From 66f9e9b76c2b76b1f346f57c0cff5cbe05716c5c Mon Sep 17 00:00:00 2001
From: David Blacka <davidb@verisign.com>
Date: Sun, 10 Sep 2006 17:05:18 +0000
Subject: [PATCH] add KeyInfoTool

git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@88 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
---
 ChangeLog                                     |   4 +
 bin/_jdnssec-keyinfo                          |  16 ++
 .../verisignlabs/dnssec/cl/KeyInfoTool.java   | 218 ++++++++++++++++++
 3 files changed, 238 insertions(+)
 create mode 100755 bin/_jdnssec-keyinfo
 create mode 100644 src/com/verisignlabs/dnssec/cl/KeyInfoTool.java

diff --git a/ChangeLog b/ChangeLog
index 943190a..7bf2131 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 2006-09-10  David Blacka  <davidb@fury.blacka.com>
 
+	* Added the "KeyInfoTool" command line tool as the start of a tool
+	for decoding DNSKEY information.  Right now, mostly just useful
+	for checking the public exponenent of RSA keys.
+
 	* Added the "-e" option to jdnssec-keygen, to instruct the key
 	generator to use the (common) large exponent in RSA key
 	generation.
diff --git a/bin/_jdnssec-keyinfo b/bin/_jdnssec-keyinfo
new file mode 100755
index 0000000..24c301c
--- /dev/null
+++ b/bin/_jdnssec-keyinfo
@@ -0,0 +1,16 @@
+#! /bin/sh
+
+thisdir=`dirname $0`
+basedir=`cd $thisdir/..; pwd`
+
+ulimit -n `ulimit -H -n`
+
+# set the classpath
+CLASSPATH=$CLASSPATH:$basedir/build/classes
+
+for i in $basedir/lib/*.jar $basedir/lib/*.zip; do
+  CLASSPATH="$CLASSPATH":"$i"
+done
+export CLASSPATH
+
+exec java com.verisignlabs.dnssec.cl.KeyInfoTool "$@"
diff --git a/src/com/verisignlabs/dnssec/cl/KeyInfoTool.java b/src/com/verisignlabs/dnssec/cl/KeyInfoTool.java
new file mode 100644
index 0000000..379187c
--- /dev/null
+++ b/src/com/verisignlabs/dnssec/cl/KeyInfoTool.java
@@ -0,0 +1,218 @@
+// $Id: KeyGen.java 1954 2005-08-14 17:05:50Z davidb $
+//
+// Copyright (C) 2001-2003 VeriSign, Inc.
+//
+// This library is free software; you can redistribute it and/or
+// modify it under the terms of the GNU Lesser General Public
+// License as published by the Free Software Foundation; either
+// version 2.1 of the License, or (at your option) any later version.
+//
+// This library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+// Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public
+// License along with this library; if not, write to the Free Software
+// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+// USA
+
+package com.verisignlabs.dnssec.cl;
+
+import java.io.PrintWriter;
+import java.security.interfaces.RSAPublicKey;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import org.apache.commons.cli.*;
+import org.xbill.DNS.DNSKEYRecord;
+
+import com.verisignlabs.dnssec.security.BINDKeyUtils;
+import com.verisignlabs.dnssec.security.DnsKeyAlgorithm;
+import com.verisignlabs.dnssec.security.DnsKeyPair;
+
+/**
+ * This class forms the command line implementation of a DNSSEC DS/DLV
+ * generator
+ * 
+ * @author David Blacka (original)
+ * @author $Author: davidb $
+ * @version $Revision: 1954 $
+ */
+public class KeyInfoTool
+{
+
+  /**
+   * This is a small inner class used to hold all of the command line option
+   * state.
+   */
+  private static class CLIState
+  {
+    private Options opts;
+    public String   keyname    = null;
+
+    public CLIState()
+    {
+      setupCLI();
+    }
+
+    /**
+     * Set up the command line options.
+     * 
+     * @return a set of command line options.
+     */
+    private void setupCLI()
+    {
+      opts = new Options();
+
+      // boolean options
+      opts.addOption("h", "help", false, "Print this message.");
+
+      // Argument options
+      opts.addOption(OptionBuilder.hasOptionalArg().withLongOpt("verbose")
+          .withArgName("level")
