2 * Copyright (c) 2003-2007,2009-2010,2013-2014 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
26 #include <TargetConditionals.h>
27 #if TARGET_OS_EMBEDDED
29 #include "SecurityCommands.h"
36 #include <CoreFoundation/CFNumber.h>
37 #include <CoreFoundation/CFString.h>
38 #include <Security/SecCertificatePriv.h>
39 #include <Security/SecTrustStore.h>
41 #include <SecurityTool/readline.h>
42 #include <SecurityTool/tool_errors.h>
43 #include <utilities/SecCFWrappers.h>
47 do_add_certificates(const char *keychainName
, bool trustSettings
,
48 int argc
, char * const *argv
)
53 CFMutableDictionaryRef attributes
=
54 CFDictionaryCreateMutable(NULL
, 0, NULL
, NULL
);
55 CFDictionarySetValue(attributes
, kSecClass
, kSecClassCertificate
);
57 for (ix
= 0; ix
< argc
; ++ix
) {
58 CFDataRef data
= copyFileContents(argv
[ix
]);
60 SecCertificateRef cert
= SecCertificateCreateWithData(
61 kCFAllocatorDefault
, data
);
63 cert
= SecCertificateCreateWithPEM(kCFAllocatorDefault
, data
);
68 SecTrustStoreSetTrustSettings(
69 SecTrustStoreForDomain(kSecTrustStoreDomainUser
),
73 CFDictionarySetValue(attributes
, kSecValueRef
, cert
);
74 status
= SecItemAdd(attributes
, NULL
);
77 fprintf(stderr
, "file %s: SecItemAdd %s",
78 argv
[ix
], sec_errstr(status
));
84 fprintf(stderr
, "file %s: does not contain a valid certificate",
92 CFRelease(attributes
);
99 keychain_add_certificates(int argc
, char * const *argv
)
102 const char *keychainName
= NULL
;
103 bool trustSettings
= false;
104 while ((ch
= getopt(argc
, argv
, "hk:t")) != -1)
109 keychainName
= optarg
;
110 if (*keychainName
== '\0')
114 trustSettings
= true;
118 return 2; /* Return 2 triggers usage message. */
128 result
= do_add_certificates(keychainName
, trustSettings
, argc
, argv
);
133 #endif // TARGET_OS_EMBEDDED