summaryrefslogtreecommitdiff
path: root/tools
diff options
context:
space:
mode:
Diffstat (limited to 'tools')
-rw-r--r--tools/extract-info.c20
-rw-r--r--tools/extract-openssl.c11
-rw-r--r--tools/extract-pem.c11
-rw-r--r--tools/extract.c6
-rw-r--r--tools/extract.h8
-rw-r--r--tools/tests/test-extract.c45
6 files changed, 98 insertions, 3 deletions
diff --git a/tools/extract-info.c b/tools/extract-info.c
index 2ae9e04..536d36a 100644
--- a/tools/extract-info.c
+++ b/tools/extract-info.c
@@ -366,3 +366,23 @@ p11_extract_info_filename (p11_extract_info *extract)
return label;
}
+
+char *
+p11_extract_info_comment (p11_extract_info *ex,
+ bool first)
+{
+ char *comment;
+ char *label;
+
+ if (!(ex->flags & P11_EXTRACT_COMMENT))
+ return NULL;
+
+ label = extract_label (ex);
+ if (!asprintf (&comment, "%s# %s\n",
+ first ? "" : "\n",
+ label ? label : ""))
+ return_val_if_reached (NULL);
+
+ free (label);
+ return comment;
+}
diff --git a/tools/extract-openssl.c b/tools/extract-openssl.c
index c2cdeab..13a1e05 100644
--- a/tools/extract-openssl.c
+++ b/tools/extract-openssl.c
@@ -314,8 +314,10 @@ p11_extract_openssl_bundle (P11KitIter *iter,
{
p11_save_file *file;
p11_buffer buf;
+ char *comment;
bool ret = true;
size_t length;
+ bool first;
CK_RV rv;
char *pem;
@@ -323,6 +325,7 @@ p11_extract_openssl_bundle (P11KitIter *iter,
if (!file)
return false;
+ first = true;
while ((rv = p11_kit_iter_next (iter)) == CKR_OK) {
p11_buffer_init (&buf, 1024);
@@ -330,8 +333,14 @@ p11_extract_openssl_bundle (P11KitIter *iter,
pem = p11_pem_write (buf.data, buf.len, "TRUSTED CERTIFICATE", &length);
return_val_if_fail (pem != NULL, false);
- ret = p11_save_write (file, pem, length);
+ comment = p11_extract_info_comment (ex, first);
+ first = false;
+
+ ret = p11_save_write (file, comment, -1) &&
+ p11_save_write (file, pem, length);
+
free (pem);
+ free (comment);
}
p11_buffer_uninit (&buf);
diff --git a/tools/extract-pem.c b/tools/extract-pem.c
index e2ff974..4d03208 100644
--- a/tools/extract-pem.c
+++ b/tools/extract-pem.c
@@ -49,8 +49,10 @@ bool
p11_extract_pem_bundle (P11KitIter *iter,
p11_extract_info *ex)
{
+ char *comment;
p11_save_file *file;
bool ret = true;
+ bool first = true;
size_t length;
CK_RV rv;
char *pem;
@@ -63,8 +65,13 @@ p11_extract_pem_bundle (P11KitIter *iter,
pem = p11_pem_write (ex->cert_der, ex->cert_len, "CERTIFICATE", &length);
return_val_if_fail (pem != NULL, false);
- p11_debug ("writing 'CERTIFICATE' PEM block of size %lu", (unsigned long)length);
- ret = p11_save_write (file, pem, length);
+ comment = p11_extract_info_comment (ex, first);
+ first = false;
+
+ ret = p11_save_write (file, comment, -1) &&
+ p11_save_write (file, pem, length);
+
+ free (comment);
free (pem);
if (!ret)
diff --git a/tools/extract.c b/tools/extract.c
index fe5ba15..6bdedfe 100644
--- a/tools/extract.c
+++ b/tools/extract.c
@@ -298,6 +298,7 @@ p11_tool_extract (int argc,
opt_filter = 1000,
opt_purpose,
opt_format,
+ opt_comment,
};
struct option options[] = {
@@ -305,6 +306,7 @@ p11_tool_extract (int argc,
{ "format", required_argument, NULL, opt_format },
