Skip to content
Snippets Groups Projects
Commit b5f0a685 authored by Amna Snene's avatar Amna Snene
Browse files

tools: add readme for dhtnet-crtmgr

Change-Id: Ib68a89204a061afbc0e90aa7cfc0b969f55a00e5
parent 6773b073
No related branches found
No related tags found
No related merge requests found
# DHTNet Certificate Manager
## Description
The DHTNet Certificate Manager is a command-line tool designed to manage certificates and keys for the DHTNet network. It provides functionality for generating and signing certificates.
## Features
- Generate new certificates
- Sign certificates
- Display the user identifier
## Option
- `-h, --help`: Display this help message and then exit.
- `-v, --version`: Show the version of the program.
- `-p, --privatekey`: Provide the path to the private key as an argument.
- `-c, --certificate`: Provide the path to the certificate as an argument.
- `-o, --output`: Provide the path where the generated certificate should be saved as an argument.
- `-g, --identifier`: Display the user identifier.
- `-n, --name`: Provide the name of the certificate to be generated.
- `-s, --setup`: Create an CA and an certificate.
## Usage
To create a new certficate:
```bash
dhtnet-crtmgr -o <output> -n <name>
```
Specify the path to save the generated certificate. The name is optional.
To create a certificate signed by another certificate:
```bash
dhtnet-crtmgr -o <output> -c <signer_certificate_path> -p <signer_private_key_path>
```
To display the identifier:
```bash
dhtnet-crtmgr -o <output> -c <certificate_path> -p <private_key_path>
```
To generate a CA and an certificate:
```bash
dhtnet-crtmgr -o <output> -s
```
\ No newline at end of file
...@@ -42,7 +42,7 @@ static const constexpr struct option long_options[] ...@@ -42,7 +42,7 @@ static const constexpr struct option long_options[]
= {{"help", no_argument, nullptr, 'h'}, = {{"help", no_argument, nullptr, 'h'},
{"version", no_argument, nullptr, 'v'}, {"version", no_argument, nullptr, 'v'},
{"CA", required_argument, nullptr, 'c'}, {"CA", required_argument, nullptr, 'c'},
{"id", required_argument, nullptr, 'i'}, {"id", required_argument, nullptr, 'o'},
{"privatekey", required_argument, nullptr, 'p'}, {"privatekey", required_argument, nullptr, 'p'},
{"name", required_argument, nullptr, 'n'}, {"name", required_argument, nullptr, 'n'},
{"pkid", no_argument, nullptr, 'g'}, {"pkid", no_argument, nullptr, 'g'},
...@@ -54,7 +54,7 @@ parse_args(int argc, char** argv) ...@@ -54,7 +54,7 @@ parse_args(int argc, char** argv)
{ {
dhtnet_crtmgr_params params; dhtnet_crtmgr_params params;
int opt; int opt;
while ((opt = getopt_long(argc, argv, "hgsv:c:i:p:n:", long_options, nullptr)) != -1) { while ((opt = getopt_long(argc, argv, "hgsv:c:o:p:n:", long_options, nullptr)) != -1) {
switch (opt) { switch (opt) {
case 'h': case 'h':
params.help = true; params.help = true;
...@@ -65,7 +65,7 @@ parse_args(int argc, char** argv) ...@@ -65,7 +65,7 @@ parse_args(int argc, char** argv)
case 'c': case 'c':
params.ca = optarg; params.ca = optarg;
break; break;
case 'i': case 'o':
params.id = optarg; params.id = optarg;
break; break;
case 'p': case 'p':
...@@ -87,7 +87,8 @@ parse_args(int argc, char** argv) ...@@ -87,7 +87,8 @@ parse_args(int argc, char** argv)
} }
if (params.id.empty() && !params.pkid) { if (params.id.empty() && !params.pkid) {
std::cerr << "Error: The path to save the generated identity is not provided.\n Please specify the path for saving the generated identity using the -i option.\n"; exit(EXIT_FAILURE); std::cerr << "Error: The path to save the generated certificate is not provided.\n Please specify the path using the -i option.\n";
exit(EXIT_FAILURE);
} }
return params; return params;
} }
...@@ -104,11 +105,11 @@ main(int argc, char** argv) ...@@ -104,11 +105,11 @@ main(int argc, char** argv)
" -h, --help Display this help message and then exit.\n" " -h, --help Display this help message and then exit.\n"
" -v, --version Show the version of the program.\n" " -v, --version Show the version of the program.\n"
