[rs-commit] r64 - in /redwax-tool/trunk: redwax-tool.c redwax-tool.h redwax_openssl.c
rs-commit at redwax.eu
rs-commit at redwax.eu
Wed Nov 24 16:07:04 CET 2021
Author: minfrin at redwax.eu
Date: Wed Nov 24 16:07:03 2021
New Revision: 64
Log:
Wire in a placeholder to support JWKS in future.
Modified:
redwax-tool/trunk/redwax-tool.c
redwax-tool/trunk/redwax-tool.h
redwax-tool/trunk/redwax_openssl.c
Modified: redwax-tool/trunk/redwax-tool.c
==============================================================================
--- redwax-tool/trunk/redwax-tool.c (original)
+++ redwax-tool/trunk/redwax-tool.c Wed Nov 24 16:07:03 2021
@@ -67,6 +67,7 @@
APR_HOOK_LINK(process_pkcs11_module_out);
APR_HOOK_LINK(process_metadata_out);
APR_HOOK_LINK(complete_format_out);
+ APR_HOOK_LINK(process_jwks_out);
APR_HOOK_LINK(set_format_out);
APR_HOOK_LINK(search_chain);
APR_HOOK_LINK(search_key);
@@ -118,6 +119,8 @@
(redwax_tool_t * r, const char *arg), (r, arg), DECLINED);
APR_IMPLEMENT_EXTERNAL_HOOK_RUN_FIRST(rt, REDWAX, int, complete_format_out,
(redwax_tool_t * r, apr_hash_t *formats), (r, formats), DECLINED);
+APR_IMPLEMENT_EXTERNAL_HOOK_RUN_FIRST(rt, REDWAX, int, process_jwks_out,
+ (redwax_tool_t * r, const char *arg), (r, arg), DECLINED);
APR_IMPLEMENT_EXTERNAL_HOOK_RUN_FIRST(rt, REDWAX, apr_status_t, search_chain,
(redwax_tool_t * r, const redwax_certificate_t *cert,
const redwax_certificate_t **current), (r, cert, current), DECLINED);
@@ -175,6 +178,7 @@
#define REDWAX_TOOL_PKCS11_MODULE_OUT 291
#define REDWAX_TOOL_METADATA_OUT 292
#define REDWAX_TOOL_FORMAT_OUT 293
+#define REDWAX_TOOL_JWKS_OUT 294
#define REDWAX_EXIT_OK 0
#define REDWAX_EXIT_INIT 1
@@ -253,6 +257,9 @@
{ "pkcs11-module-out", REDWAX_TOOL_PKCS11_MODULE_OUT, 1, " --pkcs11-module-out=mod\tSpecify the name of the PKCS11 module to be used,\n\t\t\t\toverriding system defaults. If relative, use the\n\t\t\t\tdefault PKCS11 module path, otherwise specify the\n\t\t\t\tabsolute path. Include the extension of the module." },
{ "metadata-out", REDWAX_TOOL_METADATA_OUT, 1, " --metadata-out=file\t\tWrite metadata of each certificate and key to the\n\t\t\t\tgiven file in the format given by the format\n\t\t\t\tparameter." },
{ "format-out", REDWAX_TOOL_FORMAT_OUT, 1, " --format-out=xml|json\t\tFormat of output metadata." },
+#if 0
+ { "jwks-out", REDWAX_TOOL_JWKS_OUT, 1, " --jwks-out=file\t\tWrite keys to the given file as an RFC7517 JSON\n\t\t\t\tWeb Key Set." },
+#endif
{ NULL }
};
@@ -1997,6 +2004,14 @@
return status;
}
+static apr_status_t redwax_jwks_out(redwax_tool_t *r, const char *arg)
+{
+
+ apr_status_t status = rt_run_process_jwks_out(r, arg);
+
+ return status;
+}
+
void redwax_add_default_hooks()
{
rt_hook_complete_filter(redwax_complete_filter_passthrough, NULL, NULL, APR_HOOK_MIDDLE);
@@ -2242,6 +2257,10 @@
redwax_format_out(r, optarg);
break;
}
+ case REDWAX_TOOL_JWKS_OUT: {
+ redwax_jwks_out(r, optarg);
+ break;
+ }
}
}
@@ -2377,6 +2396,10 @@
}
case REDWAX_TOOL_FORMAT_OUT: {
redwax_complete_format_out(r, optarg, state.isquoted);
+ break;
+ }
+ case REDWAX_TOOL_JWKS_OUT: {
+ redwax_complete_file(r, optarg, state.isquoted);
break;
}
}
@@ -2571,6 +2594,10 @@
redwax_complete_format_out(r, "", state.isquoted);
break;
}
+ case REDWAX_TOOL_JWKS_OUT: {
+ redwax_complete_file(r, "", state.isquoted);
+ break;
+ }
}
break;
Modified: redwax-tool/trunk/redwax-tool.h
==============================================================================
--- redwax-tool/trunk/redwax-tool.h (original)
+++ redwax-tool/trunk/redwax-tool.h Wed Nov 24 16:07:03 2021
@@ -486,6 +486,14 @@
(redwax_tool_t *r, const char *arg));
/**
+ * Hook to handle the output of JWK sets.
+ *
+ * @param r The redwax-tool context.
+ */
+APR_DECLARE_EXTERNAL_HOOK(rt, REDWAX, apr_status_t, process_jwks_out,
+ (redwax_tool_t *r, const char *arg));
+
+/**
* Hook to complete verification parameters.
*
* @param r The redwax-tool context.
Modified: redwax-tool/trunk/redwax_openssl.c
==============================================================================
--- redwax-tool/trunk/redwax_openssl.c (original)
+++ redwax-tool/trunk/redwax_openssl.c Wed Nov 24 16:07:03 2021
@@ -2345,6 +2345,13 @@
return DECLINED;
}
+static apr_status_t redwax_openssl_process_jwks_out(redwax_tool_t *r,
+ const char *file)
+{
+ /* placeholder for the JWK set implementation */
+ return APR_ENOTIMPL;
+}
+
static apr_status_t redwax_openssl_search_chain(redwax_tool_t *r,
const redwax_certificate_t *cert,
const redwax_certificate_t **current)
@@ -3104,6 +3111,7 @@
rt_hook_process_metadata_out(redwax_openssl_process_metadata_out, NULL, NULL, APR_HOOK_MIDDLE);
rt_hook_complete_format_out(redwax_openssl_complete_format_out, NULL, NULL, APR_HOOK_MIDDLE);
rt_hook_set_format_out(redwax_openssl_set_format_out, NULL, NULL, APR_HOOK_MIDDLE);
+ rt_hook_process_jwks_out(redwax_openssl_process_jwks_out, NULL, NULL, APR_HOOK_MIDDLE);
rt_hook_search_chain(redwax_openssl_search_chain, NULL, NULL, APR_HOOK_MIDDLE);
rt_hook_search_key(redwax_openssl_search_key, NULL, NULL, APR_HOOK_MIDDLE);
rt_hook_compare_certificate(redwax_openssl_compare_certificate, NULL, NULL, APR_HOOK_MIDDLE);
More information about the rs-commit
mailing list