51 fprintf(stderr,
"%s (%s) version %s\n",
52 progname, PACKAGE_NAME, PACKAGE_VERSION);
59 "usage: %s [-c config] [-vV] command [options]\n",
62 fprintf(stderr,
" login\n");
63 fprintf(stderr,
" logout\n");
64 fprintf(stderr,
" list [repository]\n");
65 fprintf(stderr,
" generate <repository> rsa <keysize>\n");
66 fprintf(stderr,
" remove <id>\n");
67 fprintf(stderr,
" purge <repository>\n");
68 fprintf(stderr,
" dnskey <id> <name>\n");
69 fprintf(stderr,
" test <repository>\n");
70 fprintf(stderr,
" info\n");
72 fprintf(stderr,
" debug\n");
79 printf(
"The tokens are now logged in.\n");
88 printf(
"Failed to erase the credentials.\n");
93 printf(
"The credentials has been erased.\n");
102 char *repository = NULL;
104 size_t key_count = 0;
105 size_t key_count_valid = 0;
109 const char *key_info_format =
"%-20s %-32s %-10s\n";
113 repository = strdup(argv[0]);
123 fprintf(stderr,
"Listing keys in repository: %s\n", repository);
126 fprintf(stderr,
"Listing keys in all repositories.\n");
130 fprintf(stderr,
"%u %s found.\n\n", (
unsigned int) key_count,
131 (key_count > 1 || key_count == 0 ?
"keys" :
"key"));
138 fprintf(stderr, key_info_format,
"Repository",
"ID",
"Type");
139 fprintf(stderr, key_info_format,
"----------",
"--",
"----");
141 for (i = 0; i < key_count; i++) {
158 snprintf(key_type,
sizeof(key_type),
"%s/%lu",
160 key_id = key_info->
id;
162 snprintf(key_type,
sizeof(key_type),
"UNKNOWN");
166 printf(key_info_format, key->
module->
name, key_id, key_type);
172 if (key_count != key_count_valid) {
174 invalid_keys = key_count - key_count_valid;
176 fprintf(stderr,
"Warning: %u %s not usable by OpenDNSSEC was found.\n",
177 (
unsigned int) invalid_keys, invalid_keys > 1 ?
"keys" :
"key");
186 char *repository = NULL;
188 unsigned int keysize = 1024;
198 repository = strdup(argv[0]);
207 algorithm = strdup(argv[1]);
208 keysize = atoi(argv[2]);
210 if (!strcasecmp(algorithm,
"rsa")) {
211 printf(
"Generating %d bit RSA key in repository: %s\n",
212 keysize, repository);
220 printf(
"Key generation successful: %s\n",
221 key_info ? key_info->
id :
"NULL");
226 printf(
"Key generation failed.\n");
231 printf(
"Unknown algorithm: %s\n", algorithm);
251 id = strdup(argv[0]);
256 printf(
"Key not found: %s\n",
id);
263 printf(
"Key remove successful.\n");
265 printf(
"Key remove failed.\n");
277 int final_result = 0;
281 char *repository = NULL;
284 size_t key_count = 0;
293 repository = strdup(argv[0]);
303 printf(
"Purging all keys from repository: %s\n", repository);
306 printf(
"%u %s found.\n\n", (
unsigned int) key_count,
307 (key_count > 1 || key_count == 0 ?
"keys" :
"key"));
313 if (key_count == 0) {
317 printf(
"Are you sure you want to remove ALL keys from repository %s ? (YES/NO) ", repository);
318 fresult = fgets(confirm,
sizeof(confirm) - 1, stdin);
319 if (fresult == NULL || strncasecmp(confirm,
"yes", 3) != 0) {
320 printf(
"\nPurge cancelled.\n");
324 printf(
"\nStarting purge...\n");
327 for (i = 0; i < key_count; i++) {
335 printf(
"Key remove successful: %s\n",
336 key_info ? key_info->
id :
"NULL");
338 printf(
"Key remove failed: %s\n",
339 key_info ? key_info->
id :
"NULL");
347 printf(
"Purge done.\n");
367 id = strdup(argv[0]);
368 name = strdup(argv[1]);
373 printf(
"Key not found: %s\n",
id);
381 sign_params->
owner = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, name);
383 sign_params->
keytag = ldns_calc_keytag(dnskey_rr);
385 ldns_rr_print(stdout, dnskey_rr);
388 ldns_rr_free(dnskey_rr);
399 char *repository = NULL;
402 repository = strdup(argv[0]);
406 printf(
"Testing repository: %s\n\n", repository);
441 while ((ch = getopt(argc, argv,
"c:vVh")) != -1) {
471 if (!strcasecmp(argv[0],
"logout")) {
472 if (config) free(config);
482 openlog(
"hsmutil", LOG_PID, LOG_USER);
484 if (!strcasecmp(argv[0],
"login")) {
488 }
else if (!strcasecmp(argv[0],
"list")) {
492 }
else if (!strcasecmp(argv[0],
"generate")) {
496 }
else if (!strcasecmp(argv[0],
"remove")) {
500 }
else if (!strcasecmp(argv[0],
"purge")) {
504 }
else if (!strcasecmp(argv[0],
"dnskey")) {
508 }
else if (!strcasecmp(argv[0],
"test")) {
512 }
else if (!strcasecmp(argv[0],
"info")) {
516 }
else if (!strcasecmp(argv[0],
"debug")) {
526 if (config) free(config);
void hsm_key_free(hsm_key_t *key)
int cmd_purge(int argc, char *argv[])
hsm_key_t * hsm_find_key_by_id(hsm_ctx_t *ctx, const char *id)
int cmd_generate(int argc, char *argv[])
hsm_key_info_t * hsm_get_key_info(hsm_ctx_t *ctx, const hsm_key_t *key)
void hsm_sign_params_free(hsm_sign_params_t *params)
int cmd_list(int argc, char *argv[])
void hsm_print_ctx(hsm_ctx_t *gctx)
int cmd_remove(int argc, char *argv[])
void hsm_key_list_free(hsm_key_t **key_list, size_t count)
ldns_rr * hsm_get_dnskey(hsm_ctx_t *ctx, const hsm_key_t *key, const hsm_sign_params_t *sign_params)
int hsm_open(const char *config, char *(pin_callback)(unsigned int, const char *, unsigned int))
hsm_key_t ** hsm_list_keys(hsm_ctx_t *ctx, size_t *count)
void hsm_key_info_free(hsm_key_info_t *key_info)
void hsm_print_key(hsm_key_t *key)
int cmd_test(int argc, char *argv[])
int hsm_token_attached(hsm_ctx_t *ctx, const char *repository)
int main(int argc, char *argv[])
hsm_sign_params_t * hsm_sign_params_new()
int hsm_test(const char *repository)
const hsm_module_t * module
int cmd_dnskey(int argc, char *argv[])
int hsm_remove_key(hsm_ctx_t *ctx, hsm_key_t *key)
hsm_key_t ** hsm_list_keys_repository(hsm_ctx_t *ctx, size_t *count, const char *repository)
hsm_key_t * hsm_generate_rsa_key(hsm_ctx_t *ctx, const char *repository, unsigned long keysize)
char * hsm_prompt_pin(unsigned int id, const char *repository, unsigned int mode)
void hsm_print_error(hsm_ctx_t *gctx)
void hsm_print_tokeninfo(hsm_ctx_t *gctx)