0
0
Fork 0
Commit Graph

76 Commits

Author SHA1 Message Date
Gibheer 9e87cea1b0 update pki dependency
This fixes an issue with generating certificates with ed25519 private
keys.
2023-01-10 14:43:53 +01:00
Gibheer c53a88baf7 add one more todo item 2022-10-27 09:45:59 +02:00
Gibheer 07a71d7b77 vendor all dependencies 2022-09-10 18:45:00 +02:00
Gibheer 31b081c06e update import paths 2022-08-15 22:54:12 +02:00
Gibheer c2115003a1 remove missing command from output
diff was never implemented
2022-08-15 22:53:16 +02:00
Gibheer c07b174d42 add more error checking
Based on #13, we need more error checking when opening files. The CA and
CSR files are now checked and return proper error messages in case
something goes wrong.
2018-04-19 08:47:23 +02:00
Gibheer f3910624b8 add more error checks
There are still some cases where the input is not correctly checked, but
it is moving forward.
2018-04-19 08:33:11 +02:00
Gibheer 083e8c2ce4 fix error when no pem label is found 2018-04-18 16:01:57 +02:00
Gibheer e9cd735e0c fix file permissions
This was reported to me, that it makes no sense that csr, crt and so on
are written as 0700. And even in the case of private keys, why do they
need the executable bit set?
2018-04-18 14:14:25 +02:00
Gibheer d01892150e rework program flow
This commit is a complete rebuild of pkictl. Before everything was all
over the place and adding new commands was kind of a hassle.

Now each command has its own file and can be adjusted on a command
basis. Options are still used by the same name, but can now use
different descriptions.
2016-10-01 21:56:29 +02:00
Gibheer faaf7d8859 add Go 1.4 requirement 2015-07-24 22:02:39 +02:00
Gibheer ebdfe46386 the documentation has to go above the package
This makes the documentation in the main.go readable on the godoc.org
website and through the godoc command.
2015-07-24 12:44:43 +02:00
Gibheer 2aa1793bb5 add package documentation to main.go 2015-07-24 12:42:52 +02:00
Gibheer 616d43e8be make installation easier with go get 2015-07-24 12:32:16 +02:00
Gibheer 8fe910f298 add ed25519 support
This adds support for ed25519 keys for the following options

* create-private
* create-public
* sign-input
* verify-input

The format of the private key is purely PEM format and may change. But
as I did not find any documentation on that topic yet, I will keep it as
it is for the moment.
2015-07-19 17:35:24 +02:00
Gibheer 1b8ac82754 use public key instead of private key
This fixes a bug where the public key was not used to verify messages.
2015-07-19 17:33:35 +02:00
Gibheer e337626eac remove done TODO 2015-04-10 22:31:35 +02:00
Gibheer 38c320124c add ca load option
This commit changes to API a bit. The following renames were done:

* csr-path => csr
* ca       => is-ca

The following option was added

* ca

With that option it is now possible to add a certificate to sign the
newly created certificate.
2015-04-10 21:29:28 +02:00
Gibheer 560929efaa add crl url support
With this option added, it is now possible to add crl urls to the
certificates.
2015-04-01 21:17:04 +02:00
Gibheer 89009a3623 fix imports
I forgot to fix the imports after the split.
2015-03-30 21:53:18 +02:00
Gibheer 37423989c8 split certificate stuff into own file
This moves the complicated certificate flag handling into its own file
to make it a bit easier to handle.
2015-03-30 21:52:39 +02:00
Gibheer 9ba6a88449 split out all private key related functions
This moves all private key related functions out into a separate file to
get flags.go smaller.
2015-03-30 21:34:05 +02:00
Gibheer 8e2db6f6c9 update todo list 2015-03-30 20:48:49 +02:00
Gibheer b4c4c1f18a add extended key usage for certificates
This adds the extended key usage and makes the certificates useable in
the wild.
The only thing missing are the CRL distribution points and the policy
identifiers. These will get added after the code in flags.go is cleaned
up. At the moment, it is far too messy.
2015-03-30 20:45:08 +02:00
Gibheer 855fde6d68 add basic key usage flag to certificates 2015-03-30 20:20:58 +02:00
Gibheer ba5a59931e reformat code with gofmt
Yes, I know that this breaks the history search, but it had to be done
sooner or later. I also adjusted my editor to follow the guidelines more
closely.
2015-03-25 20:43:18 +01:00
Gibheer bb41ff218a add start and end date to certificates
This adds the start and end date flags for certificate generation and
also a flag to define, if the resulting certificate should be a CA or
not.
Next step in the implementation is to define the key usages.
2015-03-24 21:21:02 +01:00
Gibheer c69f4de8ce first parameter of args ignored
When prsing the flags, instead of parsing everything given, only the
rest was parsed.
2015-03-24 21:02:13 +01:00
Gibheer 3e34c17449 rename to better distinguish between cert und csr 2015-03-23 09:45:39 +01:00
Gibheer 885340ef8f rename FlagCertificateData
This makes it easier to distinguish between the csr data and cert data.
2015-03-23 09:43:20 +01:00
Gibheer 97baed49b8 remove unused import 2015-03-22 20:03:12 +01:00
Gibheer d983dbae54 rework the parameter management
With this change it is now possible to provide help messages for all
commands. This will help to further cleanup and minimize the code base.
2015-03-21 18:50:55 +01:00
Gibheer ccaef440f4 add documentation for the command 2015-03-21 12:02:07 +01:00
Gibheer 9e351c05d5 add command flag parser
This is a small command flag parser hacked away in a couple hours. It is
built after cobra (https://github.com/spf13/cobra), but with some small
details changed.
Instead of breaking with the go flag API (single and double dashes) this
uses the golang flags package. This means, that single character flags
do not work, but in this case it wouldn't make much sense to replace
long clear argument names with short nothing saying arguments (-p for
--private-key or --public-key?).

This should definitely help with the help and error messages.
2015-03-19 01:35:18 +01:00
Gibheer c0cc30089f fixes small typo 2015-03-18 21:40:08 +01:00
Gibheer 0eb655d42d add a --help option to avoid an error message 2015-03-18 21:39:49 +01:00
Gibheer 31bf8bc739 certificate generation is in
The hole certificate sign request and certificate creation process was
pulled into pki, which made pkictl a bit smaller in code.

There are still some things missing, but the initial support for
certificates is done!
2015-03-16 17:15:29 +01:00
Gibheer 52102b0f24 finally add certificate sign request generation
This adds finally a way to create certificate sign requests. There are
still some options missing, but it is coming together.

With the next step, the ccertificate data container will probably be put
into the pki library.
2015-03-05 21:37:52 +01:00
Gibheer 2954be520d add comments to flag variables 2015-02-20 20:44:22 +01:00
Gibheer 075865c417 add verification of messages
This commit adds back the possibility to verify a message through a
public key and a signature. It works a little bit different than before
as it always prints the base64 version, but it makes it easier to use.
2015-02-20 10:45:42 +01:00
Gibheer 1c621c063c add comment to function 2015-02-19 20:54:47 +01:00
Gibheer f80f34d89c add message signing again
This adds again the possibility to sign messages through the API.
2015-02-19 20:50:06 +01:00
Gibheer 579435cfbb activate main help again
Activate the main help again.
2015-02-17 22:33:54 +01:00
Gibheer f2a349608f make help even nicer
When calling --help, this change prints only the usage itself. Before it
was calling the help, then continued parsing everything.
2015-02-17 22:21:45 +01:00
Gibheer a81c103572 make error messages nicer
This changes the error message so that not the program help is printed
but instead the specific submenu help. This should result in much faster
and better understanding of the problematic situation.
2015-02-17 22:15:21 +01:00
Gibheer 470d21409b add public key support
This adds all options to create and store a public key.
2015-02-17 21:44:10 +01:00
Gibheer b022e8ab4c adjust library path 2015-02-15 21:10:44 +01:00
Gibheer 02749d1d5e make rsa check boundary 2015-02-15 21:09:22 +01:00
Gibheer 16eb14db9f redesign cli
This is a major rebuilding of the CLI. The library part is split out
into pkilib and the cli handles only the communication with the user,
I/O and the library.
The API will still look the same, but the code should be much better to
grasp. Instead of repeating everything, more will be grouped together
and reused.
2015-02-15 01:34:25 +01:00
Gibheer 2f9126dc6a remove stale readme file 2015-02-11 00:33:37 +01:00