diff options
| -rwxr-xr-x | tests/devkeys/create_new_keys.sh | 2 | ||||
| -rwxr-xr-x | tests/gen_test_keys.sh | 2 | ||||
| -rwxr-xr-x | utility/dev_make_keypair | 2 | ||||
| -rw-r--r-- | utility/dumpRSAPublicKey.c | 48 |
4 files changed, 33 insertions, 21 deletions
diff --git a/tests/devkeys/create_new_keys.sh b/tests/devkeys/create_new_keys.sh index 6faba532..625fbc6c 100755 --- a/tests/devkeys/create_new_keys.sh +++ b/tests/devkeys/create_new_keys.sh @@ -42,7 +42,7 @@ function make_pair { openssl req -batch -new -x509 -key "${base}_${len}.pem" \ -out "${base}_${len}.crt" # generate pre-processed RSA public key - dumpRSAPublicKey "${base}_${len}.crt" > "${base}_${len}.keyb" + dumpRSAPublicKey -cert "${base}_${len}.crt" > "${base}_${len}.keyb" # wrap the public key vbutil_key \ diff --git a/tests/gen_test_keys.sh b/tests/gen_test_keys.sh index 1bf995b2..11545d22 100755 --- a/tests/gen_test_keys.sh +++ b/tests/gen_test_keys.sh @@ -32,7 +32,7 @@ function generate_keys { -out ${key_base}.crt # Generate pre-processed key for use by RSA signature verification code. - ${UTIL_DIR}/dumpRSAPublicKey ${key_base}.crt \ + ${UTIL_DIR}/dumpRSAPublicKey -cert ${key_base}.crt \ > ${key_base}.keyb alg_index=0 diff --git a/utility/dev_make_keypair b/utility/dev_make_keypair index b0558260..d1d34ad4 100755 --- a/utility/dev_make_keypair +++ b/utility/dev_make_keypair @@ -53,7 +53,7 @@ function make_pair { openssl req -batch -new -x509 -key "${base}_${len}.pem" \ -out "${base}_${len}.crt" # generate pre-processed RSA public key - dumpRSAPublicKey "${base}_${len}.crt" > "${base}_${len}.keyb" + dumpRSAPublicKey -cert "${base}_${len}.crt" > "${base}_${len}.keyb" # wrap the public key vbutil_key \ diff --git a/utility/dumpRSAPublicKey.c b/utility/dumpRSAPublicKey.c index 837303cb..da8597af 100644 --- a/utility/dumpRSAPublicKey.c +++ b/utility/dumpRSAPublicKey.c @@ -136,40 +136,52 @@ failure: } int main(int argc, char* argv[]) { + int cert_mode = 0; FILE* fp; X509* cert = NULL; RSA* pubkey = NULL; EVP_PKEY* key; - if (argc != 2) { - fprintf(stderr, "Usage: %s <certfile>\n", argv[0]); + if (argc != 3 || (strcmp(argv[1], "-cert") && strcmp(argv[1], "-pub"))) { + fprintf(stderr, "Usage: %s <-cert | -pub> <file>\n", argv[0]); return -1; } - fp = fopen(argv[1], "r"); + if (!strcmp(argv[1], "-cert")) + cert_mode = 1; + + fp = fopen(argv[2], "r"); if (!fp) { - fprintf(stderr, "Couldn't open certificate file!\n"); + fprintf(stderr, "Couldn't open file %s!\n", argv[2]); return -1; } - /* Read the certificate */ - if (!PEM_read_X509(fp, &cert, NULL, NULL)) { - fprintf(stderr, "Couldn't read certificate.\n"); - goto fail; - } - - /* Get the public key from the certificate. */ - key = X509_get_pubkey(cert); - - /* Convert to a RSA_style key. */ - if (!(pubkey = EVP_PKEY_get1_RSA(key))) { - fprintf(stderr, "Couldn't convert to a RSA style key.\n"); - goto fail; + if (cert_mode) { + /* Read the certificate */ + if (!PEM_read_X509(fp, &cert, NULL, NULL)) { + fprintf(stderr, "Couldn't read certificate.\n"); + goto fail; + } + + /* Get the public key from the certificate. */ + key = X509_get_pubkey(cert); + + /* Convert to a RSA_style key. */ + if (!(pubkey = EVP_PKEY_get1_RSA(key))) { + fprintf(stderr, "Couldn't convert to a RSA style key.\n"); + goto fail; + } + } else { + /* Read the pubkey in .PEM format. */ + if (!(pubkey = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL))) { + fprintf(stderr, "Couldn't read public key file.\n"); + goto fail; + } } if (check(pubkey)) { - output (pubkey); + output(pubkey); } fail: |