if( redis_multi( item, "HGETALL profile_fields:%d", intval(fid) ) )
{
form["fid"]["#type"] = "hidden";
form["fid"]["#value"] = num( fid );
}
}
if(DB_TYPE==2)
{
MYSQL_RES *result = db_querya("SELECT * FROM profile_fields WHERE fid=%d", fid.c_str() );
if( db_fetch( result, item ) )
{
form["fid"]["#type"] = "hidden";
form["fid"]["#value"] = item["fid"];
}
}
}
form["title"]["#type"] = "textfield";
form["title"]["#title"] = "Title";
form["title"]["#description"] = "The title of the new field. The title will be shown to the user. An example title is \"Favorite color\"";
form["title"]["#required"] = _TRUE;
form["title"]["#value"] = item["title"];
form["title"]["#weight"] = "1";
form["name"]["#type"] = "textfield";
form["name"]["#title"] = "Form name";
form["name"]["#description"] = "The name of the field. The form name is not shown to the user but used internally in the HTML code and URLs. Unless you know what you are doing, it is highly recommended that you prefix the form name with <code>profile_</code> to avoid name clashes with other fields. Spaces or any other special characters except dash (-) and underscore (_) are not allowed. An example name is \"profile_favorite_color\" or perhaps just \"profile_color\"";
form["name"]["#required"] = _TRUE;
form["name"]["#value"] = item["name"];
form["name"]["#weight"] = "2";
form["explanation"]["#type"] = "textarea";
form["explanation"]["#title"] = "Explanation";
form["explanation"]["#description"] = "An optional explanation to go with the new field. The explanation will be shown to the user.";
form["explanation"]["#value"] = item["explanation"];
form["explanation"]["#weight"] = "3";
form["submit"]["#type"] = "submit";
form["submit"]["#value"] = "Save field";
form["submit"]["#weight"] = "4";
return get_form("profile_edit", form);
}
string aggregator_edit_feed()
{
map <string, map <string, string> > form;
map <string, string> feed;
aggregator_feed_load( feed, arg(4) );
aggregator_feed_form( form, feed );
form["delete"]["#type"] = "submit";
form["delete"]["#value"] = "Delete";
form["delete"]["#weight"] = "5";
return get_form("aggregator_edit_feed", form);
}
/* used by yaz_set_response_charneg */
static Z_TargetResponse *z_get_TargetResponse(ODR o, const char *charset,
const char *lang, int selected)
{
Z_TargetResponse *p = (Z_TargetResponse *) odr_malloc(o, sizeof(*p));
int form = get_form(charset);
memset(p, 0, sizeof(*p));
if (form > 0)
{
char oidname[20];
Z_Iso10646 *is = (Z_Iso10646 *) odr_malloc (o, sizeof(*is));
p->which = Z_TargetResponse_iso10646;
p->u.iso10646 = is;
is->collections = 0;
sprintf (oidname, "1.0.10646.1.0.%d", form);
is->encodingLevel = odr_getoidbystr (o, oidname);
}
else
{
Z_PrivateCharacterSet *pc =
(Z_PrivateCharacterSet *)odr_malloc(o, sizeof(*pc));
memset(pc, 0, sizeof(*pc));
p->which = Z_TargetResponse_private;
p->u.zprivate = pc;
pc->which = Z_PrivateCharacterSet_externallySpecified;
pc->u.externallySpecified =
z_ext_record2(o, charset);
}
p->recordsInSelectedCharSets = (bool_t *)odr_malloc(o, sizeof(bool_t));
*p->recordsInSelectedCharSets = (selected) ? 1:0;
p->selectedLanguage = lang ? (char *)odr_strdup(o, lang) : 0;
return p;
}
string profile_admin()
{
string out;
map <string, string> item;
map <string, map<string,string> > form;
form["profiles"]["#type"] = "table";
form["profiles"]["#header"] = "Title,Name,Type,Operations";
form["profiles"]["#weight"] = "1";
size_t i = 0;
if(DB_TYPE==1)
{
REDIS_RES *result = redis_query_fields("SORT profile_fields BY profile_fields:*->title ALPHA", "GET profile_fields:*->", "#fid,title,name,explanation");
