commit 551037b10e427687b7115751c7d613d66459c427
author Gaurav Shah <gauravsh@chromium.org> Mon Nov 01 13:33:32 2010 -0700
committer Gaurav Shah <gauravsh@chromium.org> Mon Nov 01 13:33:32 2010 -0700
tree 00995e8df8e8570cc5a19d6c077ffd05772e8e21
parent a98ad7aa247caf2eea820238d174c147d08f99bc

Make dumpRSAPublicKey also accept a public key in PEM format

This change makes dumpRSAPublicKey directly accept a public key in PEM format. This makes it possible to avoid the unnecessary step of generating a self-signed certificate to dump the public key in .keyb format.

The old style certificate input is still accepted.

Using certs (as done previously):
dumpRSAPublicKey -cert <certfile>

Directly using public keys:
dumpRSAPublicKey -pub <pubfile>

Change-Id: Ic35b59aff6613d145d7947212650da281f734b74

BUG=7576
TEST=manual

$ openssl genrsa -F4 -out test.pem 4096
$ openssl rsa -in test.pem -out test.pub
$ dumpRSAPublicKey -pub test.pub >test.pub.keyb

Verify that this matches the output we get using the old style <cert> input.

$ openssl req -batch -new -x509 -key test.pem -out test.cert
$ dumpRSAPublicKey -cert test.cert >test.cert.keyb
$ diff test.pub.keyb test.cert.keyb
$

Review URL: http://codereview.chromium.org/4215006

utility/dumpRSAPublicKey.c

diff --git a/utility/dumpRSAPublicKey.c b/utility/dumpRSAPublicKey.c
index 837303c..da8597a 100644
--- a/utility/dumpRSAPublicKey.c
+++ b/utility/dumpRSAPublicKey.c
@@ -136,40 +136,52 @@
 }
 
 int main(int argc, char* argv[]) {
+  int cert_mode = 0;
   FILE* fp;
   X509* cert = NULL;
   RSA* pubkey = NULL;
   EVP_PKEY* key;
 
-  if (argc != 2) {
-    fprintf(stderr, "Usage: %s <certfile>\n", argv[0]);
+  if (argc != 3 || (strcmp(argv[1], "-cert") && strcmp(argv[1], "-pub"))) {
+    fprintf(stderr, "Usage: %s <-cert | -pub> <file>\n", argv[0]);
     return -1;
   }
 
-  fp = fopen(argv[1], "r");
+  if (!strcmp(argv[1], "-cert"))
+    cert_mode = 1;
+
+  fp = fopen(argv[2], "r");
 
   if (!fp) {
-    fprintf(stderr, "Couldn't open certificate file!\n");
+    fprintf(stderr, "Couldn't open file %s!\n", argv[2]);
     return -1;
   }
 
-  /* Read the certificate */
-  if (!PEM_read_X509(fp, &cert, NULL, NULL)) {
-    fprintf(stderr, "Couldn't read certificate.\n");
-    goto fail;
-  }
+  if (cert_mode) {
+    /* Read the certificate */
+    if (!PEM_read_X509(fp, &cert, NULL, NULL)) {
+      fprintf(stderr, "Couldn't read certificate.\n");
+      goto fail;
+    }
 
-  /* Get the public key from the certificate. */
-  key = X509_get_pubkey(cert);
+    /* Get the public key from the certificate. */
+    key = X509_get_pubkey(cert);
 
-  /* Convert to a RSA_style key. */
-  if (!(pubkey = EVP_PKEY_get1_RSA(key))) {
-    fprintf(stderr, "Couldn't convert to a RSA style key.\n");
-    goto fail;
+    /* Convert to a RSA_style key. */
+    if (!(pubkey = EVP_PKEY_get1_RSA(key))) {
+      fprintf(stderr, "Couldn't convert to a RSA style key.\n");
+      goto fail;
+    }
+  } else {
+    /* Read the pubkey in .PEM format. */
+    if (!(pubkey = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL))) {
+      fprintf(stderr, "Couldn't read public key file.\n");
+      goto fail;
+    }
   }
 
   if (check(pubkey)) {
-    output (pubkey);
+    output(pubkey);
   }
 
 fail: