]> git.saurik.com Git - apple/security.git/blob - sec/Security/Tool/keychain_add.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-55471.14.18.tar.gz
[apple/security.git] / sec / Security / Tool / keychain_add.c
1 /*
2 * Copyright (c) 2003-2007,2009-2010 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 *
23 * keychain_add.c
24 */
25
26 #include <TargetConditionals.h>
27 #if TARGET_OS_EMBEDDED
28
29 #include "Securitycommands.h"
30
31 #include "security.h"
32 #include <stdio.h>
33 #include <stdlib.h>
34 #include <string.h>
35 #include <unistd.h>
36 #include <CoreFoundation/CFNumber.h>
37 #include <CoreFoundation/CFString.h>
38 #include <Security/SecCertificatePriv.h>
39 #include <Security/SecTrustStore.h>
40
41 #include <SecurityTool/readline.h>
42 #include <SecurityTool/tool_errors.h>
43
44 static int
45 do_add_certificates(const char *keychainName, bool trustSettings,
46 int argc, char * const *argv)
47 {
48 int ix, result = 0;
49 OSStatus status;
50
51 CFMutableDictionaryRef attributes =
52 CFDictionaryCreateMutable(NULL, 0, NULL, NULL);
53 CFDictionarySetValue(attributes, kSecClass, kSecClassCertificate);
54
55 for (ix = 0; ix < argc; ++ix) {
56 CFDataRef data = copyFileContents(argv[ix]);
57 if (data) {
58 SecCertificateRef cert = SecCertificateCreateWithData(
59 kCFAllocatorDefault, data);
60 if (!cert) {
61 cert = SecCertificateCreateWithPEM(kCFAllocatorDefault, data);
62 }
63 CFRelease(data);
64 if (cert) {
65 if (trustSettings) {
66 SecTrustStoreSetTrustSettings(
67 SecTrustStoreForDomain(kSecTrustStoreDomainUser),
68 cert, NULL);
69 } else {
70 CFDictionarySetValue(attributes, kSecValueRef, cert);
71 status = SecItemAdd(attributes, NULL);
72 CFRelease(cert);
73 if (status) {
74 fprintf(stderr, "file %s: SecItemAdd %s",
75 argv[ix], sec_errstr(status));
76 result = 1;
77 }
78 }
79 } else {
80 result = 1;
81 fprintf(stderr, "file %s: does not contain a valid certificate",
82 argv[ix]);
83 }
84 } else {
85 result = 1;
86 }
87 }
88
89 return result;
90 }
91
92
93 int
94 keychain_add_certificates(int argc, char * const *argv)
95 {
96 int ch, result = 0;
97 const char *keychainName = NULL;
98 bool trustSettings = false;
99 while ((ch = getopt(argc, argv, "hk:t")) != -1)
100 {
101 switch (ch)
102 {
103 case 'k':
104 keychainName = optarg;
105 if (*keychainName == '\0')
106 return 2;
107 break;
108 case 't':
109 trustSettings = true;
110 break;
111 case '?':
112 default:
113 return 2; /* Return 2 triggers usage message. */
114 }
115 }
116
117 argc -= optind;
118 argv += optind;
119
120 if (argc == 0)
121 return 2;
122
123 result = do_add_certificates(keychainName, trustSettings, argc, argv);
124
125 return result;
126 }
127
128 #endif // TARGET_OS_EMBEDDED
mirror of Security