while( redis_fetch_fields( result, item ) )
{
form["A"+str(i)]["#type"] = "markup";
form["A"+str(i)]["#value"] = item["title"];
form["A"+str(i)]["#table"] = "profiles";
form["B"+str(i)]["#type"] = "markup";
form["B"+str(i)]["#value"] = item["name"];
form["B"+str(i)]["#table"] = "profiles";
form["C"+str(i)]["#type"] = "markup";
form["C"+str(i)]["#value"] = item["type"];
form["C"+str(i)]["#table"] = "profiles";
form["D"+str(i)]["#type"] = "markup";
form["D"+str(i)]["#value"] = "<a href=\""+url("admin/profile/edit/"+item["fid"])+"\">Edit</a> <a href=\""+url("admin/profile/delete/"+item["fid"])+"\">Delete</a>";
form["D"+str(i)]["#table"] = "profiles";
form["profiles"]["#row"+str(i)] = "A"+str(i)+",B"+str(i)+",C"+str(i)+",D"+str(i);
i++;
}
}
if(DB_TYPE==2)
{
MYSQL_RES *result;
result = db_querya("SELECT * FROM profile_fields");
while( db_fetch( result, item ) )
{
form["A"+str(i)]["#type"] = "markup";
form["A"+str(i)]["#value"] = item["title"];
form["A"+str(i)]["#table"] = "profiles";
form["B"+str(i)]["#type"] = "markup";
form["B"+str(i)]["#value"] = item["name"];
form["B"+str(i)]["#table"] = "profiles";
form["C"+str(i)]["#type"] = "markup";
form["C"+str(i)]["#value"] = item["type"];
form["C"+str(i)]["#table"] = "profiles";
form["D"+str(i)]["#type"] = "markup";
form["D"+str(i)]["#value"] = "<a href=\""+url("admin/profile/edit/"+item["fid"])+"\">Edit</a> <a href=\""+url("admin/profile/delete/"+item["fid"])+"\">Delete</a>";
form["D"+str(i)]["#table"] = "profiles";
form["profiles"]["#row"+str(i)] = "A"+str(i)+",B"+str(i)+",C"+str(i)+",D"+str(i);
i++;
}
}
out+= get_form("profiles_admin", form) + "<a href=\""+url("admin/profile/add")+"\">Add field</a>";
return out;
}
static VALUE rbncurs_c_set_form_page(VALUE rb_form, VALUE n) {
FORM* form = get_form(rb_form);
return INT2NUM(set_form_page(form, NUM2INT(n)));
}
/**
* Generate a private key
*/
static int gen()
{
key_encoding_type_t form = KEY_PRIV_ASN1_DER;
key_type_t type = KEY_RSA;
u_int size = 0;
private_key_t *key;
chunk_t encoding;
char *arg;
while (TRUE)
{
switch (command_getopt(&arg))
{
case 'h':
return command_usage(NULL);
case 't':
if (streq(arg, "rsa"))
{
type = KEY_RSA;
}
else if (streq(arg, "ecdsa"))
{
type = KEY_ECDSA;
}
else
{
return command_usage("invalid key type");
}
continue;
case 'f':
if (!get_form(arg, &form, FALSE))
{
return command_usage("invalid key output format");
}
continue;
case 's':
size = atoi(arg);
if (!size)
{
return command_usage("invalid key size");
}
continue;
case EOF:
break;
default:
return command_usage("invalid --gen option");
}
break;
}
/* default key sizes */
if (!size)
{
switch (type)
{
case KEY_RSA:
size = 2048;
break;
case KEY_ECDSA:
size = 384;
break;
default:
break;
}
}
key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
BUILD_KEY_SIZE, size, BUILD_END);
if (!key)
{
fprintf(stderr, "private key generation failed\n");
return 1;
}
if (!key->get_encoding(key, form, &encoding))
{
fprintf(stderr, "private key encoding failed\n");
key->destroy(key);
return 1;
}
key->destroy(key);
if (fwrite(encoding.ptr, encoding.len, 1, stdout) != 1)
{
fprintf(stderr, "writing private key failed\n");
free(encoding.ptr);
return 1;
}
free(encoding.ptr);
return 0;
}
/**
* Issue an attribute certificate
*/
static int acert()
{
cred_encoding_type_t form = CERT_ASN1_DER;
hash_algorithm_t digest = HASH_SHA1;
certificate_t *ac = NULL, *cert = NULL, *issuer =NULL;
private_key_t *private = NULL;
public_key_t *public = NULL;
char *file = NULL, *hex = NULL, *issuercert = NULL, *issuerkey = NULL;
char *error = NULL, *keyid = NULL;
linked_list_t *groups;
chunk_t serial = chunk_empty, encoding = chunk_empty;
time_t not_before, not_after, lifetime = 24 * 60 * 60;
char *datenb = NULL, *datena = NULL, *dateform = NULL;
rng_t *rng;
char *arg;
groups = linked_list_create();
while (TRUE)
{
switch (command_getopt(&arg))
{
case 'h':
goto usage;
case 'g':
if (!enum_from_name(hash_algorithm_short_names, arg, &digest))
{
error = "invalid --digest type";
goto usage;
}
continue;
case 'i':
file = arg;
continue;
case 'm':
groups->insert_last(groups, arg);
continue;
case 'c':
issuercert = arg;
continue;
case 'k':
issuerkey = arg;
continue;
case 'x':
keyid = arg;
continue;
case 'l':
lifetime = atoi(arg) * 60 * 60;
if (!lifetime)
{
error = "invalid --lifetime value";
goto usage;
}
continue;
case 'D':
dateform = arg;
continue;
case 'F':
datenb = arg;
continue;
case 'T':
datena = arg;
continue;
case 's':
hex = arg;
continue;
case 'f':
if (!get_form(arg, &form, CRED_CERTIFICATE))
{
error = "invalid output format";
goto usage;
}
continue;
case EOF:
break;
default:
error = "invalid --acert option";
goto usage;
}
break;
}
if (!calculate_lifetime(dateform, datenb, datena, lifetime,
¬_before, ¬_after))
{
error = "invalid --not-before/after datetime";
goto usage;
}
if (!issuercert)
{
error = "--issuercert is required";
goto usage;
}
if (!issuerkey && !keyid)
{
error = "--issuerkey or --issuerkeyid is required";
goto usage;
}
issuer = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
BUILD_FROM_FILE, issuercert, BUILD_END);
if (!issuer)
{
error = "parsing issuer certificate failed";
goto end;
}
public = issuer->get_public_key(issuer);
string aggregator_admin_overview()
{
map <string, map <string, string> > form;
vector < map <string, string> > feeds;
map <string, string> feed;
set_page_title( "Feed aggregator" );
form["feeds"]["#type"] = "table";
form["feeds"]["#header"] = "Title,Items,Last update,Next update,Operations, , ";
form["feeds"]["#weight"] = "1";
form["feeds"]["#prefix"] = "<h3>Feed overview</h3>";
if(DB_TYPE==1)
{
REDIS_RES *result = redis_query_fields("SORT aggregator_feed BY aggregator_feed:*->title ALPHA", "GET aggregator_feed:*->", "#fid,title,url,refresh,checked,link,description,etag,modified,image,block");
while( redis_fetch_fields( result, feed ) ) {
feed["items"] = redis_str("SCARD aggregator_item:fid:%d", intval(feed["fid"]) );
feeds.push_back( feed );
}
}
if(DB_TYPE==2)
{
MYSQL_RES * result = db_querya("SELECT f.*, COUNT(i.iid) AS items FROM aggregator_feed f LEFT JOIN aggregator_item i ON f.fid = i.fid GROUP BY f.fid, f.title, f.url, f.refresh, f.checked, f.link, f.description, f.etag, f.modified, f.image, f.block ORDER BY f.title");
while ( db_fetch( result, feed ) ) {
feeds.push_back( feed );
}
}
for(size_t n=0; n< feeds.size(); n++)
{
form["tit_"+str(n)]["#type"] = "markup";
form["tit_"+str(n)]["#value"] = "<a href=\""+url("aggregator/sources/"+feeds[n]["fid"])+"\">"+feeds[n]["title"]+"</a>";
form["tit_"+str(n)]["#table"] = "feeds";
form["ite_"+str(n)]["#type"] = "markup";
form["ite_"+str(n)]["#value"] = format_plural( intval(feeds[n]["items"]), "%i item", "%i items" );
form["ite_"+str(n)]["#table"] = "feeds";
form["ago_"+str(n)]["#type"] = "markup";
form["ago_"+str(n)]["#value"] = intval( feeds[n]["checked"] ) ? format_interval(time() - intval(feeds[n]["checked"]) )+" ago" : "never";
form["ago_"+str(n)]["#table"] = "feeds";