+          .withDescription("verbosity level -- 0 is silence, "
+              + "5 is debug information, " + "6 is trace information.\n"
+              + "default is level 5.").create('v'));
+    }
+
+    public void parseCommandLine(String[] args)
+        throws org.apache.commons.cli.ParseException
+    {
+      CommandLineParser cli_parser = new PosixParser();
+      CommandLine cli = cli_parser.parse(opts, args);
+
+      if (cli.hasOption('h')) usage();
+
+      if (cli.hasOption('v'))
+      {
+        int value = parseInt(cli.getOptionValue('v'), 5);
+        Logger rootLogger = Logger.getLogger("");
+        switch (value)
+        {
+          case 0 :
+            rootLogger.setLevel(Level.OFF);
+            break;
+          case 5 :
+          default :
+            rootLogger.setLevel(Level.FINE);
+            break;
+          case 6 :
+            rootLogger.setLevel(Level.ALL);
+            break;
+        }
+      }
+
+      String[] cl_args = cli.getArgs();
+
+      if (cl_args.length < 1)
+      {
+        System.err.println("error: missing key file ");
+        usage();
+      }
+
+      keyname = cl_args[0];
+    }
+
+    /** Print out the usage and help statements, then quit. */
+    private void usage()
+    {
+      HelpFormatter f = new HelpFormatter();
+
+      PrintWriter out = new PrintWriter(System.err);
+
+      // print our own usage statement:
+      f.printHelp(out,
+          75,
+          "jdnssec-keyinfo [..options..] keyfile",
+          null,
+          opts,
+          HelpFormatter.DEFAULT_LEFT_PAD,
+          HelpFormatter.DEFAULT_DESC_PAD,
+          null);
+
+      out.flush();
+      System.exit(64);
+    }
+  }
+
+  /**
+   * This is just a convenience method for parsing integers from strings.
+   * 
+   * @param s the string to parse.
+   * @param def the default value, if the string doesn't parse.
+   * @return the parsed integer, or the default.
+   */
+  private static int parseInt(String s, int def)
+  {
+    try
+    {
+      int v = Integer.parseInt(s);
+      return v;
+    }
+    catch (NumberFormatException e)
+    {
+      return def;
+    }
+  }
+
+  public static void execute(CLIState state) throws Exception
+  {
+
+    DnsKeyPair key = BINDKeyUtils.loadKey(state.keyname, null);
+    DNSKEYRecord dnskey = key.getDNSKEYRecord();
+    DnsKeyAlgorithm dnskeyalg = new DnsKeyAlgorithm();
+    
+    boolean isSEP = (dnskey.getFlags() & DNSKEYRecord.Flags.SEP_KEY) != 0;
+    
+    System.out.println("Name: " + dnskey.getName());
+    System.out.println("SEP: " + isSEP);
+    
+    System.out.println("Algorithm: " + dnskeyalg.algToString(dnskey.getAlgorithm()));
+    System.out.println("ID: " + dnskey.getFootprint());
+    if (dnskeyalg.baseType(dnskey.getAlgorithm()) == dnskeyalg.RSA)
+    {
+      RSAPublicKey pub = (RSAPublicKey) key.getPublic();
+      System.out.println("RSA Public Exponent: " + pub.getPublicExponent());
+      System.out.println("RSA Modulus: " + pub.getModulus());
+    }
+    
+  }
+
+  public static void main(String[] args)
+  {
+    CLIState state = new CLIState();
+
+    try
+    {
+      state.parseCommandLine(args);
+    }
+    catch (UnrecognizedOptionException e)
+    {
+      System.err.println("error: unknown option encountered: "
+          + e.getMessage());
+      state.usage();
+    }
+    catch (AlreadySelectedException e)
+    {
+      System.err.println("error: mutually exclusive options have "
+          + "been selected:\n     " + e.getMessage());
+      state.usage();
+    }
+    catch (Exception e)
+    {
+      System.err.println("error: unknown command line parsing exception:");
+      e.printStackTrace();
+      state.usage();
+    }
+
+    try
+    {
+      execute(state);
+    }
+    catch (Exception e)
+    {
+      e.printStackTrace();
+    }
+  }
+}