49 fprintf(stderr,
"%s (%s) version %s\n",
50 progname, PACKAGE_NAME, PACKAGE_VERSION);
57 "usage: %s [-c config] [-vV] command [options]\n",
60 fprintf(stderr,
" login\n");
61 fprintf(stderr,
" logout\n");
62 fprintf(stderr,
" list [repository]\n");
63 fprintf(stderr,
" generate <repository> rsa <keysize>\n");
64 fprintf(stderr,
" remove <id>\n");
65 fprintf(stderr,
" purge <repository>\n");
66 fprintf(stderr,
" dnskey <id> <name>\n");
67 fprintf(stderr,
" test <repository>\n");
68 fprintf(stderr,
" info\n");
70 fprintf(stderr,
" debug\n");
77 printf(
"The tokens are now logged in.\n");
86 printf(
"Failed to erase the credentials.\n");
91 printf(
"The credentials has been erased.\n");
100 char *repository = NULL;
102 size_t key_count = 0;
103 size_t key_count_valid = 0;
106 const char *key_info_format =
"%-20s %-32s %-10s\n";
110 repository = strdup(argv[0]);
120 fprintf(stdout,
"\nListing keys in repository: %s\n", repository);
123 fprintf(stdout,
"\nListing keys in all repositories.\n");
127 fprintf(stdout,
"%u %s found.\n\n", (
unsigned int) key_count,
128 (key_count > 1 || key_count == 0 ?
"keys" :
"key"));
135 fprintf(stdout, key_info_format,
"Repository",
"ID",
"Type");
136 fprintf(stdout, key_info_format,
"----------",
"--",
"----");
138 for (i = 0; i < key_count; i++) {
155 snprintf(key_type,
sizeof(key_type),
"%s/%lu",
157 key_id = key_info->
id;
159 snprintf(key_type,
sizeof(key_type),
"UNKNOWN");
163 printf(key_info_format, key->
modulename, key_id, key_type);
169 if (key_count != key_count_valid) {
171 invalid_keys = key_count - key_count_valid;
173 fprintf(stderr,
"Warning: %u %s not usable by OpenDNSSEC was found.\n",
174 (
unsigned int) invalid_keys, invalid_keys > 1 ?
"keys" :
"key");
183 char *repository = NULL;
185 unsigned int keysize = 1024;
194 repository = strdup(argv[0]);
204 keysize = atoi(argv[2]);
206 if (!strcasecmp(algorithm,
"rsa")) {
207 printf(
"Generating %d bit RSA key in repository: %s\n",
208 keysize, repository);
216 printf(
"Key generation successful: %s\n",
217 key_info ? key_info->
id :
"NULL");
222 printf(
"Key generation failed.\n");
227 printf(
"Unknown algorithm: %s\n", algorithm);
247 id = strdup(argv[0]);
252 printf(
"Key not found: %s\n",
id);
259 printf(
"Key remove successful.\n");
261 printf(
"Key remove failed.\n");
273 int final_result = 0;
277 char *repository = NULL;
280 size_t key_count = 0;
288 repository = strdup(argv[0]);
298 printf(
"Purging all keys from repository: %s\n", repository);
301 printf(
"%u %s found.\n\n", (
unsigned int) key_count,
302 (key_count > 1 || key_count == 0 ?
