2 * genKeyPair.cpp - create a key pair, store in specified keychain
9 #include <Security/Security.h>
13 static void usage(char **argv
)
15 printf("usage: %s keychain [options]\n", argv
[0]);
17 printf(" -l label -- no default\n");
18 printf(" -a r|f|d -- algorithm RSA/FEE/DSA, default = RSA\n");
19 printf(" -k bits -- key size in bits, default is 1024/128/512 for RSA/FEE/DSA\n");
24 * Generate key pair of arbitrary algorithm.
25 * FEE keys will have random private data.
26 * Like the cspGenKeyPair() in cspwrap.c except this provides a DLDB handle.
28 static CSSM_RETURN
genKeyPair(CSSM_CSP_HANDLE cspHand
,
29 CSSM_DL_DB_HANDLE dlDbHand
,
33 uint32 keySize
, // in bits
34 CSSM_KEY_PTR pubKey
, // mallocd by caller
35 uint32 pubKeyUsage
, // CSSM_KEYUSE_ENCRYPT, etc.
36 CSSM_KEY_PTR privKey
, // mallocd by caller
37 uint32 privKeyUsage
) // CSSM_KEYUSE_DECRYPT, etc.
40 CSSM_CC_HANDLE ccHand
;
41 CSSM_DATA keyLabelData
;
44 CSSM_RETURN ocrtn
= CSSM_OK
;
46 /* pre-context-create algorithm-specific stuff */
49 if(keySize
== CSP_KEY_SIZE_DEFAULT
) {
50 keySize
= CSP_FEE_KEY_SIZE_DEFAULT
;
54 if(keySize
== CSP_KEY_SIZE_DEFAULT
) {
55 keySize
= CSP_RSA_KEY_SIZE_DEFAULT
;
59 if(keySize
== CSP_KEY_SIZE_DEFAULT
) {
60 keySize
= CSP_DSA_KEY_SIZE_DEFAULT
;
64 printf("cspGenKeyPair: Unknown algorithm\n");
67 keyLabelData
.Data
= (uint8
*)keyLabel
,
68 keyLabelData
.Length
= keyLabelLen
;
69 memset(pubKey
, 0, sizeof(CSSM_KEY
));
70 memset(privKey
, 0, sizeof(CSSM_KEY
));
72 crtn
= CSSM_CSP_CreateKeyGenContext(cspHand
,
82 printError("CSSM_CSP_CreateKeyGenContext", crtn
);
86 /* cook up attribute bits */
87 pubAttr
= CSSM_KEYATTR_RETURN_REF
| CSSM_KEYATTR_EXTRACTABLE
| CSSM_KEYATTR_PERMANENT
;
88 privAttr
= CSSM_KEYATTR_RETURN_REF
| CSSM_KEYATTR_EXTRACTABLE
| CSSM_KEYATTR_PERMANENT
;
90 /* post-context-create algorithm-specific stuff */
94 * extra step - generate params - this just adds some
98 CSSM_DATA dummy
= {0, NULL
};
99 crtn
= CSSM_GenerateAlgorithmParams(ccHand
,
102 printError("CSSM_GenerateAlgorithmParams", crtn
);
105 appFreeCssmData(&dummy
, CSSM_FALSE
);
112 /* add in DL/DB to context */
113 crtn
= cspAddDlDbToContext(ccHand
, dlDbHand
.DLHandle
, dlDbHand
.DBHandle
);
119 crtn
= CSSM_GenerateKeyPair(ccHand
,
126 &keyLabelData
, // same labels
127 NULL
, // CredAndAclEntry
130 printError("CSSM_GenerateKeyPair", crtn
);
136 crtn
= CSSM_DeleteContext(ccHand
);
138 printError("CSSM_DeleteContext", crtn
);
139 ocrtn
= CSSM_ERRCODE_INTERNAL_ERROR
;
145 int main(int argc
, char **argv
)
149 CSSM_ALGORITHMS keyAlg
= CSSM_ALGID_RSA
;
150 unsigned keySizeInBits
= CSP_KEY_SIZE_DEFAULT
;
162 while ((arg
= getopt(argc
, argv
, "l:a:k:h")) != -1) {
170 keyAlg
= CSSM_ALGID_RSA
;
173 keyAlg
= CSSM_ALGID_FEE
;
176 keyAlg
= CSSM_ALGID_DSA
;
183 keySizeInBits
= atoi(optarg
);
193 SecKeychainRef kcRef
= nil
;
196 ortn
= SecKeychainOpen(kcName
, &kcRef
);
198 cssmPerror("SecKeychainOpen", ortn
);
202 CSSM_CSP_HANDLE cspHand
= 0;
203 CSSM_DL_DB_HANDLE dlDbHand
= {0, 0};
204 ortn
= SecKeychainGetCSPHandle(kcRef
, &cspHand
);
206 cssmPerror("SecKeychainGetCSPHandle", ortn
);
209 ortn
= SecKeychainGetDLDBHandle(kcRef
, &dlDbHand
);
211 cssmPerror("SecKeychainGetDLDBHandle", ortn
);
219 crtn
= genKeyPair(cspHand
, dlDbHand
,
221 label
, (label
? strlen(label
) : 0),
224 CSSM_KEYUSE_ANY
, // may want to parameterize
226 CSSM_KEYUSE_ANY
); // may want to parameterize
228 printf("**Error creating key pair.\n");
231 printf("...key pair created in keychain %s.\n", kcName
);
234 cspFreeKey(cspHand
, &privKey
);
235 cspFreeKey(cspHand
, &pubKey
);
projects / apple / security.git / blob