47 lines
1.3 KiB
OCaml
47 lines
1.3 KiB
OCaml
(* (c) 2017 Hannes Mehnert, all rights reserved *)
|
|
|
|
open Vmm_provision
|
|
|
|
open Rresult.R.Infix
|
|
|
|
open Vmm_asn
|
|
|
|
let cmd_csr name key permissions =
|
|
let exts =
|
|
[ (false, `Unsupported (Oid.version, version_to_cstruct asn_version)) ;
|
|
(false, `Unsupported (Oid.permissions, permissions_to_cstruct permissions)) ]
|
|
and name = [ `CN name ]
|
|
in
|
|
X509.CA.request name ~extensions:[`Extensions exts] key
|
|
|
|
let jump _ name key permissions =
|
|
Nocrypto_entropy_unix.initialize () ;
|
|
match
|
|
priv_key key name >>= fun key ->
|
|
let csr = cmd_csr name key permissions in
|
|
let enc = X509.Encoding.Pem.Certificate_signing_request.to_pem_cstruct1 csr in
|
|
Bos.OS.File.write Fpath.(v name + ".req") (Cstruct.to_string enc)
|
|
with
|
|
| Ok () -> `Ok ()
|
|
| Error (`Msg m) -> `Error (false, m)
|
|
|
|
open Cmdliner
|
|
|
|
let cmd =
|
|
let parse s =
|
|
match Vmm_core.permission_of_string s with
|
|
| Some x -> `Ok x
|
|
| None -> `Error "invalid permission"
|
|
in
|
|
(parse, Vmm_core.pp_permission)
|
|
|
|
let permissions =
|
|
let doc = "permissions" in
|
|
Arg.(value & opt_all cmd [] & info [ "p" ; "permission" ] ~doc)
|
|
|
|
let cmd =
|
|
Term.(ret (const jump $ setup_log $ nam $ key $ permissions)),
|
|
Term.info "vmm_req_permissions" ~version:"%%VERSION_NUM%%"
|
|
|
|
let () = match Term.eval cmd with `Ok () -> exit 0 | _ -> exit 1
|