{ "purpose", required_argument, NULL, opt_purpose },
{ "overwrite", no_argument, NULL, opt_overwrite },
+ { "comment", no_argument, NULL, opt_comment },
{ "verbose", no_argument, NULL, opt_verbose },
{ "quiet", no_argument, NULL, opt_quiet },
{ "help", no_argument, NULL, opt_help },
@@ -342,6 +344,7 @@ p11_tool_extract (int argc,
"usage"
},
{ opt_overwrite, "overwrite output file or directory" },
+ { opt_comment, "add comments to bundles if possible" },
{ opt_verbose, "show verbose debug output", },
{ opt_quiet, "supress command output", },
{ 0 },
@@ -361,6 +364,9 @@ p11_tool_extract (int argc,
case opt_overwrite:
ex.flags |= P11_SAVE_OVERWRITE;
break;
+ case opt_comment:
+ ex.flags |= P11_EXTRACT_COMMENT;
+ break;
case opt_filter:
if (!filter_argument (optarg, &uri, &match))
return 2;
diff --git a/tools/extract.h b/tools/extract.h
index 32b4e35..dfd3a33 100644
--- a/tools/extract.h
+++ b/tools/extract.h
@@ -43,6 +43,11 @@
#include "iter.h"
#include "pkcs11.h"
+enum {
+ /* These overlap with the flags in save.h, so start higher */
+ P11_EXTRACT_COMMENT = 1 << 10,
+};
+
typedef struct {
p11_dict *asn1_defs;
p11_dict *limit_to_purposes;
@@ -83,6 +88,9 @@ void p11_extract_info_cleanup (p11_extract_info *ex);
char * p11_extract_info_filename (p11_extract_info *ex);
+char * p11_extract_info_comment (p11_extract_info *ex,
+ bool first);
+
typedef bool (* p11_extract_func) (P11KitIter *iter,
p11_extract_info *ex);
diff --git a/tools/tests/test-extract.c b/tools/tests/test-extract.c
index 5e2f6fe..69ba764 100644
--- a/tools/tests/test-extract.c
+++ b/tools/tests/test-extract.c
@@ -91,6 +91,49 @@ test_file_name_for_class (CuTest *tc)
p11_extract_info_cleanup (&ex);
}
+static void
+test_comment_for_label (CuTest *tc)
+{
+ CK_ATTRIBUTE label = { CKA_LABEL, "The Label!", 10 };
+ p11_extract_info ex;
+ char *comment;
+
+ p11_extract_info_init (&ex);
+
+ ex.flags = P11_EXTRACT_COMMENT;
+ ex.attrs = p11_attrs_build (NULL, &label, NULL);
+
+ comment = p11_extract_info_comment (&ex, true);
+ CuAssertStrEquals (tc, "# The Label!\n", comment);
+ free (comment);
+
+ comment = p11_extract_info_comment (&ex, false);
+ CuAssertStrEquals (tc, "\n# The Label!\n", comment);
+ free (comment);
+
+ p11_extract_info_cleanup (&ex);
+}
+
+static void
+test_comment_not_enabled (CuTest *tc)
+{
+ CK_ATTRIBUTE label = { CKA_LABEL, "The Label!", 10 };
+ p11_extract_info ex;
+ char *comment;
+
+ p11_extract_info_init (&ex);
+
+ ex.attrs = p11_attrs_build (NULL, &label, NULL);
+
+ comment = p11_extract_info_comment (&ex, true);
+ CuAssertPtrEquals (tc, NULL, comment);
+
+ comment = p11_extract_info_comment (&ex, false);
+ CuAssertPtrEquals (tc, NULL, comment);
+
+ p11_extract_info_cleanup (&ex);
+}
+
struct {
CK_FUNCTION_LIST module;
P11KitIter *iter;
@@ -334,6 +377,8 @@ main (void)
SUITE_ADD_TEST (suite, test_file_name_for_label);
SUITE_ADD_TEST (suite, test_file_name_for_class);
+ SUITE_ADD_TEST (suite, test_comment_for_label);
+ SUITE_ADD_TEST (suite, test_comment_not_enabled);
SUITE_ADD_TEST (suite, test_info_simple_certificate);
SUITE_ADD_TEST (suite, test_info_limit_purposes);
SUITE_ADD_TEST (suite, test_info_invalid_purposes);