oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

add selection on KU and printing to query

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18021 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-09-05 19:35:13 +00:00
parent 35287059cf
commit caa0fe8295
2 changed files with 45 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
lib/hx509/hxtool-commands.in
View File

@@ -344,6 +344,21 @@ command = {
argument = "name" argument = "name"
help = "match on friendly name" help = "match on friendly name"
} }
option = {
long = "keyEncipherment"
type = "flag"
help = "match keyEncipherment certificates"
}
option = {
long = "digitalSignature"
type = "flag"
help = "match digitalSignature certificates"
}
option = {
long = "print"
type = "flag"
help = "print matches"
}
option = { option = {
long = "pass" long = "pass"
type = "strings" type = "strings"

41
lib/hx509/hxtool.c
View File

@@ -421,20 +421,13 @@ cms_create_enveloped(struct cms_envelope_options *opt, int argc, char **argv)
return 0; return 0;
} }
struct print_s { static void
int counter; print_certificate(hx509_context hxcontext, hx509_cert cert, int verbose)
int verbose;
};
static int
print_f(hx509_context hxcontext, void *ctx, hx509_cert cert)
{ {
struct print_s *s = ctx;
hx509_name name; hx509_name name;
char *str; char *str;
int ret; int ret;
printf("cert: %d", s->counter++);
{ {
const char *fn = hx509_cert_get_friendly_name(cert); const char *fn = hx509_cert_get_friendly_name(cert);
if (fn) if (fn)
@@ -457,7 +450,7 @@ print_f(hx509_context hxcontext, void *ctx, hx509_cert cert)
printf(" subject: \"%s\"\n", str); printf(" subject: \"%s\"\n", str);
free(str); free(str);
if (s->verbose) { if (verbose) {
hx509_validate_ctx vctx; hx509_validate_ctx vctx;
hx509_validate_ctx_init(hxcontext, &vctx); hx509_validate_ctx_init(hxcontext, &vctx);
@@ -467,6 +460,21 @@ print_f(hx509_context hxcontext, void *ctx, hx509_cert cert)
hx509_validate_cert(hxcontext, vctx, cert); hx509_validate_cert(hxcontext, vctx, cert);
} }
}
struct print_s {
int counter;
int verbose;
};
static int
print_f(hx509_context hxcontext, void *ctx, hx509_cert cert)
{
struct print_s *s = ctx;
printf("cert: %d", s->counter++);
print_certificate(context, cert, s->verbose);
return 0; return 0;
} }
@@ -678,12 +686,23 @@ query(struct query_options *opt, int argc, char **argv)
if (opt->private_key_flag) if (opt->private_key_flag)
hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY); hx509_query_match_option(q, HX509_QUERY_OPTION_PRIVATE_KEY);
if (opt->keyEncipherment_flag)
hx509_query_match_option(q, HX509_QUERY_OPTION_KU_ENCIPHERMENT);
if (opt->digitalSignature_flag)
hx509_query_match_option(q, HX509_QUERY_OPTION_KU_DIGITALSIGNATURE);
ret = hx509_certs_find(context, certs, q, &c); ret = hx509_certs_find(context, certs, q, &c);
hx509_query_free(context, q); hx509_query_free(context, q);
if (ret) if (ret)
warnx("hx509_certs_find: %d", ret); warnx("hx509_certs_find: %d", ret);
else else {
printf("match found\n"); printf("match found\n");
if (opt->print_flag)
print_certificate(context, c, 0);
}
hx509_cert_free(c);
hx509_lock_free(lock); hx509_lock_free(lock);