[rs-commit] r76 - in /redwax-tool/trunk: redwax-tool.c redwax-tool.h
rs-commit at redwax.eu
rs-commit at redwax.eu
Wed Nov 24 22:15:16 CET 2021
Author: minfrin at redwax.eu
Date: Wed Nov 24 22:15:15 2021
New Revision: 76
Log:
Wire through future support for pkcs12 in.
Modified:
redwax-tool/trunk/redwax-tool.c
redwax-tool/trunk/redwax-tool.h
Modified: redwax-tool/trunk/redwax-tool.c
==============================================================================
--- redwax-tool/trunk/redwax-tool.c (original)
+++ redwax-tool/trunk/redwax-tool.c Wed Nov 24 22:15:15 2021
@@ -52,6 +52,7 @@
APR_HOOK_LINK(process_pkcs11_in);
APR_HOOK_LINK(complete_pkcs11_module_in);
APR_HOOK_LINK(process_pkcs11_module_in);
+ APR_HOOK_LINK(process_pkcs12_in);
APR_HOOK_LINK(complete_filter);
APR_HOOK_LINK(process_filter);
APR_HOOK_LINK(complete_nss_out);
@@ -92,6 +93,8 @@
(redwax_tool_t * r, const char *arg), (r, arg), DECLINED);
APR_IMPLEMENT_EXTERNAL_HOOK_RUN_FIRST(rt, REDWAX, int, complete_pkcs11_module_in,
(redwax_tool_t * r, const char *mod, redwax_token_quoted_e quoted), (r, mod, quoted), DECLINED);
+APR_IMPLEMENT_EXTERNAL_HOOK_RUN_FIRST(rt, REDWAX, int, process_pkcs12_in,
+ (redwax_tool_t * r, const char *arg, const char *secret), (r, arg, secret), DECLINED);
APR_IMPLEMENT_EXTERNAL_HOOK_RUN_ALL(rt, REDWAX, int, complete_filter,
(redwax_tool_t * r, apr_hash_t *filters), (r, filters), OK, DECLINED);
APR_IMPLEMENT_EXTERNAL_HOOK_RUN_FIRST(rt, REDWAX, int, process_filter,
@@ -143,42 +146,43 @@
#define REDWAX_TOOL_PEM_IN 256
#define REDWAX_TOOL_PKCS11_IN 257
#define REDWAX_TOOL_PKCS11_MODULE_IN 258
-#define REDWAX_TOOL_FILTER 259
-#define REDWAX_TOOL_EMAIL 260
-#define REDWAX_TOOL_HOSTNAME 261
-#define REDWAX_TOOL_IP 262
-#define REDWAX_TOOL_CURRENT 263
-#define REDWAX_TOOL_CERT_OUT 264
-#define REDWAX_TOOL_NO_CERT_OUT 265
-#define REDWAX_TOOL_CHAIN_OUT 266
-#define REDWAX_TOOL_NO_CHAIN_OUT 267
-#define REDWAX_TOOL_ROOT_OUT 268
-#define REDWAX_TOOL_NO_ROOT_OUT 269
-#define REDWAX_TOOL_TRUST_OUT 270
-#define REDWAX_TOOL_NO_TRUST_OUT 271
-#define REDWAX_TOOL_CRL_OUT 272
-#define REDWAX_TOOL_NO_CRL_OUT 273
-#define REDWAX_TOOL_KEY_IN 274
-#define REDWAX_TOOL_NO_KEY_IN 275
-#define REDWAX_TOOL_KEY_OUT 276
-#define REDWAX_TOOL_NO_KEY_OUT 277
-#define REDWAX_TOOL_AUTO_OUT 278
-#define REDWAX_TOOL_NO_AUTO_OUT 279
-#define REDWAX_TOOL_VERIFY_PARAM 280
-#define REDWAX_TOOL_SECRET_SUFFIX_IN 281
-#define REDWAX_TOOL_SECRET_SUFFIX_OUT 282
-#define REDWAX_TOOL_SECRET_TOKEN_IN 283
-#define REDWAX_TOOL_SECRET_TOKEN_OUT 284
-#define REDWAX_TOOL_LABEL_OUT 285
-#define REDWAX_TOOL_NSS_OUT 286
-#define REDWAX_TOOL_NSS_SLOT_OUT 287
-#define REDWAX_TOOL_PEM_OUT 288