"keys" :
"key"));
308 if (key_count == 0) {
312 printf(
"Are you sure you want to remove ALL keys from repository %s ? (YES/NO) ", repository);
313 fresult = fgets(confirm,
sizeof(confirm) - 1, stdin);
314 if (fresult == NULL || strncasecmp(confirm,
"yes", 3) != 0) {
315 printf(
"\nPurge cancelled.\n");
319 printf(
"\nStarting purge...\n");
322 for (i = 0; i < key_count; i++) {
330 printf(
"Key remove successful: %s\n",
331 key_info ? key_info->
id :
"NULL");
333 printf(
"Key remove failed: %s\n",
334 key_info ? key_info->
id :
"NULL");
342 printf(
"Purge done.\n");
362 id = strdup(argv[0]);
363 name = strdup(argv[1]);
368 printf(
"Key not found: %s\n",
id);
376 sign_params->
owner = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, name);
378 sign_params->
keytag = ldns_calc_keytag(dnskey_rr);
380 ldns_rr_print(stdout, dnskey_rr);
383 ldns_rr_free(dnskey_rr);
394 char *repository = NULL;
397 repository = strdup(argv[0]);
401 printf(
"Testing repository: %s\n\n", repository);
436 while ((ch = getopt(argc, argv,
"c:vVh")) != -1) {
466 if (!strcasecmp(argv[0],
"logout")) {
467 if (config) free(config);
475 fprintf(stderr,
"%s\n", error);
482 openlog(
"hsmutil", LOG_PID, LOG_USER);
484 if (!strcasecmp(argv[0],
"login")) {
488 }
else if (!strcasecmp(argv[0],
"list")) {
492 }
else if (!strcasecmp(argv[0],
"generate")) {
496 }
else if (!strcasecmp(argv[0],
"remove")) {
500 }
else if (!strcasecmp(argv[0],
"purge")) {
504 }
else if (!strcasecmp(argv[0],
"dnskey")) {
508 }
else if (!strcasecmp(argv[0],
"test")) {
512 }
else if (!strcasecmp(argv[0],
"info")) {
516 }
else if (!strcasecmp(argv[0],
"debug")) {
528 if (config) free(config);
void hsm_key_free(hsm_key_t *key)
int cmd_info(hsm_ctx_t *ctx)
int cmd_purge(int argc, char *argv[])
char * hsm_get_error(hsm_ctx_t *gctx)
hsm_key_t * hsm_find_key_by_id(hsm_ctx_t *ctx, const char *id)
int cmd_generate(int argc, char *argv[])
hsm_key_info_t * hsm_get_key_info(hsm_ctx_t *ctx, const hsm_key_t *key)
void hsm_sign_params_free(hsm_sign_params_t *params)
int cmd_list(int argc, char *argv[])
int main(int argc, char *argv[])
int hsm_test(hsm_ctx_t *ctx, const char *repository)
int cmd_remove(int argc, char *argv[])
void hsm_key_list_free(hsm_key_t **key_list, size_t count)
ldns_rr * hsm_get_dnskey(hsm_ctx_t *ctx, const hsm_key_t *key, const hsm_sign_params_t *sign_params)
void hsm_destroy_context(hsm_ctx_t *ctx)
void hsm_print_tokeninfo(hsm_ctx_t *ctx)
int hsm_open(const char *config, char *(pin_callback)(unsigned int, const char *, unsigned int))
hsm_key_t ** hsm_list_keys(hsm_ctx_t *ctx, size_t *count)
void hsm_key_info_free(hsm_key_info_t *key_info)
int cmd_test(int argc, char *argv[])
int hsm_token_attached(hsm_ctx_t *ctx, const char *repository)
hsm_sign_params_t * hsm_sign_params_new()
void hsm_print_key(hsm_ctx_t *ctx, hsm_key_t *key)
int cmd_dnskey(int argc, char *argv[])
int hsm_remove_key(hsm_ctx_t *ctx, hsm_key_t *key)
hsm_ctx_t * hsm_create_context()
hsm_key_t ** hsm_list_keys_repository(hsm_ctx_t *ctx, size_t *count, const char *repository)
void hsm_print_ctx(hsm_ctx_t *ctx)
hsm_key_t * hsm_generate_rsa_key(hsm_ctx_t *ctx, const char *repository, unsigned long keysize)
char * hsm_prompt_pin(unsigned int id, const char *repository, unsigned int mode)
int cmd_debug(hsm_ctx_t *ctx)
void hsm_print_error(hsm_ctx_t *gctx)