form["lef_"+str(n)]["#type"] = "markup";
form["lef_"+str(n)]["#value"] = intval( feeds[n]["checked"] ) ? format_interval( intval(feeds[n]["checked"]) + intval(feeds[n]["refresh"]) - time()) + " left" : "never";
form["lef_"+str(n)]["#table"] = "feeds";
form["edi_"+str(n)]["#type"] = "markup";
form["edi_"+str(n)]["#value"] = "<a href=\""+url("admin/aggregator/edit/feed/"+feeds[n]["fid"])+"\">edit</a>";
form["edi_"+str(n)]["#table"] = "feeds";
form["rem_"+str(n)]["#type"] = "markup";
form["rem_"+str(n)]["#value"] = "<a href=\""+url("admin/aggregator/remove/feed/"+feeds[n]["fid"])+"\">remove items</a>";
form["rem_"+str(n)]["#table"] = "feeds";
form["upd_"+str(n)]["#type"] = "markup";
form["upd_"+str(n)]["#value"] = "<a href=\""+url("admin/aggregator/update/feed/"+feeds[n]["fid"])+"\">update items</a>";
form["upd_"+str(n)]["#table"] = "feeds";
form["feeds"]["#row"+str(n)] = "tit_"+str(n)+",ite_"+str(n)+",ago_"+str(n)+",lef_"+str(n)+",edi_"+str(n)+",rem_"+str(n)+",upd_"+str(n);
}
return get_form("aggregator_admin_overview", form);
}
/**
* Sign a CRL
*/
static int sign_crl()
{
cred_encoding_type_t form = CERT_ASN1_DER;
private_key_t *private = NULL;
public_key_t *public = NULL;
certificate_t *ca = NULL, *crl = NULL;
crl_t *lastcrl = NULL;
x509_t *x509;
hash_algorithm_t digest = HASH_UNKNOWN;
signature_params_t *scheme = NULL;
char *arg, *cacert = NULL, *cakey = NULL, *lastupdate = NULL, *error = NULL;
char *basecrl = NULL;
char serial[512], *keyid = NULL;
int serial_len;
crl_reason_t reason = CRL_REASON_UNSPECIFIED;
time_t thisUpdate, nextUpdate, date = time(NULL);
time_t lifetime = 15 * 24 * 60 * 60;
char *datetu = NULL, *datenu = NULL, *dateform = NULL;
linked_list_t *list, *cdps;
enumerator_t *enumerator, *lastenum = NULL;
x509_cdp_t *cdp;
chunk_t crl_serial = chunk_empty, baseCrlNumber = chunk_empty;
chunk_t encoding = chunk_empty;
bool pss = lib->settings->get_bool(lib->settings, "%s.rsa_pss", FALSE,
lib->ns);
list = linked_list_create();
cdps = linked_list_create();
while (TRUE)
{
switch (command_getopt(&arg))
{
case 'h':
goto usage;
case 'g':
if (!enum_from_name(hash_algorithm_short_names, arg, &digest))
{
error = "invalid --digest type";
goto usage;
}
continue;
case 'R':
if (streq(arg, "pss"))
{
pss = TRUE;
}
else if (!streq(arg, "pkcs1"))
{
error = "invalid RSA padding";
goto usage;
}
continue;
case 'c':
cacert = arg;
continue;
case 'k':
cakey = arg;
continue;
case 'x':
keyid = arg;
continue;
case 'a':
lastupdate = arg;
continue;
case 'l':
lifetime = atoi(arg) * 24 * 60 * 60;
if (!lifetime)
{
error = "invalid --lifetime value";
goto usage;
}
continue;
case 'D':
dateform = arg;
continue;
case 'F':
datetu = arg;
continue;
case 'T':
datenu = arg;
continue;
case 'z':
serial_len = read_serial(arg, serial, sizeof(serial));
if (serial_len < 0)
{
snprintf(serial, sizeof(serial),
"parsing certificate '%s' failed", arg);
error = serial;
goto error;
}
add_revoked(list, chunk_create(serial, serial_len), reason, date);
date = time(NULL);
reason = CRL_REASON_UNSPECIFIED;
continue;
case 's':
{
chunk_t chunk;
int hex_len;
hex_len = strlen(arg);
if ((hex_len / 2) + (hex_len % 2) > sizeof(serial))
{
error = "invalid serial";
goto usage;
}
chunk = chunk_from_hex(chunk_create(arg, hex_len), serial);
serial_len = chunk.len;
add_revoked(list, chunk_create(serial, serial_len), reason, date);
date = time(NULL);
reason = CRL_REASON_UNSPECIFIED;
continue;
}
case 'b':
basecrl = arg;
continue;
case 'u':
INIT(cdp,
.uri = strdup(arg),
);
cdps->insert_last(cdps, cdp);
continue;
case 'r':
if (streq(arg, "key-compromise"))
{
reason = CRL_REASON_KEY_COMPROMISE;
}
else if (streq(arg, "ca-compromise"))
{
reason = CRL_REASON_CA_COMPROMISE;
}
else if (streq(arg, "affiliation-changed"))
{
reason = CRL_REASON_AFFILIATION_CHANGED;
}
else if (streq(arg, "superseded"))
{
reason = CRL_REASON_SUPERSEDED;
}
else if (streq(arg, "cessation-of-operation"))
{
reason = CRL_REASON_CESSATION_OF_OPERATON;
}
else if (streq(arg, "certificate-hold"))
{
reason = CRL_REASON_CERTIFICATE_HOLD;
}
else
{
error = "invalid revocation reason";
goto usage;
}
continue;
case 'd':
date = atol(arg);
if (!date)
{
error = "invalid date";
goto usage;
}
continue;
case 'f':
if (!get_form(arg, &form, CRED_CERTIFICATE))
{
error = "invalid output format";
goto usage;
}
continue;
case EOF:
break;
default:
error = "invalid --signcrl option";
goto usage;
}
break;
}
if (!cacert)
{
error = "--cacert is required";
goto usage;
}
if (!cakey && !keyid)
{
error = "--cakey or --keyid is required";
goto usage;
}
if (!calculate_lifetime(dateform, datetu, datenu, lifetime,
&thisUpdate, &nextUpdate))
{
error = "invalid --this/next-update datetime";
goto usage;
}
ca = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
BUILD_FROM_FILE, cacert, BUILD_END);
if (!ca)
{
error = "parsing CA certificate failed";
goto error;
}
x509 = (x509_t*)ca;
if (!(x509->get_flags(x509) & (X509_CA | X509_CRL_SIGN)))
{
error = "CA certificate misses CA basicConstraint / CRLSign keyUsage";
goto error;
}
public = ca->get_public_key(ca);
static VALUE rbncurs_c_data_behind(VALUE rb_form) {
FORM* form = get_form(rb_form);
return (data_behind(form)) ? Qtrue: Qfalse;
}
/**
* Create a self-signed PKCS#10 certificate requesst.
*/
static int req()
{
cred_encoding_type_t form = CERT_ASN1_DER;
key_type_t type = KEY_RSA;
hash_algorithm_t digest = HASH_SHA1;
certificate_t *cert = NULL;
private_key_t *private = NULL;
char *file = NULL, *dn = NULL, *error = NULL;
identification_t *id = NULL;
linked_list_t *san;
chunk_t encoding = chunk_empty;
chunk_t challenge_password = chunk_empty;
char *arg;
san = linked_list_create();
while (TRUE)
{
switch (command_getopt(&arg))
{
case 'h':
goto usage;
case 't':
if (streq(arg, "rsa"))
{
type = KEY_RSA;
}
else if (streq(arg, "ecdsa"))
{
type = KEY_ECDSA;
}
else if (streq(arg, "bliss"))
{
type = KEY_BLISS;
}
else
{
error = "invalid input type";
goto usage;
}
continue;
case 'g':
if (!enum_from_name(hash_algorithm_short_names, arg, &digest))
{
error = "invalid --digest type";
goto usage;
}
continue;
case 'i':
file = arg;
continue;
case 'd':
dn = arg;
continue;
case 'a':
san->insert_last(san, identification_create_from_string(arg));
continue;
case 'p':
challenge_password = chunk_create(arg, strlen(arg));
continue;
case 'f':
if (!get_form(arg, &form, CRED_CERTIFICATE))
{
error = "invalid output format";
goto usage;
}
continue;
case EOF:
break;
default:
error = "invalid --req option";
goto usage;
}
break;
}
if (type == KEY_BLISS)
{
/* currently only SHA-512 is supported */
digest = HASH_SHA512;
}
if (!dn)
{
error = "--dn is required";
goto usage;
}
id = identification_create_from_string(dn);
if (id->get_type(id) != ID_DER_ASN1_DN)
{
error = "supplied --dn is not a distinguished name";
goto end;
}
if (file)
{
private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
BUILD_FROM_FILE, file, BUILD_END);
}
static VALUE rbncurs_c_unpost_form(VALUE rb_form) {
FORM* form = get_form(rb_form);
return INT2NUM(unpost_form(form));
}
/**
* Create a self-signed PKCS#10 certificate requesst.
*/
static int req()
{
cred_encoding_type_t form = CERT_ASN1_DER;
key_type_t type = KEY_ANY;
hash_algorithm_t digest = HASH_UNKNOWN;
signature_params_t *scheme = NULL;
certificate_t *cert = NULL;
private_key_t *private = NULL;
char *file = NULL, *keyid = NULL, *dn = NULL, *error = NULL;
identification_t *id = NULL;
linked_list_t *san;
chunk_t encoding = chunk_empty;
chunk_t challenge_password = chunk_empty;
char *arg;
bool pss = lib->settings->get_bool(lib->settings, "%s.rsa_pss", FALSE,
lib->ns);
san = linked_list_create();
while (TRUE)
{
switch (command_getopt(&arg))
{
case 'h':
goto usage;
case 't':
if (streq(arg, "rsa"))
{
type = KEY_RSA;
}
else if (streq(arg, "ecdsa"))
{
type = KEY_ECDSA;
}
else if (streq(arg, "bliss"))
{
type = KEY_BLISS;
}
else if (streq(arg, "priv"))
{
type = KEY_ANY;
}
else
{
error = "invalid input type";
goto usage;
}
continue;
case 'g':
if (!enum_from_name(hash_algorithm_short_names, arg, &digest))
{
error = "invalid --digest type";
goto usage;
}
continue;
case 'R':
if (streq(arg, "pss"))
{
pss = TRUE;
}
else if (!streq(arg, "pkcs1"))
{
error = "invalid RSA padding";
goto usage;
}
continue;
case 'i':
file = arg;
continue;
case 'd':
dn = arg;
continue;
case 'a':
san->insert_last(san, identification_create_from_string(arg));
continue;
case 'p':
challenge_password = chunk_create(arg, strlen(arg));
continue;
case 'f':
if (!get_form(arg, &form, CRED_CERTIFICATE))
{
error = "invalid output format";
goto usage;
}
continue;
case 'x':
keyid = arg;
continue;
case EOF:
break;
default:
error = "invalid --req option";
goto usage;
}
break;
}
if (!dn)
{
error = "--dn is required";
goto usage;
}
id = identification_create_from_string(dn);
if (id->get_type(id) != ID_DER_ASN1_DN)
{
error = "supplied --dn is not a distinguished name";
goto end;
}
if (file)
{
private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
BUILD_FROM_FILE, file, BUILD_END);
}
static VALUE rbncurs_c_current_field(VALUE rb_form) {
FORM* form = get_form(rb_form);
return wrap_field(current_field(form));
}
/*
* form_page(3x)
*/
static VALUE rbncurs_c_set_current_field(VALUE rb_form, VALUE rb_field) {
FORM* form = get_form(rb_form);
FIELD* field = get_field(rb_field);
return INT2NUM(set_current_field(form, field));
}
/* Form driver W */
static VALUE rbncurs_c_form_driver_w(VALUE rb_form, VALUE type, VALUE c) {
FORM* form = get_form(rb_form);
return INT2NUM(form_driver_w(form, NUM2INT(type), NUM2INT(c)));
}
/**
* Create a self signed certificate.
*/
static int self()
{
cred_encoding_type_t form = CERT_ASN1_DER;
key_type_t type = KEY_RSA;
hash_algorithm_t digest = HASH_SHA1;
certificate_t *cert = NULL;
private_key_t *private = NULL;
public_key_t *public = NULL;
char *file = NULL, *dn = NULL, *hex = NULL, *error = NULL, *keyid = NULL;
identification_t *id = NULL;
linked_list_t *san, *ocsp, *permitted, *excluded, *policies, *mappings;
int pathlen = X509_NO_CONSTRAINT, inhibit_any = X509_NO_CONSTRAINT;
int inhibit_mapping = X509_NO_CONSTRAINT, require_explicit = X509_NO_CONSTRAINT;
chunk_t serial = chunk_empty;
chunk_t encoding = chunk_empty;
time_t lifetime = 1095;
time_t not_before, not_after;
x509_flag_t flags = 0;
x509_cert_policy_t *policy = NULL;
char *arg;
san = linked_list_create();
ocsp = linked_list_create();
permitted = linked_list_create();
excluded = linked_list_create();
policies = linked_list_create();
mappings = linked_list_create();
while (TRUE)
{
switch (command_getopt(&arg))
{
case 'h':
goto usage;
case 't':
if (streq(arg, "rsa"))
{
type = KEY_RSA;
}
else if (streq(arg, "ecdsa"))
{
type = KEY_ECDSA;
}
else
{
error = "invalid input type";
goto usage;
}
continue;
case 'g':
digest = enum_from_name(hash_algorithm_short_names, arg);
if (digest == -1)
{
error = "invalid --digest type";
goto usage;
}
continue;
case 'i':
file = arg;
continue;
case 'x':
keyid = arg;
continue;
case 'd':
dn = arg;
continue;
case 'a':
san->insert_last(san, identification_create_from_string(arg));
continue;
case 'l':
lifetime = atoi(arg);
if (!lifetime)
{
error = "invalid --lifetime value";
goto usage;
}
continue;
case 's':
hex = arg;
continue;
case 'b':
flags |= X509_CA;
continue;
case 'p':
pathlen = atoi(arg);
continue;
case 'n':
permitted->insert_last(permitted,
identification_create_from_string(arg));
continue;
case 'N':
excluded->insert_last(excluded,
identification_create_from_string(arg));
continue;
case 'P':
{
chunk_t oid;
oid = asn1_oid_from_string(arg);
if (!oid.len)
{
error = "--cert-policy OID invalid";
goto usage;
}
INIT(policy,
.oid = oid,
);
policies->insert_last(policies, policy);
continue;
}
case 'C':
if (!policy)
{
error = "--cps-uri must follow a --cert-policy";
goto usage;
}
policy->cps_uri = arg;
continue;
case 'U':
if (!policy)
{
error = "--user-notice must follow a --cert-policy";
goto usage;
}
policy->unotice_text = arg;
continue;
case 'M':
{
char *pos = strchr(arg, ':');
x509_policy_mapping_t *mapping;
chunk_t subject_oid, issuer_oid;
if (pos)
{
*pos++ = '\0';
issuer_oid = asn1_oid_from_string(arg);
subject_oid = asn1_oid_from_string(pos);
}
if (!pos || !issuer_oid.len || !subject_oid.len)
{
error = "--policy-map OIDs invalid";
goto usage;
}
INIT(mapping,
.issuer = issuer_oid,
.subject = subject_oid,
);
mappings->insert_last(mappings, mapping);
continue;
}
case 'E':
require_explicit = atoi(arg);
continue;
case 'H':
inhibit_mapping = atoi(arg);
continue;
case 'A':
inhibit_any = atoi(arg);
continue;
case 'e':
if (streq(arg, "serverAuth"))
{
flags |= X509_SERVER_AUTH;
}
else if (streq(arg, "clientAuth"))
{
flags |= X509_CLIENT_AUTH;
}
else if (streq(arg, "ikeIntermediate"))
{
flags |= X509_IKE_INTERMEDIATE;
}
else if (streq(arg, "crlSign"))
{
flags |= X509_CRL_SIGN;
}
else if (streq(arg, "ocspSigning"))
{
flags |= X509_OCSP_SIGNER;
}
continue;
case 'f':
if (!get_form(arg, &form, CRED_CERTIFICATE))
{
error = "invalid output format";
goto usage;
}
continue;
case 'o':
ocsp->insert_last(ocsp, arg);
continue;
case EOF:
break;
default:
error = "invalid --self option";
goto usage;
}
break;
}
if (!dn)
{
error = "--dn is required";
goto usage;
}
id = identification_create_from_string(dn);
if (id->get_type(id) != ID_DER_ASN1_DN)
{
error = "supplied --dn is not a distinguished name";
goto end;
}
if (file)
{
private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
BUILD_FROM_FILE, file, BUILD_END);
}
static VALUE rbncurs_c_form_page(VALUE rb_form) {
FORM* form = get_form(rb_form);
return INT2NUM(form_page(form));
}