-#define REDWAX_TOOL_PKCS12_OUT 289
-#define REDWAX_TOOL_PKCS11_OUT 290
-#define REDWAX_TOOL_PKCS11_MODULE_OUT 291
-#define REDWAX_TOOL_METADATA_OUT 292
-#define REDWAX_TOOL_FORMAT_OUT 293
-#define REDWAX_TOOL_JWKS_OUT 294
+#define REDWAX_TOOL_PKCS12_IN 259
+#define REDWAX_TOOL_FILTER 260
+#define REDWAX_TOOL_EMAIL 261
+#define REDWAX_TOOL_HOSTNAME 262
+#define REDWAX_TOOL_IP 263
+#define REDWAX_TOOL_CURRENT 264
+#define REDWAX_TOOL_CERT_OUT 265
+#define REDWAX_TOOL_NO_CERT_OUT 266
+#define REDWAX_TOOL_CHAIN_OUT 267
+#define REDWAX_TOOL_NO_CHAIN_OUT 268
+#define REDWAX_TOOL_ROOT_OUT 269
+#define REDWAX_TOOL_NO_ROOT_OUT 270
+#define REDWAX_TOOL_TRUST_OUT 271
+#define REDWAX_TOOL_NO_TRUST_OUT 272
+#define REDWAX_TOOL_CRL_OUT 273
+#define REDWAX_TOOL_NO_CRL_OUT 274
+#define REDWAX_TOOL_KEY_IN 275
+#define REDWAX_TOOL_NO_KEY_IN 276
+#define REDWAX_TOOL_KEY_OUT 277
+#define REDWAX_TOOL_NO_KEY_OUT 278
+#define REDWAX_TOOL_AUTO_OUT 279
+#define REDWAX_TOOL_NO_AUTO_OUT 280
+#define REDWAX_TOOL_VERIFY_PARAM 281
+#define REDWAX_TOOL_SECRET_SUFFIX_IN 282
+#define REDWAX_TOOL_SECRET_SUFFIX_OUT 283
+#define REDWAX_TOOL_SECRET_TOKEN_IN 284
+#define REDWAX_TOOL_SECRET_TOKEN_OUT 285
+#define REDWAX_TOOL_LABEL_OUT 286
+#define REDWAX_TOOL_NSS_OUT 287
+#define REDWAX_TOOL_NSS_SLOT_OUT 288
+#define REDWAX_TOOL_PEM_OUT 289
+#define REDWAX_TOOL_PKCS12_OUT 290
+#define REDWAX_TOOL_PKCS11_OUT 291
+#define REDWAX_TOOL_PKCS11_MODULE_OUT 292
+#define REDWAX_TOOL_METADATA_OUT 293
+#define REDWAX_TOOL_FORMAT_OUT 294
+#define REDWAX_TOOL_JWKS_OUT 295
#define REDWAX_EXIT_OK 0
#define REDWAX_EXIT_INIT 1
@@ -208,6 +212,9 @@
{ "secret-token-out", REDWAX_TOOL_SECRET_TOKEN_OUT, 1, " --secret-token-out=file\tIf specified, secrets needed to write\n\t\t\t\tcertificates and keys to tokens (PKCS11 and\n\t\t\t\tNSS) will be read from a file one secret per\n\t\t\t\tline. Each secret is preceded by the name of\n\t\t\t\tthe token and a colon, as per the NSS\n\t\t\t\tpwdfile.txt file." },
{ "label-out", REDWAX_TOOL_LABEL_OUT, 1, " --label-out=label\t\tSet the name of the label to be applied to\n\t\t\t\tthe leaf certificates. If unspecified, the\n\t\t\t\tlabel is set to the subject of the certificate." },
{ "pem-in", REDWAX_TOOL_PEM_IN, 1, " --pem-in=wildcard\t\tRead pem files from here. Use '-' for stdin." },
+#if 0
+ { "pkcs12-in", REDWAX_TOOL_PKCS12_IN, 1, " --pkcs12-in=file\t\tRead certificates, intermediate certificates,\n\t\t\t\troot certificates, crls, and keys from a PKCS12\n\t\t\t\tfile. Use '-' for stdin. Provide the secret\n\t\t\t\tusing --secret-suffix-in." },
+#endif
{ "pkcs11-in", REDWAX_TOOL_PKCS11_IN, 1, " --pkcs11-in=url\t\tRead certificates, intermediate certificates,\n\t\t\t\troot certificates, crls, and keys from a PKCS11\n\t\t\t\ttoken identified by the given url." },
{ "pkcs11-module-in", REDWAX_TOOL_PKCS11_MODULE_IN, 1, " --pkcs11-module-in=mod\tSpecify the name of the PKCS11 module to be used,\n\t\t\t\toverriding system defaults. If relative, use the\n\t\t\t\tdefault PKCS11 module path, otherwise specify the\n\t\t\t\tabsolute path. Include the extension of the module." },
{ "filter", REDWAX_TOOL_FILTER, 1, " --filter=type\t\t\tApply the given filter to pass inputs to the\n\t\t\t\toutputs. \"search\" will pass through all\n\t\t\t\tcertificates matching the given hostname,\n\t\t\t\temail or ip address. \"verify\" will pass all\n\t\t\t\tleaf certificates that can be successfully\n\t\t\t\tverified through the certificate chain to a\n\t\t\t\ttrusted root certificate. With the default\n\t\t\t\t\"passthrough\", all certificates, csrs, and\n\t\t\t\tkeys are passed through." },
@@ -2127,6 +2134,10 @@
redwax_pkcs11_module_in(r, optarg);
break;
}
+ case REDWAX_TOOL_PKCS12_IN: {
+ redwax_dir_walk(r, optarg, &rt_run_process_pkcs12_in);
+ break;
+ }
}
}
@@ -2371,6 +2382,10 @@
redwax_complete_file(r, optarg, state.isquoted);
break;
}
+ case REDWAX_TOOL_PKCS12_IN: {
+ redwax_complete_file(r, optarg, state.isquoted);
+ break;
+ }
case REDWAX_TOOL_FILTER: {
redwax_complete_filter(r, optarg, state.isquoted);
break;
@@ -2461,8 +2476,13 @@
redwax_dir_walk(r, optarg, &rt_run_process_pem_in);
break;
}
+ // FIXME: handle pkcs11 in
case REDWAX_TOOL_PKCS11_MODULE_IN: {
redwax_pkcs11_module_in(r, optarg);
+ break;
+ }
+ case REDWAX_TOOL_PKCS12_IN: {
+ redwax_dir_walk(r, optarg, &rt_run_process_pkcs12_in);
break;
}
case REDWAX_TOOL_NSS_OUT: {
@@ -2563,6 +2583,10 @@
rt_run_complete_pkcs11_module_in(r, "", state.isquoted);
break;
}
+ case REDWAX_TOOL_PKCS12_IN: {
+ redwax_complete_file(r, "", state.isquoted);
+ break;
+ }
case REDWAX_TOOL_SECRET_TOKEN_IN: {
redwax_complete_file(r, "", state.isquoted);
break;
Modified: redwax-tool/trunk/redwax-tool.h
==============================================================================
--- redwax-tool/trunk/redwax-tool.h (original)
+++ redwax-tool/trunk/redwax-tool.h Wed Nov 24 22:15:15 2021
@@ -466,6 +466,14 @@
(redwax_tool_t *r, const char *arg));
/**
+ * Hook to write outgoing PKCS12 file.
+ *
+ * @param r The redwax-tool context.
+ */
+APR_DECLARE_EXTERNAL_HOOK(rt, REDWAX, apr_status_t, process_pkcs12_in,
+ (redwax_tool_t *r, const char *arg, const char *secret));
+
+/**
* Hook to handle the output of metadata.
*
* @param r The redwax-tool context.
More information about the rs-commit
mailing list