[Engine-patches] Change in ovirt-engine[master]: pki: Add a script to extract parts of a PKCS#12 store

Thu, 01 Aug 2013 02:48:09 -0700 

Yedidyah Bar David has uploaded a new change for review.

Change subject: pki: Add a script to extract parts of a PKCS#12 store
......................................................................

pki: Add a script to extract parts of a PKCS#12 store

Change-Id: Ica596fe3ef4e5f0a60ae99b0934b10433b9d5023
Signed-off-by: Yedidyah Bar David <d...@redhat.com>
---
M ovirt-engine.spec.in
A packaging/bin/pki-pkcs12-extract.sh
2 files changed, 64 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/62/17562/1

diff --git a/ovirt-engine.spec.in b/ovirt-engine.spec.in
index ef6970d..1deeb8f 100644
--- a/ovirt-engine.spec.in
+++ b/ovirt-engine.spec.in
@@ -770,6 +770,7 @@
 %{engine_data}/bin/pki-create-ca.sh
 %{engine_data}/bin/pki-enroll-pkcs12.sh
 %{engine_data}/bin/pki-enroll-request.sh
+%{engine_data}/bin/pki-pkcs12-extract.sh
 
 # PKI configuration files:
 %config(noreplace) %{engine_pki}/openssl.conf
diff --git a/packaging/bin/pki-pkcs12-extract.sh 
b/packaging/bin/pki-pkcs12-extract.sh
new file mode 100755
index 0000000..361a80a
--- /dev/null
+++ b/packaging/bin/pki-pkcs12-extract.sh
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+extractkey() {
+       local name="$1"
+       local pass="$2"
+
+       local pkcs12="${PKIDIR}/keys/${name}.p12"
+       local nopass="${PKIDIR}/keys/${name}.key.nopass"
+       common_backup "${nopass}"
+
+       touch "${nopass}"
+       chmod go-rwx "${nopass}" || die "Cannot set nopass permissions"
+       openssl \
+               pkcs12 \
+               -in "${pkcs12}" \
+               -passin "pass:${pass}" \
+               -nodes \
+               -nocerts \
+               -out "${nopass}" \
+               || die "Cannot create PKCS#12"
+
+       return 0
+}
+
+usage() {
+       cat << __EOF__
+Usage: $0 [OPTIONS]
+Extract key with no password from a PKCS#12 store.
+Result will be at ${PKIDIR}/keys/PREFIX.nopass
+
+    --name=prefix         file name without prefix.
+    --password=password   password of PKCS#12.
+__EOF__
+}
+
+. "$(dirname "$(readlink -f "$0")")"/pki-common.sh
+
+while [ -n "$1" ]; do
+       x="$1"
+       v="${x#*=}"
+       shift
+       case "${x}" in
+               --name=*)
+                       NAME="${v}"
+               ;;
+               --password=*)
+                       PASSWORD="${v}"
+               ;;
+               --help)
+                       usage
+                       exit 0
+               ;;
+               *)
+                       usage
+                       exit 1
+               ;;
+       esac
+done
+
+[ -n "${NAME}" ] || die "Please specify name"
+[ -n "${PASSWORD}" ] || die "Please specify password"
+
+extractkey "${NAME}" "${PASSWORD}"


-- 
To view, visit http://gerrit.ovirt.org/17562
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ica596fe3ef4e5f0a60ae99b0934b10433b9d5023
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Yedidyah Bar David <d...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to