genkey.c revision 30a5e8fa1253cb33980ee4514743cf683f584b4e
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <stdio.h>
#include <string.h>
#include <ctype.h>
#include <malloc.h>
#include <libgen.h>
#include <errno.h>
#include <cryptoutil.h>
#include <security/cryptoki.h>
#include "common.h"
#include <kmfapi.h>
static KMF_RETURN
{
int i = 0;
gettext("A key label must be specified \n"));
return (KMF_ERR_BAD_PARAMETER);
}
return (kmfrv);
i++;
i++;
i++;
i++;
i++;
}
sizeof (KMF_CREDENTIAL));
i++;
}
i++;
}
return (kmfrv);
}
static KMF_RETURN
{
int hexstrlen;
int i = 0;
gettext("A key label must be specified \n"));
return (KMF_ERR_BAD_PARAMETER);
}
/* Check the sensitive option value if specified. */
else {
gettext("Incorrect sensitive option value.\n"));
return (KMF_ERR_BAD_PARAMETER);
}
}
/* Check the extractable option value if specified. */
else {
gettext("Incorrect extractable option value.\n"));
return (KMF_ERR_BAD_PARAMETER);
}
}
/* Select a PKCS11 token first */
return (kmfrv);
}
i++;
i++;
i++;
i++;
i++;
}
sizeof (KMF_CREDENTIAL));
i++;
}
sizeof (sensitive));
i++;
sizeof (not_extractable));
i++;
goto out;
}
if (print_hex) {
gettext("Warning: can not reveal the key value "
"for a sensitive or non-extractable key.\n"));
goto out;
} else {
goto out;
}
goto out;
}
goto out;
}
}
}
out:
return (kmfrv);
}
static KMF_RETURN
{
int hexstrlen;
int i = 0;
char *dirpath;
if (EMPTYSTRING(outkey)) {
gettext("No output key file was specified for the key\n"));
return (KMF_ERR_BAD_PARAMETER);
}
if (verify_file(outkey)) {
gettext("Cannot write the indicated output "
"key file (%s).\n"), outkey);
return (KMF_ERR_BAD_PARAMETER);
}
i++;
i++;
i++;
i++;
i++;
}
i++;
}
goto out;
}
if (print_hex) {
goto out;
}
goto out;
}
goto out;
}
}
out:
return (kmfrv);
}
int
{
int rv;
int opt;
extern int optind_av;
extern char *optarg_av;
char *keytype = "generic";
int keylen = 0;
"k:(keystore)l:(label)T:(token)d:(dir)p:(prefix)"
"t:(keytype)y:(keylen)K:(outkey)P:(print)"
"s:(sensitive)e:(extractable)")) != EOF) {
if (EMPTYSTRING(optarg_av))
return (PK_ERR_USAGE);
switch (opt) {
case 'k':
if (kstype == 0)
return (PK_ERR_USAGE);
break;
case 'l':
if (keylabel)
return (PK_ERR_USAGE);
break;
case 'T':
if (tokenname)
return (PK_ERR_USAGE);
break;
case 'd':
if (dir)
return (PK_ERR_USAGE);
break;
case 'p':
if (prefix)
return (PK_ERR_USAGE);
break;
case 't':
break;
case 'y':
if (keylenstr)
return (PK_ERR_USAGE);
break;
case 'K':
if (outkey)
return (PK_ERR_USAGE);
break;
case 'P':
if (printstr)
return (PK_ERR_USAGE);
break;
case 's':
if (senstr)
return (PK_ERR_USAGE);
break;
case 'e':
if (extstr)
return (PK_ERR_USAGE);
break;
default:
return (PK_ERR_USAGE);
}
}
/* No additional args allowed. */
if (argc) {
return (PK_ERR_USAGE);
}
/* Check keytype. If not specified, default to AES */
keytype);
return (PK_ERR_USAGE);
}
/*
* Check and set the key length.
* - For DES and 3DES, the key size are fixed. Ingore the keylen
* option, even if it is specified.
* - For AES and ARCFOUR, if keylen is not specified, default to
* 128 bits.
*/
else /* AES, ARCFOUR, or GENERIC SECRET */ {
gettext("Key length must be specified for "
"AES, ARCFOUR or GENERIC symmetric keys.\n"));
return (PK_ERR_USAGE);
}
gettext("Unrecognized key length (%s).\n"),
keytype);
return (PK_ERR_USAGE);
}
gettext("Key length bitlength must be a "
"multiple of 8.\n"));
return (PK_ERR_USAGE);
}
}
/* check the print option */
if (kstype == KMF_KEYSTORE_NSS) {
gettext("The print option does not apply "
"to the NSS keystore.\n"));
return (PK_ERR_USAGE);
}
else {
gettext("Incorrect print option value.\n"));
return (PK_ERR_USAGE);
}
}
/* check the sensitive and extractable options */
gettext("The sensitive or extractable option applies "
"to the PKCS11 keystore only.\n"));
return (PK_ERR_USAGE);
}
}
goto end;
}
if (kstype == KMF_KEYSTORE_NSS) {
} else if (kstype == KMF_KEYSTORE_OPENSSL) {
} else {
}
end:
gettext("Error generating key"));
(void) kmf_finalize(kmfhandle);
return (PK_ERR_USAGE);
return (0);
}