.TH RSA 8
.SH NAME
-rsagen, rsafill, asn12rsa, rsa2pub, rsa2ssh, rsa2x509 \- generate and format rsa keys
+rsagen, rsafill, asn12rsa, rsa2pub, rsa2ssh, rsa2x509, rsa2csr \- generate and format rsa keys
.SH SYNOPSIS
.B rsagen
[
[
.I file
]
+.PP
+.B rsa2csr
+.I subject
+[
+.I file
+]
.SH DESCRIPTION
Plan 9 represents an RSA key as an attribute-value pair list
prefixed with the string
for TLS server applications. It is recommended to put the key into
.IR secstore (1),
avoiding it being stored unencrypted on the filesystem.
+.PP
+.I Rsa2csr
+takes the
+.I subject
+and a RSA private key and outputs a signing request in ASN.1 format.
.SH EXAMPLES
Generate a fresh key and use it to start a TLS-enabled web server:
.IP
auth/pemdecode 'PRIVATE KEY' key.pem |
auth/asn12rsa -t 'service=tls' >/mnt/factotum/ctl
.EE
+.PP
+Generate a certificate signing request (CSR) in PEM format:
+.IP
+.EX
+auth/rsa2csr 'CN=example.com' key |
+ auth/pemencode 'CERTIFICATE REQUEST'
+.EE
.SH SOURCE
.B /sys/src/cmd/auth
.SH "SEE ALSO
#include "rsa2any.h"
RSApriv*
-getkey(int argc, char **argv, int needprivate, Attr **pa)
+getrsakey(int argc, char **argv, int needprivate, Attr **pa)
{
char *file, *s, *p;
int sz;
DSApriv*getdsakey(int argc, char **argv, int needprivate, Attr **pa);
-RSApriv*getkey(int argc, char **argv, int needprivate, Attr **pa);
+RSApriv*getrsakey(int argc, char **argv, int needprivate, Attr **pa);
uchar* put4(uchar *p, uint n);
uchar* putmp2(uchar *p, mpint *b);
uchar* putn(uchar *p, void *v, uint n);
if(argc != 1 && argc != 2)
usage();
- if((key = getkey(argc-1, argv+1, 1, nil)) == nil)
+ if((key = getrsakey(argc-1, argv+1, 1, nil)) == nil)
sysfatal("%r");
cert = X509rsareq(key, argv[0], &len);
if(cert == nil)
- sysfatal("X509req: %r");
+ sysfatal("X509rsareq: %r");
write(1, cert, len);
exits(0);
if(argc > 1)
usage();
- if((key = getkey(argc, argv, 0, &a)) == nil)
+ if((key = getrsakey(argc, argv, 0, &a)) == nil)
sysfatal("%r");
s = smprint("key %A size=%d ek=%B n=%B\n",
if(argc > 1)
usage();
- if((k = getkey(argc, argv, 0, nil)) == nil)
+ if((k = getrsakey(argc, argv, 0, nil)) == nil)
sysfatal("%r");
if(ssh2) {
if(argc != 1 && argc != 2)
usage();
- if((key = getkey(argc-1, argv+1, 1, nil)) == nil)
+ if((key = getrsakey(argc-1, argv+1, 1, nil)) == nil)
sysfatal("%r");
cert = X509rsagen(key, argv[0], valid, &len);
if(cert == nil)
- sysfatal("X509gen: %r");
+ sysfatal("X509rsagen: %r");
write(1, cert, len);
exits(0);
if(argc > 1)
usage();
- if((key = getkey(argc, argv, 1, &a)) == nil)
+ if((key = getrsakey(argc, argv, 1, &a)) == nil)
sysfatal("%r");
s = smprint("key %A size=%d ek=%B !dk=%B n=%B !p=%B !q=%B !kp=%B !kq=%B !c2=%B\n",