shithub: riscv

--- a/sys/man/8/rsa

+++ b/sys/man/8/rsa

@@ -1,6 +1,6 @@

 .TH RSA 8

 .SH NAME

-rsagen, rsafill, asn12rsa, rsa2pub, rsa2ssh, rsa2x509 \- generate and format rsa keys

+rsagen, rsafill, asn12rsa, rsa2pub, rsa2ssh, rsa2x509, rsa2csr \- generate and format rsa keys

 .SH SYNOPSIS

 .B rsagen

@@ -52,6 +52,12 @@

 .I file

+.PP

+.B rsa2csr

+.I subject

+[

+.I file

+]

 .SH DESCRIPTION

 Plan 9 represents an RSA key as an attribute-value pair list

 prefixed with the string

@@ -229,6 +235,11 @@

 for TLS server applications. It is recommended to put the key into

 .IR secstore (1),

 avoiding it being stored unencrypted on the filesystem.

+.PP

+.I Rsa2csr

+takes the

+.I subject

+and a RSA private key and outputs a signing request in ASN.1 format.

 .SH EXAMPLES

 Generate a fresh key and use it to start a TLS-enabled web server:

.IP

@@ -256,6 +267,13 @@

.EX

 auth/pemdecode 'PRIVATE KEY' key.pem |

 	auth/asn12rsa -t 'service=tls' >/mnt/factotum/ctl

+.EE

+.PP

+Generate a certificate signing request (CSR) in PEM format:

+.IP

+.EX

+auth/rsa2csr 'CN=example.com' key |

+	auth/pemencode 'CERTIFICATE REQUEST'

.EE

 .SH SOURCE

 .B /sys/src/cmd/auth

--- a/sys/src/cmd/auth/rsa2any.c

+++ b/sys/src/cmd/auth/rsa2any.c

@@ -7,7 +7,7 @@

 #include "rsa2any.h"

 RSApriv*

-getkey(int argc, char **argv, int needprivate, Attr **pa)

+getrsakey(int argc, char **argv, int needprivate, Attr **pa)

 	char *file, *s, *p;

 	int sz;

--- a/sys/src/cmd/auth/rsa2any.h

+++ b/sys/src/cmd/auth/rsa2any.h

@@ -1,5 +1,5 @@

 DSApriv*getdsakey(int argc, char **argv, int needprivate, Attr **pa);

-RSApriv*getkey(int argc, char **argv, int needprivate, Attr **pa);

+RSApriv*getrsakey(int argc, char **argv, int needprivate, Attr **pa);

 uchar*	put4(uchar *p, uint n);

 uchar*	putmp2(uchar *p, mpint *b);

 uchar*	putn(uchar *p, void *v, uint n);

--- a/sys/src/cmd/auth/rsa2csr.c

+++ b/sys/src/cmd/auth/rsa2csr.c

@@ -31,12 +31,12 @@

 	if(argc != 1 && argc != 2)

 		usage();

-	if((key = getkey(argc-1, argv+1, 1, nil)) == nil)

+	if((key = getrsakey(argc-1, argv+1, 1, nil)) == nil)

 		sysfatal("%r");

 	cert = X509rsareq(key, argv[0], &len);

 	if(cert == nil)

-		sysfatal("X509req: %r");

+		sysfatal("X509rsareq: %r");

 	write(1, cert, len);

 	exits(0);

--- a/sys/src/cmd/auth/rsa2pub.c

+++ b/sys/src/cmd/auth/rsa2pub.c

@@ -31,7 +31,7 @@

 	if(argc > 1)

 		usage();

-	if((key = getkey(argc, argv, 0, &a)) == nil)

+	if((key = getrsakey(argc, argv, 0, &a)) == nil)

 		sysfatal("%r");

 	s = smprint("key %A size=%d ek=%B n=%B\n",

--- a/sys/src/cmd/auth/rsa2ssh.c

+++ b/sys/src/cmd/auth/rsa2ssh.c

@@ -39,7 +39,7 @@

 	if(argc > 1)

 		usage();

-	if((k = getkey(argc, argv, 0, nil)) == nil)

+	if((k = getrsakey(argc, argv, 0, nil)) == nil)

 		sysfatal("%r");

 	if(ssh2) {

--- a/sys/src/cmd/auth/rsa2x509.c

+++ b/sys/src/cmd/auth/rsa2x509.c

@@ -38,12 +38,12 @@

 	if(argc != 1 && argc != 2)

 		usage();

-	if((key = getkey(argc-1, argv+1, 1, nil)) == nil)

+	if((key = getrsakey(argc-1, argv+1, 1, nil)) == nil)

 		sysfatal("%r");

 	cert = X509rsagen(key, argv[0], valid, &len);

 	if(cert == nil)

-		sysfatal("X509gen: %r");

+		sysfatal("X509rsagen: %r");

 	write(1, cert, len);

 	exits(0);

--- a/sys/src/cmd/auth/rsafill.c

+++ b/sys/src/cmd/auth/rsafill.c

@@ -31,7 +31,7 @@

 	if(argc > 1)

 		usage();

-	if((key = getkey(argc, argv, 1, &a)) == nil)

+	if((key = getrsakey(argc, argv, 1, &a)) == nil)

 		sysfatal("%r");

 	s = smprint("key %A size=%d ek=%B !dk=%B n=%B !p=%B !q=%B !kp=%B !kq=%B !c2=%B\n",