]> git.saurik.com Git - apple/security.git/blob - OSX/sec/Security/Tool/keychain_add.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57740.60.18.tar.gz
[apple/security.git] / OSX / sec / Security / Tool / keychain_add.c
1 /*
2 * Copyright (c) 2003-2007,2009-2010,2013-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 *
23 * keychain_add.c
24 */
25
26 #include <TargetConditionals.h>
27 #if TARGET_OS_EMBEDDED
28
29 #include "SecurityCommands.h"
30
31 #include "security.h"
32 #include <stdio.h>
33 #include <stdlib.h>
34 #include <string.h>
35 #include <unistd.h>
36 #include <CoreFoundation/CFNumber.h>
37 #include <CoreFoundation/CFString.h>
38 #include <Security/SecCertificatePriv.h>
39 #include <Security/SecTrustStore.h>
40
41 #include <SecurityTool/readline.h>
42 #include <SecurityTool/tool_errors.h>
43 #include <utilities/SecCFWrappers.h>
44
45
46 static int
47 do_add_certificates(const char *keychainName, bool trustSettings,
48 int argc, char * const *argv)
49 {
50 int ix, result = 0;
51 OSStatus status;
52
53 CFMutableDictionaryRef attributes =
54 CFDictionaryCreateMutable(NULL, 0, NULL, NULL);
55 CFDictionarySetValue(attributes, kSecClass, kSecClassCertificate);
56
57 for (ix = 0; ix < argc; ++ix) {
58 CFDataRef data = copyFileContents(argv[ix]);
59 if (data) {
60 SecCertificateRef cert = SecCertificateCreateWithData(
61 kCFAllocatorDefault, data);
62 if (!cert) {
63 cert = SecCertificateCreateWithPEM(kCFAllocatorDefault, data);
64 }
65 CFRelease(data);
66 if (cert) {
67 if (trustSettings) {
68 SecTrustStoreSetTrustSettings(
69 SecTrustStoreForDomain(kSecTrustStoreDomainUser),
70 cert, NULL);
71 CFReleaseNull(cert);
72 } else {
73 CFDictionarySetValue(attributes, kSecValueRef, cert);
74 status = SecItemAdd(attributes, NULL);
75 CFRelease(cert);
76 if (status) {
77 fprintf(stderr, "file %s: SecItemAdd %s",
78 argv[ix], sec_errstr(status));
79 result = 1;
80 }
81 }
82 } else {
83 result = 1;
84 fprintf(stderr, "file %s: does not contain a valid certificate",
85 argv[ix]);
86 }
87 } else {
88 result = 1;
89 }
90 }
91
92 CFRelease(attributes);
93
94 return result;
95 }
96
97
98 int
99 keychain_add_certificates(int argc, char * const *argv)
100 {
101 int ch, result = 0;
102 const char *keychainName = NULL;
103 bool trustSettings = false;
104 while ((ch = getopt(argc, argv, "hk:t")) != -1)
105 {
106 switch (ch)
107 {
108 case 'k':
109 keychainName = optarg;
110 if (*keychainName == '\0')
111 return 2;
112 break;
113 case 't':
114 trustSettings = true;
115 break;
116 case '?':
117 default:
118 return 2; /* Return 2 triggers usage message. */
119 }
120 }
121
122 argc -= optind;
123 argv += optind;
124
125 if (argc == 0)
126 return 2;
127
128 result = do_add_certificates(keychainName, trustSettings, argc, argv);
129
130 return result;
131 }
132
133 #endif // TARGET_OS_EMBEDDED
mirror of Security