diff options
| author | René Korthaus <[email protected]> | 2015-07-01 23:23:54 +0200 |
|---|---|---|
| committer | René Korthaus <[email protected]> | 2015-07-01 23:31:29 +0200 |
| commit | 33d37b062091faa42f03a117b1e7494a8c2c4343 (patch) | |
| tree | 10bad6e2092fed71a06826d9460f2ecc9f0d5b47 /src | |
| parent | cb3d7db72be550df3cce223a08e74c79eab24205 (diff) | |
Add PKCS#8 private/public key processing tool
This tool works similar to 'openssl pkey' in that it allows to
read a private key from file and output the private or
corresponding public key to file. It also allows changing a
private key passphrase this way. This tool comes in handy when
replacing use of openssl in scripts.
The syntax is:
botan pkcs8 --in=private.pem --out=key_out.pem [--pubout] [--passin=] [--passout=] [--pbe=]
Diffstat (limited to 'src')
| -rw-r--r-- | src/cmd/pkcs8.cpp | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/src/cmd/pkcs8.cpp b/src/cmd/pkcs8.cpp new file mode 100644 index 000000000..88f6543de --- /dev/null +++ b/src/cmd/pkcs8.cpp @@ -0,0 +1,66 @@ +/* +* (C) 2015 René Korthaus +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#include "apps.h" +#include <iostream> +#include <fstream> +#include <string> +#include <memory> +#include <chrono> +#include <botan/pk_keys.h> +#include <botan/pkcs8.h> +#include <botan/x509_key.h> + +using namespace Botan; + +namespace { + +int pkcs8(int argc, char* argv[]) + { + BOTAN_UNUSED(argc); + OptionParser opts("in=|out=|passin=|passout=|pbe=|pubout"); + opts.parse(argv); + + const std::string passin = opts.value_or_else("passin", ""); + const std::string passout = opts.value_or_else("passout", ""); + const std::string pbe = opts.value_or_else("pbe", ""); + + try + { + std::ofstream out_key(opts.value("out")); + + if (!out_key) + { + std::cout << "Couldn't write key" << std::endl; + return 1; + } + + AutoSeeded_RNG rng; + std::unique_ptr<Private_Key> key(PKCS8::load_key(opts.value("in"), rng, passin)); + + if(opts.is_set("pubout")) + { + out_key << X509::PEM_encode(*key); + } + else + { + if(passout.empty()) + out_key << PKCS8::PEM_encode(*key); + else + out_key << PKCS8::PEM_encode(*key, rng, passout, std::chrono::milliseconds(300), pbe); + } + } + catch(std::exception& e) + { + std::cout << "Exception caught: " << e.what() << std::endl; + } + + return 0; + } + +REGISTER_APP(pkcs8); + +} |