" -p, --privatekey Provide the path to the private key as an argument.\n" " -p, --privatekey Provide the path to the private key as an argument.\n"
" -c, --CA Provide the path to the Certificate Authority as an argument.\n" " -c, --certificate Provide the path to the certificate as an argument.\n"
" -i, --id Provide the path where the generated identity should be saved as an argument.\n" " -o, --output Provide the path where the generated certificate should be saved as an argument.\n"
" -g, --pkid Display the publickey id used by the server dnc.\n" " -g, --identifier Display the user identifier.\n"
" -n, --name Provide the name of the identity to be generated.\n" " -n, --name Provide the name of the certificate to be generated.\n"
" -s, --setup Create an CA and an id.\n"); " -s, --setup Create an CA and a certificate.\n");
return EXIT_SUCCESS; return EXIT_SUCCESS;
} }
...@@ -119,7 +120,7 @@ main(int argc, char** argv) ...@@ -119,7 +120,7 @@ main(int argc, char** argv)
// check if the public key id is requested // check if the public key id is requested
if (params.pkid) { if (params.pkid) {
if (params.ca.empty() || params.privatekey.empty()) { if (params.ca.empty() || params.privatekey.empty()) {
fmt::print(stderr, "Error: The path to the private key and the Certificate Authority is not provided.\n Please specify the path for the private key and the Certificate Authority using the -p and -c options.\n"); fmt::print(stderr, "Error: The path to the private key and the certificate is not provided.\n Please specify the path for the private key and the certificate using the -p and -c options.\n");
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
auto identity = dhtnet::loadIdentity(params.privatekey, params.ca); auto identity = dhtnet::loadIdentity(params.privatekey, params.ca);
...@@ -136,26 +137,26 @@ main(int argc, char** argv) ...@@ -136,26 +137,26 @@ main(int argc, char** argv)
// create identity with name id-server // create identity with name id-server
std::filesystem::path path_id = params.id / "id"; std::filesystem::path path_id = params.id / "id";
auto identity = dhtnet::generateIdentity(path_id, "id-server", ca); auto identity = dhtnet::generateIdentity(path_id, "id-server", ca);
fmt::print("Generated identity in {}: {} {}\n", path_id,"id-server", identity.second->getId()); fmt::print("Generated certificate in {}: {} {}\n", path_id,"id-server", identity.second->getId());
return EXIT_SUCCESS; return EXIT_SUCCESS;
} }
if (params.ca.empty() || params.privatekey.empty()) { if (params.ca.empty() || params.privatekey.empty()) {
if (params.name.empty()) { if (params.name.empty()) {
auto ca = dhtnet::generateIdentity(params.id, "ca"); auto ca = dhtnet::generateIdentity(params.id, "ca");
fmt::print("Generated CA in {}: {} {}\n", params.id, "ca", ca.second->getId()); fmt::print("Generated certificate in {}: {} {}\n", params.id, "ca", ca.second->getId());
}else{ }else{
auto ca = dhtnet::generateIdentity(params.id, params.name); auto ca = dhtnet::generateIdentity(params.id, params.name);
fmt::print("Generated CA in {}: {} {}\n", params.id, params.name, ca.second->getId()); fmt::print("Generated certificate in {}: {} {}\n", params.id, params.name, ca.second->getId());
} }
}else{ }else{
auto ca = dhtnet::loadIdentity(params.privatekey, params.ca); auto ca = dhtnet::loadIdentity(params.privatekey, params.ca);
if (params.name.empty()) { if (params.name.empty()) {
auto id = dhtnet::generateIdentity(params.id, "id", ca); auto id = dhtnet::generateIdentity(params.id, "certificate", ca);
fmt::print("Generated identity in {}: {} {}\n", params.id, "id", id.second->getId()); fmt::print("Generated certificate in {}: {} {}\n", params.id, "certificate", id.second->getId());
}else{ }else{
auto id = dhtnet::generateIdentity(params.id, params.name, ca); auto id = dhtnet::generateIdentity(params.id, params.name, ca);
fmt::print("Generated identity in {}: {} {}\n", params.id, params.name, id.second->getId()); fmt::print("Generated certificate in {}: {} {}\n", params.id, params.name, id.second->getId());
} }
} }
return EXIT_SUCCESS; return EXIT_SUCCESS;
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment