source: creddy/generate.c @ 08bb122

#include <fcntl.h>

#include <credentials/keys/private_key.h>

#include <creddy.h>

#include "creddy_common.h"

void generate_main(options_t *opts) {
    int ret, fd;
    creddy_id_t *id;
    char *filename;
    FILE *out;

    // make sure we have at least a CN
    if (opts->cn == NULL)
        usage(opts);

    // if we have an outdir, chdir there
    if (opts->out) {
        ret = chdir(opts->out);
        if (ret < 0)
            err(1, "can't open output directory '%s'", opts->out);
    }

    printf("Generating key, this will take a while. Create entropy!\n");
    printf("    - move the mouse\n");
    printf("    - generate disk activity (run find)\n");

    ret = creddy_id_generate(&id, opts->cn, opts->validity);

    if (ret == CREDDY_GENERATE_INVALID_CN) {
        printf("Invalid CN: must start with a letter and be alphanumeric\n");
        usage(opts);
    }
    if (ret == CREDDY_GENERATE_INVALID_VALIDITY) {
        printf("Validity must be >= 1 day\n");
        usage(opts);
    }
    // in both above cases: usage(opts) exits

    //
    // success!
    //

    // write the cert
    filename = creddy_id_cert_filename(id);
    out = fopen(filename, "w");
    if (out == NULL)
        err(1, "Can't open cert file %s", filename);
    creddy_id_write_cert(id, out);
    fclose(out);
    free(filename);

    // write the key
    filename = creddy_id_privkey_filename(id);
    fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); // mode 600
    if (fd < 0)
        err(1, "Can't open private key file %s", filename);
    out = fdopen(fd, "w");
    creddy_id_write_privkey(id, out);
    fclose(out);

    creddy_id_free(id);
}