9 files changed, 2856 insertions, 0 deletions

diff --git a/src/scepclient/Makefile b/src/scepclient/Makefile
new file mode 100644
index 000000000..dec36c888
--- /dev/null
+++ b/src/scepclient/Makefile
@@ -0,0 +1,184 @@
+# Makefile for the scepclient
+# Copyright (C) 2005 Jan Hutter, Martin Willi
+# Hochschule fuer Technik Rapperswil
+#
+# This program is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at your
+# option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# for more details.
+#
+
+FREESWANSRCDIR=../..
+include ${FREESWANSRCDIR}/Makefile.inc
+
+PLUTODIR=../pluto
+OPENACDIR=../openac
+
+PROGRAM=scepclient
+EXTRA8PROC=${PROGRAM}.8
+
+LIBS=${FREESWANLIB} $(LIBDESLITE) -lgmp
+CFLAGS+= -DDEBUG -DNO_PLUTO
+
+# This compile option activates the leak detective
+ifeq ($(USE_LEAK_DETECTIVE),true)
+  CFLAGS+= -DLEAK_DETECTIVE
+endif
+
+# This compile option activates dynamic URL fetching using libcurl
+ifeq ($(USE_LIBCURL),true)
+  CFLAGS+= -DLIBCURL
+  LIBS+= -lcurl
+endif
+
+X509_OBJS= asn1.o ca.o certs.o constants.o crl.o defs.o fetch.o id.o keys.o \
+           lex.o md2.o md5.o mp_defs.o ocsp.o oid.o pem.o pgp.o pkcs1.o pkcs7.o \
+           rnd.o sha1.o smartcard.o x509.o
+
+OBJS= rsakey.o pkcs10.o loglite.o scep.o ${X509_OBJS}
+
+include ../Makefile.program
+
+loglite.o :	$(OPENACDIR)/loglite.c $(PLUTODIR)/log.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+	
+rsakey.o :	rsakey.c rsakey.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+pkcs10.o : 	pkcs10.c pkcs10.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+scep.o :	scep.c scep.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+# X.509 library
+
+asn1.o : 	$(PLUTODIR)/asn1.c $(PLUTODIR)/asn1.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+ca.o : 		$(PLUTODIR)/ca.c $(PLUTODIR)/ca.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+crl.o :		$(PLUTODIR)/crl.c $(PLUTODIR)/crl.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+certs.o :	$(PLUTODIR)/certs.c $(PLUTODIR)/certs.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+constants.o :	$(PLUTODIR)/constants.c $(PLUTODIR)/constants.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+defs.o :	$(PLUTODIR)/defs.c $(PLUTODIR)/defs.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+fetch.o :	$(PLUTODIR)/fetch.c $(PLUTODIR)/fetch.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+id.o :		$(PLUTODIR)/id.c $(PLUTODIR)/id.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+keys.o :	$(PLUTODIR)/keys.c $(PLUTODIR)/keys.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+lex.o :		$(PLUTODIR)/lex.c $(PLUTODIR)/lex.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+md2.o :		$(PLUTODIR)/md2.c $(PLUTODIR)/md2.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+md5.o :		$(PLUTODIR)/md5.c $(PLUTODIR)/md5.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+mp_defs.o :	$(PLUTODIR)/mp_defs.c $(PLUTODIR)/mp_defs.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+ocsp.o :	$(PLUTODIR)/ocsp.c $(PLUTODIR)/ocsp.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+oid.o :		$(PLUTODIR)/oid.c $(PLUTODIR)/oid.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+pem.o :		$(PLUTODIR)/pem.c $(PLUTODIR)/pem.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+pgp.o :		$(PLUTODIR)/pgp.c $(PLUTODIR)/pgp.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+pkcs1.o :	$(PLUTODIR)/pkcs1.c $(PLUTODIR)/pkcs1.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+pkcs7.o :	$(PLUTODIR)/pkcs7.c $(PLUTODIR)/pkcs7.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+rnd.o :		$(PLUTODIR)/rnd.c $(PLUTODIR)/rnd.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+sha1.o :	$(PLUTODIR)/sha1.c $(PLUTODIR)/sha1.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+smartcard.o :	$(PLUTODIR)/smartcard.c $(PLUTODIR)/smartcard.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+x509.o :	$(PLUTODIR)/x509.c $(PLUTODIR)/x509.h
+		$(CC) $(CFLAGS) -c -o $@ $<
+
+doxygen : 
+		doxygen doxyconfig.DoxyFile
+
+# Stolen from pluto/Makefile
+
+gatherdeps:
+		@ls | grep '\.c$$' | sed -e 's/\(.*\)\.c$$/\1.o: \1.c/'
+		@echo
+		@ls | grep '\.c$$' | xargs grep '^#[    ]*include[      ]*"' | \
+                sed -e 's/\.c:#[        ]*include[      ]*"/.o: /' -e 's/".*//'
+
+# Dependencies generated by "make gatherdeps":
+
+pkcs10.o: pkcs10.c
+rsakey.o: rsakey.c
+scep.o: scep.c
+scepclient.o: scepclient.c
+
+pkcs10.o: ../pluto/constants.h
+pkcs10.o: ../pluto/defs.h
+pkcs10.o: ../pluto/oid.h
+pkcs10.o: ../pluto/asn1.h
+pkcs10.o: ../pluto/pkcs1.h
+pkcs10.o: ../pluto/log.h
+pkcs10.o: ../pluto/x509.h
+pkcs10.o: pkcs10.h
+rsakey.o: ../pluto/constants.h
+rsakey.o: ../pluto/defs.h
+rsakey.o: ../pluto/mp_defs.h
+rsakey.o: ../pluto/log.h
+rsakey.o: ../pluto/asn1.h
+rsakey.o: ../pluto/pkcs1.h
+rsakey.o: rsakey.h
+scep.o: ../pluto/constants.h
+scep.o: ../pluto/defs.h
+scep.o: ../pluto/rnd.h
+scep.o: ../pluto/oid.h
+scep.o: ../pluto/asn1.h
+scep.o: ../pluto/pkcs1.h
+scep.o: ../pluto/fetch.h
+scep.o: ../pluto/log.h
+scep.o: scep.h
+scepclient.o: ../pluto/constants.h
+scepclient.o: ../pluto/defs.h
+scepclient.o: ../pluto/log.h
+scepclient.o: ../pluto/oid.h
+scepclient.o: ../pluto/asn1.h
+scepclient.o: ../pluto/pkcs1.h
+scepclient.o: ../pluto/pkcs7.h
+scepclient.o: ../pluto/certs.h
+scepclient.o: ../pluto/fetch.h
+scepclient.o: ../pluto/rnd.h
+scepclient.o: rsakey.h
+scepclient.o: pkcs10.h
+scepclient.o: scep.h
diff --git a/src/scepclient/pkcs10.c b/src/scepclient/pkcs10.c
new file mode 100644
index 000000000..de3f06e18
--- /dev/null
+++ b/src/scepclient/pkcs10.c
@@ -0,0 +1,220 @@
+/**
+ * @file pkcs10.c
+ * @brief Functions to build PKCS#10 requests
+ *
+ * Contains functions to build DER encoded pkcs#10 certificate requests
+ */
+
+/* Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#include <freeswan.h>
+
+#include "../pluto/constants.h"
+#include "../pluto/defs.h"
+#include "../pluto/oid.h"
+#include "../pluto/asn1.h"
+#include "../pluto/pkcs1.h"
+#include "../pluto/log.h"
+#include "../pluto/x509.h"
+
+#include "pkcs10.h"
+
+/* some pre-coded OIDs */
+
+static u_char ASN1_challengePassword_oid_str[] = {
+    0x06,0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x07
+};
+
+static const chunk_t ASN1_challengePassword_oid = strchunk(ASN1_challengePassword_oid_str);
+
+static u_char ASN1_extensionRequest_oid_str[] = {
+    0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x0E
+};
+
+static const chunk_t ASN1_extensionRequest_oid = strchunk(ASN1_extensionRequest_oid_str);
+
+/** 
+ * @brief Adds a subjectAltName in DER-coded form to a linked list
+ * 
+ * @param[in,out]	subjectAltNames	head of the linked list of subjectAltNames
+ * @param[in]		kind		type of the subjectAltName (which is a generalName)
+ * @param[in]		value		value of the subjectAltName as an ASCII string
+ */
+void
+pkcs10_add_subjectAltName(generalName_t **subjectAltNames, generalNames_t kind
+, char *value) 
+{
+    generalName_t *gn;
+    asn1_t asn1_type = ASN1_EOC;
+    chunk_t name = { value, strlen(value) };
+
+    switch (kind)
+    {
+    case GN_RFC822_NAME:
+	asn1_type = ASN1_CONTEXT_S_1;
+	break;
+    case GN_DNS_NAME:
+	asn1_type = ASN1_CONTEXT_S_2;
+	break;
+    case GN_IP_ADDRESS:
+	{
+	    struct in_addr addr;
+
+	    /* convert an ASCII dotted IPv4 address (e.g. 123.456.78.90)
+             * to a byte representation in network order
+             */
+	    if (!inet_aton(value, &addr))
+	    {
+		fprintf(stderr, "error in IPv4 subjectAltName\n");
+		return;
+	    }
+	    asn1_type = ASN1_CONTEXT_S_7;
+	    name.ptr = (u_char *) &addr.s_addr;
+            name.len = sizeof(addr.s_addr);
+	    break;
+        }
+    default:
+	break;
+    }
+
+    gn = alloc_thing(generalName_t, "subjectAltName");
+    gn->kind = kind;
+    gn->name = asn1_simple_object(asn1_type, name);
+    gn->next = *subjectAltNames;
+    *subjectAltNames = gn;
+}
+
+/**
+ * @brief Builds the requestInfoAttributes of the certificationRequestInfo-field 
+ * 
+ * challenge password ans subjectAltNames are only included,
+ * when avaiable in given #pkcs10_t structure
+ *
+ * @param[in]	pkcs10		Pointer to a #pkcs10_t structure
+ * @return					1 if succeeded, 0 otherwise
+ */
+static chunk_t
+build_req_info_attributes(pkcs10_t* pkcs10)
+{
+
+    chunk_t subjectAltNames   = empty_chunk;
+    chunk_t challengePassword = empty_chunk;
+
+    if (pkcs10->subjectAltNames != NULL) 
+    {
+
+	subjectAltNames = asn1_wrap(ASN1_SEQUENCE, "cm"
+		, ASN1_extensionRequest_oid
+		, asn1_wrap(ASN1_SET, "m"
+		    , asn1_wrap(ASN1_SEQUENCE, "m"
+			, build_subjectAltNames(pkcs10->subjectAltNames)
+		      )
+		  )
+	    );
+    }
+
+    if (pkcs10->challengePassword.len > 0)
+    {
+	asn1_t type = is_printablestring(pkcs10->challengePassword)
+		      ? ASN1_PRINTABLESTRING : ASN1_T61STRING;
+
+	challengePassword = asn1_wrap(ASN1_SEQUENCE, "cm"
+		, ASN1_challengePassword_oid
+		, asn1_wrap(ASN1_SET, "m"
+		    , asn1_simple_object(type, pkcs10->challengePassword)
+		  )
+	    );
+    }
+
+    return asn1_wrap(ASN1_CONTEXT_C_0, "mm"
+		, subjectAltNames
+	    	, challengePassword);
+}
+
+/**
+ * @brief Builds a DER-code pkcs#10 certificate request
+ *
+ * @param[in]	pkcs10		pointer to a pkcs10_t struct
+ * @return 			DER-code pkcs10 request
+ */
+static chunk_t
+pkcs10_build_request(pkcs10_t *pkcs10, int signature_alg)
+{
+    RSA_public_key_t *rsak = (RSA_public_key_t *) pkcs10->private_key;
+
+    chunk_t cert_req_info = asn1_wrap(ASN1_SEQUENCE, "ccmm"
+		, ASN1_INTEGER_0
+		, pkcs10->subject
+		, pkcs1_build_publicKeyInfo(rsak)
+		, build_req_info_attributes(pkcs10));
+
+    chunk_t signature = pkcs1_build_signature(cert_req_info
+		, signature_alg, pkcs10->private_key, TRUE);
+
+    return asn1_wrap(ASN1_SEQUENCE, "mcm"
+		, cert_req_info
+		, asn1_algorithmIdentifier(signature_alg)
+		, signature);
+}
+
+/**
+ * @brief Creates a pkcs#10 certificate request object
+ *
+ * To create a certificate request, the RSA key and the
+ * names to be included as subject in the certificate request
+ * (e.g. commonName, organization) are needed. An optional challenge
+ * password or some subjectAltNames may be included.
+ *
+ * @param[in]	key			rsakey of type #rsakey_t
+ * @param[in]	subject			DER-coded subject distinguished name
+ * @param[in]	challengePassword	challenge password or empty_chunk
+ * @param[in]	subjectAltNames		linked list of subjectAltNames or NULL
+ * @return 				pointer to a #pkcs10_t object
+ */
+pkcs10_t*
+pkcs10_build(RSA_private_key_t *key, chunk_t subject, chunk_t challengePassword
+, generalName_t *subjectAltNames, int signature_alg)
+{
+    pkcs10_t *pkcs10 = alloc_thing(pkcs10_t, "pkcs10_t");
+
+    pkcs10->subject = subject;
+    pkcs10->private_key = key;
+    pkcs10->challengePassword = challengePassword;
+    pkcs10->subjectAltNames = subjectAltNames;
+
+    pkcs10->request = pkcs10_build_request(pkcs10, signature_alg);
+    return pkcs10;
+}
+
+/**
+ * @brief Frees the resources used by an #pkcs10_t object
+ *
+ * @param[in]	pkcs10		#pkcs10_t to free
+ */
+void
+pkcs10_free(pkcs10_t *pkcs10)
+{
+    if (pkcs10 != NULL)
+    {
+	freeanychunk(pkcs10->request);
+	pfree(pkcs10);
+    }
+}
diff --git a/src/scepclient/pkcs10.h b/src/scepclient/pkcs10.h
new file mode 100644
index 000000000..c2a4c1b92
--- /dev/null
+++ b/src/scepclient/pkcs10.h
@@ -0,0 +1,57 @@
+/**
+ * @file pkcs10.h
+ * @brief Functions to build PKCS#10 Request's
+ * 
+ * Contains functions to build DER encoded pkcs#10 certificate requests
+ */
+ 
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ * 
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef _PKCS10_H
+#define _PKCS10_H
+
+#include "../pluto/defs.h"
+#include "../pluto/pkcs1.h"
+#include "../pluto/x509.h"
+
+typedef struct pkcs10_struct pkcs10_t;
+
+/**
+ * @brief type representating a pkcs#10 request.
+ *
+ * A pkcs#10 request contains a distinguished name, an optional 
+ * challenge password, a public key and optional subjectAltNames.
+ * 
+ * The RSA private key is needed to compute the signature of the given request
+ */
+struct pkcs10_struct {
+    RSA_private_key_t *private_key;
+    chunk_t            request;
+    chunk_t            subject;
+    chunk_t            challengePassword;
+    generalName_t     *subjectAltNames;
+};
+
+extern const pkcs10_t empty_pkcs10;
+
+extern void pkcs10_add_subjectAltName(generalName_t **subjectAltNames
+    , generalNames_t kind, char *value);
+extern pkcs10_t* pkcs10_build(RSA_private_key_t *key, chunk_t subject
+    , chunk_t challengePassword, generalName_t *subjectAltNames
+    , int signature_alg);
+extern void pkcs10_free(pkcs10_t *pkcs10);
+
+#endif /* _PKCS10_H */
diff --git a/src/scepclient/rsakey.c b/src/scepclient/rsakey.c
new file mode 100644
index 000000000..c4f26b286
--- /dev/null
+++ b/src/scepclient/rsakey.c
@@ -0,0 +1,349 @@
+/**
+ * @file rsakey.c
+ * @brief Functions for RSA key generation 
+ */
+
+/* 
+ * Copyright (C) 1999, 2000, 2001  Henry Spencer.
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ *
+ * $Id: rsakey.c,v 1.5 2006/01/04 21:16:30 as Exp $
+ */
+ 
+
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <assert.h>
+#include <gmp.h>
+
+#include <freeswan.h>
+
+#include "../pluto/constants.h"
+#include "../pluto/defs.h"
+#include "../pluto/mp_defs.h"
+#include "../pluto/log.h"
+#include "../pluto/asn1.h"
+#include "../pluto/pkcs1.h"
+
+#include "rsakey.h"
+
+/* Number of times the probabilistic primality test is applied */
+#define PRIMECHECK_ROUNDS	30
+
+/* Public exponent used for signature key generation */
+#define PUBLIC_EXPONENT		0x10001
+
+#ifndef RANDOM_DEVICE
+#define	RANDOM_DEVICE	"/dev/random"
+#endif
+
+
+/**
+ * @brief Reads a specific number of bytes from a given device/file
+ * 
+ * @param[in]		nbytes		number of bytes to read from random device
+ * @param[out]		buf		pointer to buffer where to write the data in.
+ * 					size of buffer has to be at least nbytes.
+ * @return				TRUE, if succeeded, FALSE otherwise
+ */
+
+static bool
+get_true_random_bytes(size_t nbytes, char *buf)
+{
+    size_t ndone;
+    size_t got;
+    char *device = RANDOM_DEVICE;
+
+    int dev = open(RANDOM_DEVICE, 0);
+
+    if (dev < 0)
+    {
+	fprintf(stderr, "could not open random device %s", device);
+	return FALSE;
+    }
+
+    DBG(DBG_CONTROL,
+	DBG_log("getting %d bytes from %s...", (int) nbytes, device)
+    )
+	
+    ndone = 0;
+    while (ndone < nbytes)
+    {
+	got = read(dev, buf + ndone, nbytes - ndone);
+	if (got < 0)
+	{
+	    fprintf(stderr, "read error on %s", device);
+	    return FALSE;
+	}
+	if (got == 0)
+	{
+	    fprintf(stderr, "eof on %s", device);
+	    return FALSE;
+	}
+	 ndone += got;
+    }
+    close(dev);
+    return TRUE;
+}
+
+/**
+ * @brief initialize an mpz_t to a random number, specified bit count
+ *
+ * Converting the random value in a value of type mpz_t is done 
+ * by creating a hexbuffer.
+ * Converting via hex is a bit weird, but it's the best route GMP gives us.
+ * Note that highmost and lowmost bits are forced on -- highmost to give a
+ * number of exactly the specified length, lowmost so it is an odd number.
+ *
+ * @param[out] 	var uninitialized mpz_t to store th random number in
+ * @param[in] 	nbits length of var in bits (known to be a multiple of BITS_PER_BYTE)
+ * @return 	TRUE on success, FALSE otherwise
+ */
+static bool
+init_random(mpz_t var, int nbits)
+{
+    size_t nbytes = (size_t)(nbits/BITS_PER_BYTE);
+    char random_buf[RSA_MAX_OCTETS/2];
+
+    assert(nbytes <= sizeof(random_buf));
+
+    if (!get_true_random_bytes(nbytes, random_buf))
+	return FALSE;
+	
+    random_buf[0] |= 01 << (BITS_PER_BYTE-1);	/* force high bit on */
+    random_buf[nbytes-1] |= 01;			/* force low bit on */
+    n_to_mpz(var, random_buf, nbytes);
+    return TRUE;
+}
+
+/**
+ * @brief initialize an mpz_t to a random prime of specified size
+ *
+ * Efficiency tweak: we reject candidates that are 1 higher than a multiple
+ * of e, since they will make the internal modulus not relatively prime to e.
+ *
+ * @param[out] 	var mpz_t variable to initialize
+ * @param[in] 	nbits length of given prime in bits (known to be a multiple of BITS_PER_BYTE)
+ * @param[in] 	eval E-Value, 0 means don't bother w. tweak
+ * @return 		1 on success, 0 otherwise
+ */
+static bool
+init_prime(mpz_t var, int nbits, int eval)
+{
+    unsigned long tries;
+    size_t len;
+
+    /* get a random value of nbits length */
+    if (!init_random(var, nbits))
+	return FALSE;
+
+    /* check if odd number */
+    assert(mpz_fdiv_ui(var, 2) == 1);
+    DBG(DBG_CONTROLMORE,
+	DBG_log("looking for a prime starting there (can take a while)...")
+    )
+
+    tries = 1;
+    while (mpz_fdiv_ui(var, eval) == 1
+       || !mpz_probab_prime_p(var, PRIMECHECK_ROUNDS))
+    {
+	/* not a prime, increase by 2 */
+	mpz_add_ui(var, var, 2);
+	tries++;
+    }
+
+    len = mpz_sizeinbase(var, 2);
+
+    /* check bit length of primee */
+    assert(len == (size_t)nbits || len == (size_t)(nbits+1));
+
+    if (len == (size_t)(nbits+1))
+    {
+	DBG(DBG_CONTROLMORE,
+	    DBG_log("carry out occurred (!), retrying...")
+	)
+	mpz_clear(var);
+	/* recursive call */
+	return init_prime(var, nbits, eval);
+    }
+    DBG(DBG_CONTROLMORE,
+	DBG_log("found it after %lu tries.",tries)
+    )
+    return TRUE;
+}
+
+/** 
+ * @brief Generate a RSA key usable for encryption
+ * 
+ * Generate an RSA key usable for encryption. All the 
+ * values of the RSA key are filled into mpz_t parameters.
+ * These mpz_t parameters must not be initialized and have
+ * to be cleared with mpz_clear after using.
+ *
+ * @param[in] 	nbits size of rsa key in bits
+ * @return 	RSA_public_key_t containing the generated RSA key 
+ */
+err_t
+generate_rsa_private_key(int nbits, RSA_private_key_t *key)
+{
+    mpz_t p, q, n, e, d, exp1, exp2, coeff;
+    mpz_t m, q1, t;	/* temporary variables*/
+
+     DBG(DBG_CONTROL,
+	DBG_log("generating %d bit RSA key:", nbits)
+    )
+
+    if (nbits <= 0) 
+	return "negative rsa key length!";
+
+    /* Get values of primes p and q */
+    DBG(DBG_CONTROLMORE,
+	DBG_log("initialize prime p")
+    )
+    if (!init_prime(p, nbits/2, PUBLIC_EXPONENT)) 
+	return "could not generate prime p";
+
+    DBG(DBG_CONTROLMORE,
+	DBG_log("initialize prime q")
+    )
+    if (!init_prime(q, nbits/2, PUBLIC_EXPONENT)) 
+	return "could not generate prime q";
+	
+    mpz_init(t);
+
+    /* Swapping primes so p is larger then q */
+    if (mpz_cmp(p, q) < 0) 
+    {
+	DBG(DBG_CONTROLMORE,
+	    DBG_log("swapping primes so p is the larger...")
+	);
+	mpz_set(t, p);
+	mpz_set(p, q);
+	mpz_set(q, t);
+    }
+	
+    DBG(DBG_CONTROLMORE,
+	DBG_log("computing modulus...")
+    )
+    mpz_init(n);
+    /* n = p*q */
+    mpz_mul(n, p, q);
+
+    /* Assign e the value of defined PUBLIC_EXPONENT */
+    mpz_init_set_ui(e, PUBLIC_EXPONENT);
+
+    DBG(DBG_CONTROLMORE,
+	DBG_log("computing lcm(p-1, q-1)...")
+    )
+    /* m = p */
+    mpz_init_set(m, p);
+    /* m = m-1 */
+    mpz_sub_ui(m, m, 1);
+    /* q1 = q */
+    mpz_init_set(q1, q);
+    /* q1 = q1-1 */
+    mpz_sub_ui(q1, q1, 1);
+    /* t = gcd(p-1, q-1) */
+    mpz_gcd(t, m, q1);
+    /* m = (p-1)*(q-1) */
+    mpz_mul(m, m, q1);
+    /* m = m / t */
+    mpz_divexact(m, m, t);
+    /* t = gcd(m, e) (greatest common divisor) */
+    mpz_gcd(t, m, e);
+    /* m and e relatively prime */
+    assert(mpz_cmp_ui(t, 1) == 0);
+
+    /* decryption key */
+    DBG(DBG_CONTROLMORE,
+	DBG_log("computing d...")
+    )
+    mpz_init(d);
+    /* e has an inverse mod m */
+    assert(mpz_invert(d, e, m));
+
+    /* make sure d is positive */
+    if (mpz_cmp_ui(d, 0) < 0)
+	mpz_add(d, d, m);
+
+    /* d has to be positive */	
+    assert(mpz_cmp(d, m) < 0);
+
+    /* the speedup hacks */
+    DBG(DBG_CONTROLMORE,
+	DBG_log("computing exp1, exp1, coeff...")
+    )
+    mpz_init(exp1);
+    /* t = p-1 */
+    mpz_sub_ui(t, p, 1);
+    /* exp1 = d mod p-1 */
+    mpz_mod(exp1, d, t);
+
+    mpz_init(exp2);
+    /* t = q-1 */
+    mpz_sub_ui(t, q, 1);
+    /* exp2 = d mod q-1 */
+    mpz_mod(exp2, d, t);
+
+    mpz_init(coeff);
+    /* coeff = q^-1 mod p */
+    mpz_invert(coeff, q, p);
+
+    /* make sure coeff is positive */
+    if (mpz_cmp_ui(coeff, 0) < 0)
+	mpz_add(coeff, coeff, p);
+
+    /* coeff has to be positive */
+    assert(mpz_cmp(coeff, p) < 0);
+
+    /* Clear temporary variables */
+	mpz_clear(q1);
+	mpz_clear(m);
+	mpz_clear(t);
+
+    /* form FreeS/WAN keyid */
+    {
+	size_t e_len = (mpz_sizeinbase(e,2)+BITS_PER_BYTE-1)/BITS_PER_BYTE;
+	size_t n_len = (mpz_sizeinbase(n,2)+BITS_PER_BYTE-1)/BITS_PER_BYTE;
+	chunk_t e_ch = mpz_to_n(e, e_len);
+	chunk_t n_ch = mpz_to_n(n, n_len);
+	form_keyid(e_ch, n_ch, key->pub.keyid, &key->pub.k);
+	freeanychunk(e_ch);
+	freeanychunk(n_ch);
+    }
+    /* fill in the elements of the RSA private key */
+    key->p = *p;
+    key->q = *q;
+    key->pub.n = *n;
+    key->pub.e = *e;
+    key->d = *d;
+    key->dP = *exp1;
+    key->dQ = *exp2;
+    key->qInv = *coeff;
+
+    DBG(DBG_CONTROL,
+	DBG_log("RSA key *%s generated with %d bits", key->pub.keyid
+	    , (int)mpz_sizeinbase(n,2))
+    )
+
+#ifdef DEBUG
+    DBG(DBG_PRIVATE,
+	RSA_show_private_key(key)
+    )
+#endif
+    return NULL;
+}
diff --git a/src/scepclient/rsakey.h b/src/scepclient/rsakey.h
new file mode 100644
index 000000000..3e3156d81
--- /dev/null
+++ b/src/scepclient/rsakey.h
@@ -0,0 +1,31 @@
+/**
+ * @file rsakey.h
+ * @brief Functions for RSA key generation 
+ */
+
+/* 
+ * Copyright (C) 1999, 2000, 2001  Henry Spencer.
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ *
+ * $Id: rsakey.h,v 1.2 2005/08/11 21:52:56 as Exp $
+ */
+ 
+#ifndef RSAKEY_H_
+#define RSAKEY_H_
+
+#include "../pluto/pkcs1.h"
+
+extern err_t generate_rsa_private_key(int nbits, RSA_private_key_t *key);
+
+#endif // RSAKEY_H_
diff --git a/src/scepclient/scep.c b/src/scepclient/scep.c
new file mode 100644
index 000000000..577191787
--- /dev/null
+++ b/src/scepclient/scep.c
@@ -0,0 +1,598 @@
+/**
+ * @file scep.c
+ * @brief SCEP specific functions
+ * 
+ * Contains functions to build SCEP request's and to parse SCEP reply's.
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+#include <stdlib.h>
+
+#include <freeswan.h>
+
+#ifdef LIBCURL
+#include <curl/curl.h>
+#endif
+
+#include "../pluto/constants.h"
+#include "../pluto/defs.h"
+#include "../pluto/rnd.h"
+#include "../pluto/oid.h"
+#include "../pluto/asn1.h"
+#include "../pluto/pkcs1.h"
+#include "../pluto/fetch.h"
+#include "../pluto/log.h"
+
+#include "scep.h"
+
+static char ASN1_messageType_oid_str[] = {
+    0x06, 0x0A, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x02
+};
+
+static char ASN1_senderNonce_oid_str[] = {
+    0x06, 0x0A, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x05
+};
+
+static char ASN1_transId_oid_str[] = {
+    0x06, 0x0A, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x07
+};
+
+static const chunk_t ASN1_messageType_oid =
+			strchunk(ASN1_messageType_oid_str);
+static const chunk_t ASN1_senderNonce_oid =
+			strchunk(ASN1_senderNonce_oid_str);
+static const chunk_t ASN1_transId_oid =
+			strchunk(ASN1_transId_oid_str);
+
+static const char *pkiStatus_values[] = { "0", "2", "3" };
+
+static const char *pkiStatus_names[] = {
+   "SUCCESS",
+   "FAILURE",
+   "PENDING",
+   "UNKNOWN"
+};
+
+static const char *msgType_values[] = { "3", "19", "20", "21", "22" };
+
+static const char *msgType_names[] = {
+  "CertRep",
+  "PKCSReq",
+  "GetCertInitial",
+  "GetCert",
+  "GetCRL",
+  "Unknown"
+};
+
+static const char *failInfo_reasons[] = {
+  "badAlg - unrecognized or unsupported algorithm identifier",
+  "badMessageCheck - integrity check failed",
+  "badRequest - transaction not permitted or supported",
+  "badTime - Message time field was not sufficiently close to the system time",
+  "badCertId - No certificate could be identified matching the provided criteria"
+};
+
+const scep_attributes_t empty_scep_attributes = {
+  SCEP_Unknown_MSG   , /* msgType */
+  SCEP_UNKNOWN       , /* pkiStatus */
+  SCEP_unknown_REASON, /* failInfo */
+  { NULL, 0 }        , /* transID */
+  { NULL, 0 }        , /* senderNonce */
+  { NULL, 0 }        , /* recipientNonce */
+};
+
+/* ASN.1 definition of the X.501 atttribute type */
+
+static const asn1Object_t attributesObjects[] = {
+  { 0, "attributes",	ASN1_SET,	ASN1_LOOP }, /* 0 */
+  { 1,   "attribute",	ASN1_SEQUENCE,	ASN1_NONE }, /* 1 */
+  { 2,     "type", 	ASN1_OID,	ASN1_BODY }, /* 2 */
+  { 2,     "values", 	ASN1_SET,	ASN1_LOOP }, /* 3 */
+  { 3,       "value", 	ASN1_EOC,	ASN1_RAW  }, /* 4 */
+  { 2,     "end loop", 	ASN1_EOC,	ASN1_END  }, /* 5 */
+  { 0, "end loop", 	ASN1_EOC,	ASN1_END  }, /* 6 */
+};
+
+#define ATTRIBUTE_OBJ_TYPE 	2
+#define ATTRIBUTE_OBJ_VALUE	4
+#define ATTRIBUTE_OBJ_ROOF	7
+
+/*
+ * extract and store an attribute
+ */
+static bool
+extract_attribute(int oid, chunk_t object, u_int level
+, scep_attributes_t *attrs)
+{
+    asn1_t type = ASN1_EOC;
+    const char *name = "none";
+
+    switch (oid)
+    {
+    case OID_PKCS9_CONTENT_TYPE:
+	type = ASN1_OID;
+	name = "contentType";
+	break;
+    case OID_PKCS9_SIGNING_TIME:
+	type = ASN1_UTCTIME;
+	name = "signingTime";
+	break;
+    case OID_PKCS9_MESSAGE_DIGEST:
+	type = ASN1_OCTET_STRING;
+	name = "messageDigest";
+	break;
+    case OID_PKI_MESSAGE_TYPE:
+	type = ASN1_PRINTABLESTRING;
+	name = "messageType";
+	break;
+    case OID_PKI_STATUS:
+	type = ASN1_PRINTABLESTRING;
+	name = "pkiStatus";
+	break;
+    case OID_PKI_FAIL_INFO:
+	type = ASN1_PRINTABLESTRING;
+	name = "failInfo";
+	break;
+    case OID_PKI_SENDER_NONCE:
+	type = ASN1_OCTET_STRING;
+	name = "senderNonce";
+	 break;
+    case OID_PKI_RECIPIENT_NONCE:
+	type = ASN1_OCTET_STRING;
+	name = "recipientNonce";
+	break;
+    case OID_PKI_TRANS_ID:
+	type = ASN1_PRINTABLESTRING;
+	name = "transID";
+	break;
+    default:
+	break;
+    }
+
+    if (type == ASN1_EOC)
+	return TRUE;
+
+    if (!parse_asn1_simple_object(&object, type, level+1, name))
+	return FALSE;
+
+    switch (oid)
+    {
+    case OID_PKCS9_CONTENT_TYPE:
+	break;
+    case OID_PKCS9_SIGNING_TIME:
+	break;
+    case OID_PKCS9_MESSAGE_DIGEST:
+	break;
+    case OID_PKI_MESSAGE_TYPE:
+	{
+	    scep_msg_t m;
+
+	    for (m = SCEP_CertRep_MSG; m < SCEP_Unknown_MSG; m++)
+	    {
+		if (strncmp(msgType_values[m], object.ptr, object.len) == 0)
+		    attrs->msgType = m;
+	    }
+	    DBG(DBG_CONTROL,
+		DBG_log("messageType:  %s", msgType_names[attrs->msgType])
+	    )
+	}
+	break;
+    case OID_PKI_STATUS:
+	{
+	    pkiStatus_t s;
+
+	    for (s = SCEP_SUCCESS; s < SCEP_UNKNOWN; s++)
+	    {
+		if (strncmp(pkiStatus_values[s], object.ptr, object.len) == 0)
+		    attrs->pkiStatus = s;
+	    }
+	    DBG(DBG_CONTROL,
+		DBG_log("pkiStatus:    %s", pkiStatus_names[attrs->pkiStatus])
+	    )
+	}
+	break;
+    case OID_PKI_FAIL_INFO:
+	if (object.len == 1
+	&& *object.ptr >= '0' && *object.ptr <= '4')
+	{
+	    attrs->failInfo = (failInfo_t)(*object.ptr - '0');
+	}
+        if (attrs->failInfo != SCEP_unknown_REASON)
+	    plog("failInfo:     %s", failInfo_reasons[attrs->failInfo]);
+	break;
+    case OID_PKI_SENDER_NONCE:
+	attrs->senderNonce = object;
+	break;
+    case OID_PKI_RECIPIENT_NONCE:
+	attrs->recipientNonce = object;
+	break;
+    case OID_PKI_TRANS_ID:
+	attrs->transID = object;
+    }
+    return TRUE;
+}
+
+/*
+ * parse X.501 attributes
+ */
+bool
+parse_attributes(chunk_t blob, scep_attributes_t *attrs)
+{
+    asn1_ctx_t ctx;
+    chunk_t object;
+    u_int level;
+    int oid = OID_UNKNOWN;
+    int objectID = 0;
+
+    asn1_init(&ctx, blob, 0, FALSE, DBG_RAW);
+
+    DBG(DBG_CONTROL | DBG_PARSING,
+	DBG_log("parsing attributes")
+    )
+    while (objectID < ATTRIBUTE_OBJ_ROOF)
+    {
+	if (!extract_object(attributesObjects, &objectID
+			   , &object, &level, &ctx))
+	     return FALSE;
+
+	switch (objectID)
+	{
+	case ATTRIBUTE_OBJ_TYPE:
+	    oid = known_oid(object);
+	    break;
+	case ATTRIBUTE_OBJ_VALUE:
+	   if (!extract_attribute(oid, object, level, attrs))
+		return FALSE;
+	}
+	objectID++;
+    }
+    return TRUE;
+}
+
+/* generates a unique fingerprint of the pkcs10 request 
+ * by computing an MD5 hash over it
+ */
+void
+scep_generate_pkcs10_fingerprint(chunk_t pkcs10, chunk_t *fingerprint)
+{
+    char buf[MD5_DIGEST_SIZE];
+    chunk_t digest = { buf, sizeof(buf) };
+
+    /* the fingerprint is the MD5 hash in hexadecimal format */
+    compute_digest(pkcs10, OID_MD5, &digest);
+    fingerprint->len = 2*digest.len;
+    fingerprint->ptr = alloc_bytes(fingerprint->len + 1, "fingerprint");
+    datatot(digest.ptr, digest.len, 16, fingerprint->ptr, fingerprint->len + 1);
+}
+
+/* generate a transaction id as the MD5 hash of an public key
+ * the transaction id is also used as a unique serial number
+ */
+void
+scep_generate_transaction_id(const RSA_public_key_t *rsak
+, chunk_t *transID, chunk_t *serialNumber)
+{
+    char buf[MD5_DIGEST_SIZE];
+
+    chunk_t digest = { buf, sizeof(buf) };
+    chunk_t public_key = pkcs1_build_publicKeyInfo(rsak);
+
+    bool msb_set;
+    u_char *pos;
+
+    compute_digest(public_key, OID_MD5, &digest);
+    pfree(public_key.ptr);
+
+    /* is the most significant bit of the digest set? */
+    msb_set = (*digest.ptr & 0x80) == 0x80;
+
+    /* allocate space for the serialNumber */
+    serialNumber->len = msb_set + digest.len;
+    serialNumber->ptr = alloc_bytes(serialNumber->len, "serialNumber");
+
+    /* the serial number as the two's complement of the digest */
+    pos = serialNumber->ptr;
+    if (msb_set)
+    {
+	*pos++ = 0x00;
+    }
+    memcpy(pos, digest.ptr, digest.len);
+
+    /* the transaction id is the serial number in hex format */
+    transID->len = 2*digest.len;
+    transID->ptr = alloc_bytes(transID->len + 1, "transID");
+    datatot(digest.ptr, digest.len, 16, transID->ptr, transID->len + 1);
+}
+
+/*
+ * builds a transId attribute
+ */
+chunk_t
+scep_transId_attribute(chunk_t transID)
+{
+    return asn1_wrap(ASN1_SEQUENCE, "cm"
+		, ASN1_transId_oid
+		, asn1_wrap(ASN1_SET, "m"
+		    , asn1_simple_object(ASN1_PRINTABLESTRING, transID)
+		  )
+	      );
+}
+
+/*
+ * builds a messageType attribute
+ */
+chunk_t
+scep_messageType_attribute(scep_msg_t m)
+{
+    chunk_t msgType = {
+	msgType_values[m],
+	strlen(msgType_values[m])
+    };
+
+    return asn1_wrap(ASN1_SEQUENCE, "cm"
+		, ASN1_messageType_oid
+		, asn1_wrap(ASN1_SET, "m"
+		    , asn1_simple_object(ASN1_PRINTABLESTRING, msgType)
+		  )
+	      );
+}
+
+/*
+ * builds a senderNonce attribute
+ */
+chunk_t
+scep_senderNonce_attribute(void)
+{
+    const size_t nonce_len = 16;
+    u_char nonce_buf[nonce_len];
+    chunk_t senderNonce = { nonce_buf, nonce_len };
+
+    get_rnd_bytes(nonce_buf, nonce_len);
+ 
+    return asn1_wrap(ASN1_SEQUENCE, "cm"
+		, ASN1_senderNonce_oid
+		, asn1_wrap(ASN1_SET, "m"
+		    , asn1_simple_object(ASN1_OCTET_STRING, senderNonce)
+		  )
+	      );
+}
+
+/*
+ * builds a pkcs7 enveloped and signed scep request
+ */
+chunk_t
+scep_build_request(chunk_t data, chunk_t transID, scep_msg_t msg
+, const x509cert_t *enc_cert, int enc_alg
+, const x509cert_t *signer_cert, int digest_alg
+, const RSA_private_key_t *private_key)
+{
+    chunk_t envelopedData, attributes, request;
+
+    envelopedData = pkcs7_build_envelopedData(data, enc_cert, enc_alg);
+
+    attributes = asn1_wrap(ASN1_SET, "mmmmm"
+		    , pkcs7_contentType_attribute()
+		    , pkcs7_messageDigest_attribute(envelopedData
+			, digest_alg)
+		    , scep_transId_attribute(transID)
+		    , scep_messageType_attribute(msg)
+		    , scep_senderNonce_attribute());
+
+    request = pkcs7_build_signedData(envelopedData, attributes
+		    , signer_cert, digest_alg, private_key);
+    freeanychunk(envelopedData);
+    freeanychunk(attributes);
+    return request;
+}
+
+#ifdef LIBCURL
+/* converts a binary request to base64 with 64 characters per line
+ * newline and '+' characters are escaped by %0A and %2B, respectively
+ */
+static char*
+escape_http_request(chunk_t req)
+{
+    char *escaped_req = NULL;
+    char *p1, *p2;
+    int lines = 0;
+    int plus  = 0;
+    int n     = 0;
+
+    /* compute and allocate the size of the base64-encoded request */
+    int len = 1 + 4*((req.len + 2)/3);
+    char *encoded_req = alloc_bytes(len, "encoded request");
+
+    /* do the base64 conversion */
+    len = datatot(req.ptr, req.len, 64, encoded_req, len);
+
+    /* compute newline characters to be inserted every 64 characters */
+    lines = (len - 2) / 64;
+
+    /* count number of + characters to be escaped */
+    p1 = encoded_req;
+    while (*p1 != '\0')
+    {
+	if (*p1++ == '+')
+	    plus++;
+    }
+
+    escaped_req = alloc_bytes(len + 3*(lines + plus), "escaped request");
+
+    /* escape special characters in the request */
+    p1 = encoded_req;
+    p2 = escaped_req;
+    while (*p1 != '\0')
+    {
+	if (n == 64)
+	{
+	    memcpy(p2, "%0A", 3);
+	    p2 += 3;
+	    n = 0;
+	}
+	if (*p1 == '+')
+	{
+	    memcpy(p2, "%2B", 3);
+	    p2 += 3;
+	}
+	else
+	{
+	    *p2++ = *p1;
+	}
+	p1++;
+	n++;
+    }
+    *p2 = '\0';
+    pfreeany(encoded_req);
+    return escaped_req;
+}
+#endif
+
+/*
+ * send a SCEP request via HTTP and wait for a response
+ */
+bool
+scep_http_request(const char *url, chunk_t pkcs7, scep_op_t op
+, fetch_request_t req_type, chunk_t *response)
+{
+#ifdef LIBCURL
+    char errorbuffer[CURL_ERROR_SIZE] = "";
+    char *complete_url = NULL;
+    struct curl_slist *headers = NULL;
+    CURL *curl;
+    CURLcode res;
+
+    /* initialize response */
+    *response = empty_chunk;
+
+    /* initialize curl context */
+    curl = curl_easy_init();
+    if (curl == NULL)
+    {
+	plog("could not initialize curl context");
+	return FALSE;
+    }
+
+    if (op == SCEP_PKI_OPERATION)
+    {
+	const char operation[] = "PKIOperation";
+
+	if (req_type == FETCH_GET)
+	{
+	    char *escaped_req = escape_http_request(pkcs7);
+
+	    /* form complete url */
+	    int len = strlen(url) + 20 + strlen(operation) + strlen(escaped_req) + 1;
+
+	    complete_url = alloc_bytes(len, "complete url");
+	    snprintf(complete_url, len, "%s?operation=%s&message=%s"
+		    , url, operation, escaped_req);
+	    pfreeany(escaped_req);
+
+	    curl_easy_setopt(curl, CURLOPT_HTTPGET, TRUE);
+	    headers = curl_slist_append(headers, "Pragma:");
+	    headers = curl_slist_append(headers, "Host:");
+	    headers = curl_slist_append(headers, "Accept:");
+	    curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); 
+	    curl_easy_setopt(curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
+	}
+	else /* HTTP_POST */
+	{
+	    /* form complete url */
+	    int len = strlen(url) + 11 + strlen(operation) + 1;
+
+	    complete_url = alloc_bytes(len, "complete url");
+	    snprintf(complete_url, len, "%s?operation=%s", url, operation);
+
+	    curl_easy_setopt(curl, CURLOPT_HTTPGET, FALSE);
+	    headers = curl_slist_append(headers, "Content-Type:");
+	    headers = curl_slist_append(headers, "Expect:");
+	    curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); 
+	    curl_easy_setopt(curl, CURLOPT_POSTFIELDS, pkcs7.ptr);
+	    curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, pkcs7.len);
+	}
+    }
+    else  /* SCEP_GET_CA_CERT */
+    {
+	const char operation[] = "GetCACert";
+
+	/* form complete url */
+	int len = strlen(url) + 32 + strlen(operation) + 1;
+
+	complete_url = alloc_bytes(len, "complete url");
+	snprintf(complete_url, len, "%s?operation=%s&message=CAIdentifier"
+		, url, operation);
+
+	curl_easy_setopt(curl, CURLOPT_HTTPGET, TRUE);
+    }
+
+    curl_easy_setopt(curl, CURLOPT_URL, complete_url);
+    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_buffer);
+    curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)response);
+    curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errorbuffer);
+    curl_easy_setopt(curl, CURLOPT_FAILONERROR, TRUE);
+    curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, FETCH_CMD_TIMEOUT);
+	
+    DBG(DBG_CONTROL,
+	DBG_log("sending scep request to '%s'", url)
+    )
+    res = curl_easy_perform(curl);
+	
+    if (res == CURLE_OK)
+    {
+	DBG(DBG_CONTROL,
+	    DBG_log("received scep response")
+	)
+	DBG(DBG_RAW,
+	    DBG_dump_chunk("SCEP response:\n", *response)
+	)
+    }
+    else
+    {
+	plog("failed to fetch scep response from '%s': %s", url, errorbuffer);
+    }
+    curl_slist_free_all(headers);
+    curl_easy_cleanup(curl);
+    pfreeany(complete_url);
+
+    return (res == CURLE_OK);
+#else   /* !LIBCURL */
+    plog("scep error: pluto wasn't compiled with libcurl support");
+    return FALSE;
+#endif  /* !LIBCURL */
+}
+
+err_t
+scep_parse_response(chunk_t response, chunk_t transID, contentInfo_t *data
+, scep_attributes_t *attrs, x509cert_t *signer_cert)
+{
+    chunk_t attributes;
+
+    if (!pkcs7_parse_signedData(response, data, NULL, &attributes, signer_cert))
+    {
+	return "error parsing the scep response";
+    }
+    if (!parse_attributes(attributes, attrs))
+    {
+	return "error parsing the scep response attributes";
+    }
+    if (!same_chunk(transID, attrs->transID))
+    {
+	return "transaction ID of scep response does not match";
+    }
+    return NULL;
+}
diff --git a/src/scepclient/scep.h b/src/scepclient/scep.h
new file mode 100644
index 000000000..81e5d1a4b
--- /dev/null
+++ b/src/scepclient/scep.h
@@ -0,0 +1,93 @@
+/**
+ * @file scep.h
+ * @brief SCEP specific functions
+ * 
+ * Contains functions to build and parse SCEP requests and replies
+ */
+ 
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+ 
+#ifndef _SCEP_H
+#define _SCEP_H
+
+#include "../pluto/defs.h"
+#include "../pluto/pkcs1.h"
+#include "../pluto/pkcs7.h"
+
+/* supported SCEP operation types */
+typedef enum {
+    SCEP_PKI_OPERATION,
+    SCEP_GET_CA_CERT
+} scep_op_t;
+
+/* SCEP pkiStatus values */
+typedef enum {
+   SCEP_SUCCESS,
+   SCEP_FAILURE,
+   SCEP_PENDING,
+   SCEP_UNKNOWN
+} pkiStatus_t;
+
+/* SCEP messageType values */
+typedef enum {
+   SCEP_CertRep_MSG,
+   SCEP_PKCSReq_MSG,
+   SCEP_GetCertInitial_MSG,
+   SCEP_GetCert_MSG,
+   SCEP_GetCRL_MSG,
+   SCEP_Unknown_MSG
+} scep_msg_t;
+
+/* SCEP failure reasons */
+typedef enum {
+   SCEP_badAlg_REASON =          0,
+   SCEP_badMessageCheck_REASON = 1,
+   SCEP_badRequest_REASON =      2,
+   SCEP_badTime_REASON =         3,
+   SCEP_badCertId_REASON =       4,
+   SCEP_unknown_REASON =         5
+} failInfo_t;
+
+/* SCEP attributes */
+typedef struct {
+    scep_msg_t  msgType;
+    pkiStatus_t pkiStatus;
+    failInfo_t  failInfo;
+    chunk_t     transID;
+    chunk_t     senderNonce;
+    chunk_t     recipientNonce;
+} scep_attributes_t;
+
+extern const scep_attributes_t empty_scep_attributes;
+
+extern bool parse_attributes(chunk_t blob, scep_attributes_t *attrs);
+extern void scep_generate_pkcs10_fingerprint(chunk_t pkcs10
+    , chunk_t *fingerprint);
+extern void scep_generate_transaction_id(const RSA_public_key_t *rsak
+    , chunk_t *transID, chunk_t *serialNumber);
+extern chunk_t scep_transId_attribute(chunk_t transaction_id);
+extern chunk_t scep_messageType_attribute(scep_msg_t m);
+extern chunk_t scep_senderNonce_attribute(void);
+extern chunk_t scep_build_request(chunk_t data, chunk_t transID, scep_msg_t msg
+    , const x509cert_t *enc_cert, int enc_alg
+    , const x509cert_t *signer_cert, int digest_alg
+    , const RSA_private_key_t *private_key);
+extern bool scep_http_request(const char *url, chunk_t pkcs7, scep_op_t op
+    , fetch_request_t request_type, chunk_t *response);
+extern err_t scep_parse_response(chunk_t response, chunk_t transID
+    , contentInfo_t *data, scep_attributes_t *attrs, x509cert_t *signer_cert);
+
+#endif /* _SCEP_H */
diff --git a/src/scepclient/scepclient.8 b/src/scepclient/scepclient.8
new file mode 100644
index 000000000..0d6364ef2
--- /dev/null
+++ b/src/scepclient/scepclient.8
@@ -0,0 +1,288 @@
+.\" 
+.TH "IPSEC_SCEPCLIENT" "8" "29 September 2005" "Jan Hutter, Martin Willi" ""
+.SH "NAME"
+ipsec scepclient \- Client for the SCEP protocol
+.SH "SYNOPSIS"
+.B ipsec scepclient [argument ...]
+.sp
+.B ipsec scepclient
+.B \-\-help
+.br 
+.B ipsec scepclient
+.B \-\-version
+.SH "DESCRIPTION"
+.BR scepclient
+is a client implementation of Cisco System's Simple Certificate Enrollment Protocol (SCEP) written for Linux strongSwan <http://www.strongswan.org>.
+.BR scepclient
+is designed to be used for certificate enrollment on machines using the OpenSource IPsec solution
+.I strongSwan.
+.SH "FEATURES"
+.BR scepclient
+implements the following features of SCEP:
+.br 
+.IP "\-" 4
+Automatic enrollment of client certificate using a preshared secret
+.IP "\-" 4
+Manual enrollment of client certificate. Offline fingerprint check required!
+.IP "\-" 4
+Acquisition of CA certificate(s)
+.SH "OPTIONS"
+.SS Basic Startup Options
+.B \-v, \-\-version
+.RS 4
+Display the version of ipsec scepclient.
+.PP 
+.RE
+.B \-h, \-\-help
+.RS 4
+Display usage of ipsec scepclient.
+.RE
+
+.SS General Options
+.B \-u, \-\-url \fIurl\fP
+.RS 4
+Full HTTP URL of the SCEP server to be used for certificate enrollment and CA certificate acquisition.
+.RE
+.PP 
+.B \-+, \-\-optionsfrom \fIfilename\fP
+.RS 4
+Reads additional options from \fIfilename\fP.
+.RE
+.PP 
+.B \-f, \-\-force
+.RS 4
+Overwrite existing output file[s].
+.RE
+.PP 
+.B \-q, \-\-quiet
+.RS 4
+Do not write log output to stderr.
+.RE
+
+.SS Options for CA Certificate Acquisition
+.B \-o, \-\-out cacert[=\fIfilename\fP]
+.RS 4
+Output file of acquired CA certificate. If more then one CA certificate is available, \fIfilename\fP is used as prefix for the resulting files.
+.br
+The default \fIfilename\fP is $CONFDIR/ipsec.d/cacerts/caCert.der.
+.RE
+
+.SS Options For Certificate Enrollment
+.B \-i, \-\-in \fItype\fP[=\fIfilename\fP]
+.RS 4
+Input file for certificate enrollment. This option can be specified multiple times to specify input files for every \fItype\fP. 
+Input files can bei either DER or PEM encoded.
+.PP 
+Supported values for \fItype\fP:
+.IP "\fBpkcs1\fP" 12
+RSA private key in PKCS#1 file format. If no input of this type is specified, a RSA key gets generated.
+.br
+The default \fIfilename\fP is $CONFDIR/ipsec.d/private/myKey.der.
+.IP "\fBcacert\-enc\fP" 12
+CA certificate to encrypt the SCEP request. Has to be specified for certificate enrollment. 
+.br 
+The default \fIfilename\fP is $CONFDIR/ipsec.d/cacerts/caCert.der.
+.IP "\fBcacert\-sig\fP" 12
+CA certificate to check signature of SCEP reply. Has to be specified for certificate enrollment. 
+.br 
+The default \fIfilename\fP is $CONFDIR/ipsec.d/cacerts/caCert.der.
+.RE
+.PP 
+.B \-k, \-\-keylength \fIbits\fP
+.RS 4
+sets the key length for RSA key generation. The default length for a generated rsa key is set to 2048 bit.
+.RE
+.PP 
+.B \-D, \-\-days \fIdays\fP
+.RS 4
+Validity of the self-signed X.509 certificate in days. The default is 1825 days (5 years).
+.RE
+.PP 
+.B \-S, \-\-startdate \fIYYMMDDHHMMSS\fPZ
+.RS 4
+defines the \fBnotBefore\fP date when the X.509 certificate  becomes  valid. 
+The  date has the format \fIYYMMDDHHMMSS\fP and  must be specified in UTC (Zulu time).
+If the \fB--startdate\fP option is not specified then the current date is taken as a default.
+.RE
+.PP 
+.B \-E, \-\-enddate \fIYYMMDDHHMMSS\fPZ
+.RS 4
+defines the \fBnotAfter\fP date when the X.509 certificate will expire.
+The date has the format \fIYYMMDDHHMMSS\fP and must be specified in UTC (Zulu time).
+If the \fB--enddate\fP option is not specified then the default \fBnotAfter\fP value is computed by
+adding the validity interval specified by the \fB--days\fP option to the \fBnotBefore\fP date.
+.RE
+.PP
+.B \-d, \-\-dn \fIdn\fP
+.RS 4
+Distinguished name as comma separated list of relative distinguished names. Use quotation marks for a distinguished name containing spaces. If the \fB\-\-dn\fP parameter is missing then the default "C=CH, O=Linux strongSwan, CN=\fIhostname\fP"
+is used with \fIhostname\fP being the return value of the \fIgethostname\fP() function.
+.RE
+.PP 
+.B \-s, \-\-subjectAltName \fItype\fP=\fIvalue\fP
+.RS 4
+Include subjectAltName in certificate request. This option can be specified multiple times to specify a subjectAltName
+for every \fItype\fP.
+.PP 
+Supported values for \fItype\fP:
+.IP "\fBemail\fP" 12
+subjectAltName is a email address.
+.IP "\fBdns\fP" 12
+subjectAltName is a hostname.
+.IP "\fBip\fP" 12
+subjectAltName is a IP address.
+.RE
+.PP 
+.B \-p, \-\-password \fIpw\fP
+.RS 4
+Password to be included as a \fIchallenge password\fP in SCEP request.
+If \fIpw\fP is \fB%prompt\fP', the password gets prompted for on the command line.
+.IP
+\- In automatic mode, this password corresponds to the preshared secret for the given enrollment.
+.IP 
+\- In manual mode, this password can be used to later revoke the corresponding certificate.
+.RE
+.PP 
+.B \-a, \-\-algorithm \fIalgo\fP
+.RS 4
+Change symmetric algorithm to use for encryption of certificate Request.
+The default is \fB3des\-cbc\fP.
+.PP 
+Supported values for \fIalgo\fP:
+.IP "\fBdes\-cbc\fP" 12
+DES CBC encryption (key size = 56 bit).
+.IP "\fB3des\-cbc\fP" 12
+Triple DES CBC encryption (key size = 168 bit).
+.RE
+.PP 
+.B \-o, \-\-out \fItype\fP[=\fIfilename\fP]
+.RS 4
+Output file for certificate enrollment. This option can be specified multiple times to specify output files for every \fItype\fP.
+.PP 
+Supported values for \fItype\fP:
+.IP "\fBpkcs1\fP" 12
+RSA private key in PKCS#1 file format. If specified, the RSA key used for enrollment is stored in file \fIfilename\fP.
+If none of the \fItypes\fP listed below are specified, \fBscepclient\fP will stop after outputting this file.
+.br 
+The default \fIfilename\fP is $CONFDIR/ipsec.d/private/myKey.der.
+.IP "\fBpkcs10\fP" 12
+PKCS#10 certificate request. If specified, the PKCS#10 request used or certificate enrollment is stored in file \fIfilename\fP.
+If none of the \fItypes\fP listed below are specified, \fBscepclient\fP will stop after outputting this file. 
+.br 
+The default \fIfilename\fP is $CONFDIR/ipsec.d/req/myReq.der.
+.IP "\fBpkcs7\fP" 12
+PKCS#7 SCEP request as it is sent using HTTP to the SCEP server. If specified, this SCEP request is stored in file \fIfilename\fP.
+If none of \fItypes\fP listed below is not specified, \fBscepclient\fP will stop after outputting this file.
+.br 
+The default \fIfilename\fP is $CONFDIR/ipsec.d/req/pkcs7.der.
+.IP "\fBcert-self\fP" 12
+Self-signed certificate. If specified the self-signed certificate is stored in file \fIfilename\fP.
+.br 
+The default \fIfilename\fP is $CONFDIR/ipsec.d/certs/selfCert.der.
+.IP "\fBcert\fP" 12
+Enrolled certificate. This \fItype\fP must be specified for certificate enrollment.
+The enrolled certificate is stored in file \fIfilename\fP.
+.br 
+The default \fIfilename\fP is set to $CONFDIR/ipsec.d/certs/myCert.der.
+.RE
+.PP 
+.B \-m, \-\-method \fImethod\fP
+.RS 4
+Change HTTP request method for certificate enrollment. Default is \fBget\fP.
+.PP 
+Supported values for \fImethod\fP:
+.IP "\fBpost\fP" 12
+Certificate enrollment using HTTP POST. Must be supported by the given SCEP server.
+.IP "\fBget\fP" 12
+Certificate enrollment using HTTP GET.
+.RE
+.PP 
+.B \-t, \-\-interval \fIseconds\fP
+.RS 4
+Set interval time in seconds when polling in manual mode.
+The default interval is set to 5 seconds.
+.RE
+.PP 
+.B \-x, \-\-maxpolltime \fIseconds\fP
+.RS 4
+Set max time in seconds to poll in manual mode.
+The default max time is set to unlimited.
+.RE
+
+.SS Debugging Output Options:
+.B \-A, \-\-debug\-all
+.RS 4
+Log everything except private data.
+.RE
+.PP 
+.B \-P, \-\-debug\-parsing
+.RS 4
+Log parsing relevant stuff.
+.RE
+.PP 
+.B \-R, \-\-debug\-raw
+.RS 4
+Log raw hex dumps.
+.RE
+.PP 
+.B \-C, \-\-debug\-control
+.RS 4
+Log informations about control flow.
+.RE
+.PP 
+.B \-M, \-\-debug\-controlmore
+.RS 4
+Log more detailed informations about control flow.
+.RE
+.PP 
+.B \-X, \-\-debug\-private
+.RS 4
+Log sensitive data (e.g. private keys).
+.RE
+.SH "EXAMPLES"
+.B  ipsec scepclient \-\-out caCert \-\-url http://scepserver/cgi\-bin/pkiclient.exe \-f
+.RS 4
+Acquire CA certificate from SCEP server and store it in the default file $CONFDIR/ipsec.d/cacerts/caCert.der.
+If more then one CA certificate is returned, store them in files named caCert.der\-1', caCert.der\-2', etc. 
+.br 
+Existing files are overwritten.
+.RE
+.PP 
+.B  ipsec scepclient \-\-out pkcs1=joeKey.der \-k 1024
+.RS 4
+Generate RSA private key with key length of 1024 bit and store it in file joeKey.der.
+.RE
+.PP 
+.B  ipsec scepclient \-\-in pkcs1=joeKey.der \-\-out pkcs10=joeReq.der \e
+.br 
+.B \-\-dn \*(rqC=AT, CN=John Doe\*(rq \-s email=john@doe.com \-p mypassword
+.RS 4
+Generate a PKCS#10 request and store it in file joeReq.der. Use the RSA private key joeKey.der
+created earlier to sign the PKCS#10\-Request. In addition to the distinguished name include a 
+email\-subjectAltName and a challenge password in the request.
+.RE
+.PP 
+.B  ipsec scepclient \-\-out pkcs1=joeKey.der \-\-out cert==joeCert.der \e
+.br 
+.B \-\-dn \*(rqC=CH, CN=John Doe\*(rq \-k 512 \-p 5xH2pnT7wq \e
+.br 
+.B \-\-url http://scep.hsr.ch/cgi\-bin/pkiclient.exe \e
+.br 
+.B \-\-in cacert\-enc=caCert.der \-\-in cacert\-sig=caCert.der
+.RS 4
+Generate a new RSA key for the request and store it in joeKey.der. Then enroll a certificate and store as joeCert.der.
+The challenge password is '5xH2pnT7wq'. The encryption and signature check has to be made with the same CA certificate
+caCert.der.
+.RE
+
+
+.SH "BUGS"
+\fB\-\-optionsfrom\fP seems to have parsing problems reading option files containing strings in quotation marks.
+.SH "COPYRIGHT"
+Copyright (C) 2005 Jan Hutter, Martin Willi
+.br 
+Hochschule fuer Technik Rapperswil
+.PP 
+This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+.PP 
+This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
diff --git a/src/scepclient/scepclient.c b/src/scepclient/scepclient.c
new file mode 100644
index 000000000..bde460844
--- /dev/null
+++ b/src/scepclient/scepclient.c
@@ -0,0 +1,1036 @@
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @file main.c
+ * @brief scepclient main program
+ */
+
+/**
+ * @mainpage SCEP for Linux strongSwan
+ *
+ * Documentation of SCEP for Linux StrongSwan
+ */
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <getopt.h>
+#include <ctype.h>
+#include <unistd.h>
+#include <time.h>
+#include <gmp.h>
+
+#include <freeswan.h>
+
+#include "../pluto/constants.h"
+#include "../pluto/defs.h"
+#include "../pluto/log.h"
+#include "../pluto/oid.h"
+#include "../pluto/asn1.h"
+#include "../pluto/pkcs1.h"
+#include "../pluto/pkcs7.h"
+#include "../pluto/certs.h"
+#include "../pluto/fetch.h"
+#include "../pluto/rnd.h"
+
+#include "rsakey.h"
+#include "pkcs10.h"
+#include "scep.h"
+
+/*
+ * definition of some defaults
+ */
+
+/* default name of DER-encoded PKCS#1 private key file */
+#define DEFAULT_FILENAME_PKCS1		"myKey.der"
+
+/* default name of DER-encoded PKCS#10 certificate request file */
+#define DEFAULT_FILENAME_PKCS10		"myReq.der"
+
+/* default name of DER-encoded PKCS#7 file */
+#define DEFAULT_FILENAME_PKCS7		"pkcs7.der"
+
+/* default name of DER-encoded self-signed X.509 certificate file */
+#define DEFAULT_FILENAME_CERT_SELF	"selfCert.der"
+
+/* default name of DER-encoded X.509 certificate file */
+#define DEFAULT_FILENAME_CERT		"myCert.der"
+
+/* default name of DER-encoded CA cert file used for key encipherment */
+#define DEFAULT_FILENAME_CACERT_ENC	"caCert.der"
+
+/* default name of the der encoded CA cert file used for signature verification */
+#define DEFAULT_FILENAME_CACERT_SIG	"caCert.der"
+
+/* default prefix of the der encoded CA certificates received from the SCEP server */
+#define DEFAULT_FILENAME_PREFIX_CACERT	"caCert.der"
+
+/* default certificate validity */
+#define DEFAULT_CERT_VALIDITY	 5 * 3600 * 24 * 365  /* seconds */
+
+/* default polling time interval in SCEP manual mode */
+#define DEFAULT_POLL_INTERVAL	 20	  /* seconds */
+
+/* default key length for self-generated RSA keys */
+#define DEFAULT_RSA_KEY_LENGTH 2048	  /* bits */
+
+/* default distinguished name */
+#define DEFAULT_DN "C=CH, O=Linux strongSwan, CN="
+
+/* challenge password buffer size */
+#define MAX_PASSWORD_LENGTH 256
+
+/* Max length of filename for tempfile */
+#define MAX_TEMP_FILENAME_LENGTH 256
+
+
+/* current scepclient version */
+static const char *scepclient_version = "1.0";
+
+/* by default the CRL policy is lenient */
+bool strict_crl_policy = FALSE;
+
+/* by default pluto does not check crls dynamically */
+long crl_check_interval = 0;
+
+/* by default pluto logs out after every smartcard use */
+bool pkcs11_keep_state = FALSE;
+
+
+/*
+ * Global variables
+ */
+
+RSA_private_key_t *private_key = NULL;
+
+chunk_t pkcs1;
+chunk_t pkcs7;
+chunk_t subject;
+chunk_t challengePassword;
+chunk_t serialNumber;
+chunk_t transID;
+chunk_t fingerprint;
+chunk_t issuerAndSubject;
+chunk_t getCertInitial;
+chunk_t scep_response;
+cert_t cert;
+
+x509cert_t *x509_signer        = NULL;
+x509cert_t *x509_ca_enc        = NULL;
+x509cert_t *x509_ca_sig        = NULL;
+generalName_t *subjectAltNames = NULL;
+pkcs10_t *pkcs10               = NULL;
+
+/**
+ * @brief exit scepclient
+ *
+ * The log is closed and leaks are reported
+ * if LEAK_DETECTIVE is activated
+ *
+ * @param status 0 = OK, 1 = general discomfort
+ */
+static void
+exit_scepclient(err_t message, ...)
+{
+    if (private_key != NULL)
+    {
+	free_RSA_private_content(private_key);
+	pfree(private_key);
+    }
+    freeanychunk(pkcs1);
+    freeanychunk(pkcs7);
+    freeanychunk(subject);
+    freeanychunk(serialNumber);
+    freeanychunk(transID);
+    freeanychunk(fingerprint);
+    freeanychunk(issuerAndSubject);
+    freeanychunk(getCertInitial);
+    if (scep_response.ptr != NULL)
+	free(scep_response.ptr);
+
+    free_generalNames(subjectAltNames, TRUE);
+    if (x509_signer != NULL)
+	x509_signer->subjectAltName = NULL;
+
+    free_x509cert(x509_signer);
+    free_x509cert(x509_ca_enc);
+    free_x509cert(x509_ca_sig);
+    pkcs10_free(pkcs10);
+
+#ifdef LEAK_DETECTIVE
+    report_leaks();
+#endif /* LEAK_DETECTIVE */
+    close_log();
+
+    /* print any error message to stderr */
+    if (message != NULL && *message != '\0')
+    {
+	va_list args;
+	char m[LOG_WIDTH];	/* longer messages will be truncated */
+
+	va_start(args, message);
+	vsnprintf(m, sizeof(m), message, args);
+	va_end(args);
+
+	fprintf(stderr, "error: %s\n", m);
+	exit(-1);
+    }
+    exit(0);
+}
+
+/**
+ * @brief prints the program version and exits
+ *
+ */
+static void
+version(void)
+{
+    printf("scepclient %s\n", scepclient_version);
+    exit_scepclient(NULL);
+}
+
+/**
+ * @brief prints the usage of the program to the stderr output
+ *
+ * If message is set, program is exitet with 1 (error)
+ * @param message message in case of an error
+ */
+static void
+usage(const char *message)
+{
+    fprintf(stderr,
+	"Usage: scepclient\n"
+	" --help (-h)                       show usage and exit\n"
+	" --version (-v)                    show version and exit\n"
+	" --quiet (-q)                      do not write log output to stderr\n"
+	" --in (-i) <type>[=<filename>]     use <filename> of <type> for input \n"
+	"                                   <type> = pkcs1 | cacert-enc |  cacert-sig\n"
+	"                                   - if no pkcs1 input is defined, a \n"
+	"                                     RSA key will be generated\n"
+	"                                   - if no filename is given, default is used\n"
+	" --out (-o) <type>[=<filename>]    write output of <type> to <filename>\n"
+	"                                   multiple outputs are allowed\n"
+	"                                   <type> = pkcs1 | pkcs10 | pkcs7 | cert-self | cert | cacert\n"
+	"                                   - type cacert defines filename prefix of\n"
+	"                                     received CA certificate(s)\n"
+	"                                   - if no filename is given, default is used\n"
+	" --optionsfrom (-+) <filename>     reads additional options from given file\n"
+	" --force (-f)                      force existing file(s)\n"
+	"\n"
+	"Options for key generation (pkcs1):\n"
+	" --keylength (-k) <bits>           key length for RSA key generation\n"
+					    "(default: 2048 bits)\n"
+	"\n"
+	"Options for validity:\n"
+	" --days (-D) <days>                validity in days\n"
+	" --startdate (-S) <YYMMDDHHMMSS>Z  not valid before date\n"
+	" --enddate   (-E) <YYMMDDHHMMSS>Z  not valid after date\n"
+	"\n"
+	"Options for request generation (pkcs10):\n"
+	" --dn (-d) <dn>                    comma separated list of distinguished names\n"
+	" --subjectAltName (-s) <t>=<v>     include subjectAltName in certificate request\n"
+	"                                   <t> =  email | dns | ip \n"
+	" --password (-p) <pw>              challenge password\n"
+	"                                   - if pw is '%%prompt', password gets prompted for\n"
+	" --algorithm (-a) <algo>           use specified algorithm for PKCS#7 encryption\n"
+	"                                   <algo> = des-cbc | 3des-cbc (default: 3des-cbc)\n"
+	"\n"
+	"Options for enrollment (cert):\n"
+	" --url (-u) <url>                  url of the SCEP server\n"
+	" --method (-m) post | get          http request type\n"
+	" --interval (-t) <seconds>         manual mode poll interval in seconds (default 20s)\n"
+	" --maxpolltime (-x) <seconds>      max poll time in seconds when in manual mode\n"
+	"                                   (default: unlimited)\n"
+#ifdef DEBUG
+	"\n"
+	"Debugging output:\n"
+	" --debug-all (-A)                  show everything except private\n"
+	" --debug-parsing (-P)              show parsing relevant stuff\n"
+	" --debug-raw (-R)                  show raw hex dumps\n"
+	" --debug-control (-C)              show control flow output\n"
+	" --debug-controlmore (-M)          show more control flow\n"
+	" --debug-private (-X)              show sensitive data (private keys, etc.)\n"
+#endif
+	);
+    exit_scepclient(message);
+}
+
+/**
+ * @brief main of scepclient
+ *
+ * @param argc number of arguments
+ * @param argv pointer to the argument values
+ */
+int main(int argc, char **argv)
+{
+    /* external values */
+    extern char * optarg;
+    extern int optind;
+
+    /* type of input and output files */
+    typedef enum {
+	PKCS1      =  0x01,
+	PKCS10     =  0x02,
+	PKCS7      =  0x04,
+	CERT_SELF  =  0x08,
+	CERT       =  0x10,
+	CACERT_ENC =  0x20,
+	CACERT_SIG =  0x40
+    } scep_filetype_t;
+
+    /* filetype to read from, defaults to "generate a key" */
+    scep_filetype_t filetype_in = 0;
+
+    /* filetype to write to, no default here */
+    scep_filetype_t filetype_out = 0;
+
+    /* input files */
+    char *file_in_pkcs1      = DEFAULT_FILENAME_PKCS1;
+    char *file_in_cacert_enc = DEFAULT_FILENAME_CACERT_ENC;
+    char *file_in_cacert_sig = DEFAULT_FILENAME_CACERT_SIG;
+
+    /* output files */
+    char *file_out_pkcs1     = DEFAULT_FILENAME_PKCS1;
+    char *file_out_pkcs10    = DEFAULT_FILENAME_PKCS10;
+    char *file_out_pkcs7     = DEFAULT_FILENAME_PKCS7;
+    char *file_out_cert_self = DEFAULT_FILENAME_CERT_SELF;
+    char *file_out_cert      = DEFAULT_FILENAME_CERT;
+    char *file_out_prefix_cacert = DEFAULT_FILENAME_PREFIX_CACERT;
+
+    /* by default user certificate is requested */
+    bool request_ca_certificate = FALSE;
+
+    /* by default existing files are not overwritten */
+    bool force = FALSE;
+
+    /* length of RSA key in bits */
+    u_int rsa_keylength = DEFAULT_RSA_KEY_LENGTH;
+
+    /* validity of self-signed certificate */
+    time_t validity  = DEFAULT_CERT_VALIDITY;
+    time_t notBefore = 0;
+    time_t notAfter  = 0;
+
+    /* distinguished name for requested certificate, ASCII format */
+    char *distinguishedName = NULL;
+
+    /* challenge password */
+    char challenge_password_buffer[MAX_PASSWORD_LENGTH];
+
+    /* symmetric encryption algorithm used by pkcs7, default is 3DES */
+    int pkcs7_symmetric_cipher = OID_3DES_EDE_CBC;
+
+    /* digest algorithm used by pkcs7, default is MD5 */
+    int pkcs7_digest_alg = OID_MD5;
+
+    /* signature algorithm used by pkcs10, default is MD5 with RSA encryption */
+    int pkcs10_signature_alg = OID_MD5;
+
+    /* URL of the SCEP-Server */
+    char *scep_url = NULL;
+
+    /* http request method, default is GET */
+    fetch_request_t request_type = FETCH_GET;
+
+    /* poll interval time in manual mode in seconds */
+    u_int poll_interval = DEFAULT_POLL_INTERVAL;
+
+    /* maximum poll time */
+    u_int max_poll_time = 0;
+
+    err_t ugh = NULL;
+
+    /* initialize global variables */
+    pkcs1             = empty_chunk;
+    pkcs7             = empty_chunk;
+    serialNumber      = empty_chunk;
+    transID           = empty_chunk;
+    fingerprint       = empty_chunk;
+    issuerAndSubject  = empty_chunk;
+    challengePassword = empty_chunk;
+    getCertInitial    = empty_chunk;
+    scep_response     = empty_chunk;
+    log_to_stderr     = TRUE;
+
+    for (;;)
+    {
+	static const struct option long_opts[] = {
+	    /* name, has_arg, flag, val */
+	    { "help", no_argument, NULL, 'h' },
+	    { "version", no_argument, NULL, 'v' },
+	    { "optionsfrom", required_argument, NULL, '+' },
+	    { "quiet", no_argument, NULL, 'q' },
+	    { "in", required_argument, NULL, 'i' },
+	    { "out", required_argument, NULL, 'o' },
+	    { "force", no_argument, NULL, 'f' },
+	    { "keylength", required_argument, NULL, 'k' },
+	    { "dn", required_argument, NULL, 'd' },
+	    { "days", required_argument, NULL, 'D' },
+	    { "startdate", required_argument, NULL, 'S' },
+	    { "enddate", required_argument, NULL, 'E' },
+	    { "subjectAltName", required_argument, NULL, 's' },
+	    { "password", required_argument, NULL, 'p' },
+	    { "algorithm", required_argument, NULL, 'a' },
+	    { "url", required_argument, NULL, 'u' },
+	    { "method", required_argument, NULL, 'm' },
+	    { "interval", required_argument, NULL, 't' },
+	    { "maxpolltime", required_argument, NULL, 'x' },
+#ifdef DEBUG
+	    { "debug-all", no_argument, NULL, 'A' },
+	    { "debug-parsing", no_argument, NULL, 'P'},
+	    { "debug-raw", no_argument, NULL, 'R'},
+	    { "debug-control", no_argument, NULL, 'C'},
+	    { "debug-controlmore", no_argument, NULL, 'M'},
+	    { "debug-private", no_argument, NULL, 'X'},
+#endif
+	    { 0,0,0,0 }
+	};
+
+	/* parse next option */
+	int c = getopt_long(argc, argv, "hv+:qi:o:fk:d:s:p:a:u:m:t:x:APRCMS", long_opts, NULL);
+
+	switch (c)
+	{
+	case EOF:	/* end of flags */
+	    break;
+
+	case 'h':	/* --help */
+	    usage(NULL);
+
+	case 'v':	/* --version */
+	    version();
+
+	case 'q':	/* --quiet */
+	    log_to_stderr = FALSE;
+	    continue;
+
+	case 'i':	/* --in <type> [= <filename>] */
+	    {
+		char *filename = strstr(optarg, "=");
+
+		if (filename)
+		{
+		    /* replace '=' by '\0' */
+		    *filename = '\0';
+		    /* set pointer to start of filename */
+		    filename++;
+		}
+		if (strcasecmp("pkcs1", optarg) == 0)
+		{
+		    filetype_in |= PKCS1;
+		    if (filename)
+			file_in_pkcs1 = filename;
+		}
+		else if (strcasecmp("cacert-enc", optarg) == 0)
+		{
+		    filetype_in |= CACERT_ENC;
+		    if (filename)
+			file_in_cacert_enc = filename;
+		}
+		else if (strcasecmp("cacert-sig", optarg) == 0)
+		{
+		    filetype_in |= CACERT_SIG;
+		    if (filename)
+			 file_in_cacert_sig = filename;
+		}
+		else
+		{
+		    usage("invalid --in file type");
+		}
+		continue;
+	    }
+
+	case 'o':	/* --out <type> [= <filename>] */
+	    {
+		char *filename = strstr(optarg, "=");
+
+		if (filename)
+		{
+		    /* replace '=' by '\0' */
+		    *filename = '\0';
+		    /* set pointer to start of filename */
+		    filename++;
+		}
+		if (strcasecmp("pkcs1", optarg) == 0)
+		{
+		    filetype_out |= PKCS1;
+		    if (filename)
+			file_out_pkcs1 = filename;
+		}
+		else if (strcasecmp("pkcs10", optarg) == 0)
+		{
+		    filetype_out |= PKCS10;
+		    if (filename)
+			file_out_pkcs10 = filename;
+		}
+		else if (strcasecmp("pkcs7", optarg) == 0)
+		{
+		    filetype_out |= PKCS7;
+		    if (filename)
+			file_out_pkcs7 = filename;
+		}
+		else if (strcasecmp("cert-self", optarg) == 0)
+		{
+		    filetype_out |= CERT_SELF;
+		    if (filename)
+			file_out_cert_self = filename;
+		}
+		else if (strcasecmp("cert", optarg) == 0)
+		{
+		    filetype_out |= CERT;
+		    if (filename)
+			file_out_cert = filename;
+		}
+		else if (strcasecmp("cacert", optarg) == 0)
+		{
+		    request_ca_certificate = TRUE;
+		    if (filename)
+			file_out_prefix_cacert = filename;
+		}
+		else
+		{
+		    usage("invalid --out file type");
+		}
+		continue;
+	    }
+	
+	case 'f':	/* --force */
+	    force = TRUE;
+	    continue;
+
+	case '+':	/* --optionsfrom <filename> */
+	    optionsfrom(optarg, &argc, &argv, optind, stderr);
+	    /* does not return on error */
+	    continue;
+
+	case 'k':	 /* --keylength <length> */
+	    {
+		div_t q;
+
+		rsa_keylength = atoi(optarg);
+		if (rsa_keylength == 0)
+		    usage("invalid keylength");
+
+		/* check if key length is a multiple of 8 bits */
+		q = div(rsa_keylength, 2*BITS_PER_BYTE);
+		if (q.rem != 0)
+		{
+		    exit_scepclient("keylength is not a multiple of %d bits!"
+			, 2*BITS_PER_BYTE);
+		}
+		continue;
+	    }
+
+	case 'D':	/* --days */
+	    if (optarg == NULL || !isdigit(optarg[0]))
+		usage("missing number of days");
+	    {
+		char *endptr;
+		long days = strtol(optarg, &endptr, 0);
+
+		if (*endptr != '\0' || endptr == optarg
+		|| days <= 0)
+		    usage("<days> must be a positive number");
+		validity = 24*3600*days;
+	    }
+	    continue;
+
+	case 'S':	/* --startdate */
+            if (optarg == NULL || strlen(optarg) != 13 || optarg[12] != 'Z')
+                usage("date format must be YYMMDDHHMMSSZ");
+	    {
+		chunk_t date = { optarg, 13 };
+		notBefore = asn1totime(&date, ASN1_UTCTIME);
+	    }
+	    continue;
+
+	case 'E':	/* --enddate */
+            if (optarg == NULL || strlen(optarg) != 13 || optarg[12] != 'Z')
+                usage("date format must be YYMMDDHHMMSSZ");
+	    {
+		chunk_t date = { optarg, 13 };
+		notAfter = asn1totime(&date, ASN1_UTCTIME);
+	    }
+	    continue;
+
+	case 'd':	/* --dn */
+	    if (distinguishedName)
+		usage("only one distinguished name allowed");
+	    distinguishedName = optarg;
+	    continue;
+
+	case 's':	/* --subjectAltName */
+	    {
+		generalNames_t kind;
+		char *value = strstr(optarg, "=");
+
+		if (value)
+		{
+		    /* replace '=' by '\0' */
+		    *value = '\0';
+		    /* set pointer to start of value */
+		    value++;
+		}
+
+		if (!strcasecmp("email", optarg))
+		    kind = GN_RFC822_NAME;
+		else if (!strcasecmp("dns", optarg))
+		    kind = GN_DNS_NAME;
+		else if (!strcasecmp("ip", optarg))
+		    kind = GN_IP_ADDRESS;
+		else
+		{
+		    usage("invalid --subjectAltName type");
+		    continue;
+		}
+		pkcs10_add_subjectAltName(&subjectAltNames, kind, value);
+		continue;
+	    }
+
+	case 'p':	/* --password */
+	    if (challengePassword.len > 0)
+		usage("only one challenge password allowed");
+
+	    if (strcasecmp("%prompt", optarg) == 0)
+	    {
+		printf("Challenge password: ");
+		if (fgets(challenge_password_buffer, sizeof(challenge_password_buffer)-1, stdin))
+		{
+		    challengePassword.ptr = challenge_password_buffer;
+		    /* discard the terminating '\n' from the input */
+		    challengePassword.len = strlen(challenge_password_buffer) - 1;
+		}
+		else
+		{
+		    usage("challenge password could not be read");
+		}
+	    }
+	    else
+	    {
+		challengePassword.ptr = optarg;
+		challengePassword.len = strlen(optarg);
+	    }
+	    continue;
+
+	case 'u':	/* -- url */
+	    if (scep_url)
+		usage("only one URL argument allowed");
+	    scep_url = optarg;
+	    continue;
+
+	case 'm':	/* --method */
+	    if (strcasecmp("post", optarg) == 0)
+		request_type = FETCH_POST;
+	    else if (strcasecmp("get", optarg) == 0)
+		request_type = FETCH_GET;
+	    else
+		usage("invalid http request method specified");
+	    continue;
+
+	case 't':	/* --interval */
+	    poll_interval = atoi(optarg);
+	    if (poll_interval <= 0)
+		usage("invalid interval specified");
+	    continue;
+
+	case 'x':	/* --maxpolltime */
+	    max_poll_time = atoi(optarg);
+	    if (max_poll_time < 0)
+		usage("invalid maxpolltime specified");
+	    continue;
+
+	case 'a':	/*--algorithm */
+	    if (strcasecmp("des-cbc", optarg) == 0)
+		pkcs7_symmetric_cipher = OID_DES_CBC;
+	    else if (strcasecmp("3des-cbc", optarg) == 0)
+		pkcs7_symmetric_cipher = OID_3DES_EDE_CBC;
+	    else
+		usage("invalid encryption algorithm specified");
+	    continue;
+#ifdef DEBUG
+	case 'A':	/* --debug-all */
+	    base_debugging |= DBG_ALL;
+	    continue;
+	case 'P':	/* debug parsing */
+	    base_debugging |= DBG_PARSING;
+	    continue;
+	case 'R':	/* debug raw */
+	    base_debugging |= DBG_RAW;
+	    continue;
+	case 'C':	/* debug control */
+	    base_debugging |= DBG_CONTROL;
+	    continue;
+	case 'M':	/* debug control more */
+	    base_debugging |= DBG_CONTROLMORE;
+	    continue;
+	case 'X':	/* debug private */
+	    base_debugging |= DBG_PRIVATE;
+	    continue;
+#endif
+	default: 
+	    usage("unknown option");
+	}
+	/* break from loop */
+	break;
+    }
+
+    init_log("scepclient");
+    cur_debugging = base_debugging;
+    init_rnd_pool();
+    init_fetch();
+
+    if ((filetype_out == 0) && (!request_ca_certificate))
+	usage ("--out filetype required");
+
+    if (request_ca_certificate && (filetype_out > 0 || filetype_in > 0))
+	usage("in CA certificate request, no other --in or --out option allowed");
+
+    /* check if url is given, if cert output defined */
+    if (((filetype_out & CERT) || request_ca_certificate) && !scep_url)
+		usage("URL of SCEP server required");
+
+    /* check for sanity of --in/--out */
+    if (!filetype_in && (filetype_in > filetype_out))
+	usage("cannot generate --out of given --in!");
+
+    /*
+     * input of PKCS#1 file
+     */
+    private_key = alloc_thing(RSA_private_key_t, "RSA_private_key_t");
+
+    if (filetype_in & PKCS1)	/* load an RSA key pair from file */ 
+    {
+	prompt_pass_t pass = { "", FALSE, STDIN_FILENO };
+	const char *path = concatenate_paths(PRIVATE_KEY_PATH, file_in_pkcs1);
+
+	ugh = load_rsa_private_key(path, &pass, private_key);
+    }
+    else	    			/* generate an RSA key pair */
+    {
+	ugh = generate_rsa_private_key(rsa_keylength, private_key);
+    }
+    if (ugh != NULL)
+	exit_scepclient(ugh);
+
+    /* check for minimum key length */
+    if ((private_key->pub.k) < RSA_MIN_OCTETS)
+    {
+	exit_scepclient("length of RSA key has to be at least %d bits"
+	    ,RSA_MIN_OCTETS * BITS_PER_BYTE);
+    }
+
+    /*
+     * input of PKCS#10 file
+     */
+    if (filetype_in & PKCS10)
+    {
+	/* user wants to load a pkcs10 request
+	 * operation is not yet supported
+	 * would require a PKCS#10 parsing function
+
+	pkcs10 = pkcs10_read_from_file(file_in_pkcs10);
+
+         */
+    }
+    else
+    {
+	char buf[IDTOA_BUF];
+	chunk_t dn = empty_chunk;
+
+        dn.ptr = buf;
+
+	if (distinguishedName == NULL)
+	{
+	    char buf[BUF_LEN];
+	    int n = sprintf(buf, DEFAULT_DN);
+
+	    /* set the common name to the hostname */
+	    if (gethostname(buf + n, BUF_LEN - n) || strlen(buf) == n)
+	    {
+		exit_scepclient("no hostname defined, use "
+				"--dn <distinguished name> option");
+	    }
+	    distinguishedName = buf;
+	}
+
+	DBG(DBG_CONTROL,
+	    DBG_log("dn: '%s'", distinguishedName);
+	)
+	ugh = atodn(distinguishedName, &dn);
+	if (ugh != NULL)
+	    exit_scepclient(ugh);
+
+	clonetochunk(subject, dn.ptr, dn.len, "subject dn");
+
+	DBG(DBG_CONTROL,
+	    DBG_log("building pkcs10 object:")
+	)
+	pkcs10 = pkcs10_build(private_key, subject, challengePassword
+		    , subjectAltNames, pkcs10_signature_alg);
+	scep_generate_pkcs10_fingerprint(pkcs10->request, &fingerprint);
+	plog("  fingerprint:    %.*s", (int)fingerprint.len, fingerprint.ptr);
+    }
+
+    /* 
+     * output of PKCS#10 file
+     */
+    if (filetype_out & PKCS10)
+    {
+	const char *path = concatenate_paths(REQ_PATH, file_out_pkcs10);
+
+	if (!write_chunk(path, "pkcs10", pkcs10->request, 0022, force))
+	    exit_scepclient("could not write pkcs10 file '%s'", path);
+
+	filetype_out &= ~PKCS10;   /* delete PKCS10 flag */
+    }
+
+    if (!filetype_out)
+	exit_scepclient(NULL); /* no further output required */
+
+    /*
+     * output of PKCS#1 file
+     */
+    if (filetype_out & PKCS1)
+    {
+	const char *path = concatenate_paths(PRIVATE_KEY_PATH, file_out_pkcs1);
+
+	DBG(DBG_CONTROL,
+	    DBG_log("building pkcs1 object:")
+	)
+	pkcs1 = pkcs1_build_private_key(private_key);
+
+	if (!write_chunk(path, "pkcs1", pkcs1, 0066, force))
+	    exit_scepclient("could not write pkcs1 file '%s'", path);
+
+	filetype_out &= ~PKCS1;   /* delete PKCS1 flag */
+    }
+
+    if (!filetype_out)
+	exit_scepclient(NULL); /* no further output required */
+
+    scep_generate_transaction_id((const RSA_public_key_t *)private_key
+	, &transID, &serialNumber);
+    plog("  transaction ID: %.*s", (int)transID.len, transID.ptr);
+
+    /* generate a self-signed X.509 certificate */
+    x509_signer = alloc_thing(x509cert_t, "signer cert");
+    *x509_signer = empty_x509cert;
+    x509_signer->serialNumber = serialNumber;
+    x509_signer->sigAlg = OID_SHA1_WITH_RSA;
+    x509_signer->issuer = subject;
+    x509_signer->notBefore = (notBefore)? notBefore
+					: time(NULL);
+    x509_signer->notAfter = (notAfter)? notAfter
+				      : x509_signer->notBefore + validity;
+    x509_signer->subject = subject;
+    x509_signer->subjectAltName = subjectAltNames;
+
+    build_x509cert(x509_signer, (const RSA_public_key_t *)private_key
+		 , private_key);
+
+    /*
+     * output of self-signed X.509 certificate file
+     */
+    if (filetype_out & CERT_SELF)
+    {
+	const char *path = concatenate_paths(HOST_CERT_PATH, file_out_cert_self);
+
+	if (!write_chunk(path, "self-signed cert", x509_signer->certificate, 0022, force))
+	    exit_scepclient("could not write self-signed cert file '%s'", path);
+;
+	filetype_out &= ~CERT_SELF;   /* delete CERT_SELF flag */
+    }
+
+    if (!filetype_out)
+	exit_scepclient(NULL); /* no further output required */
+
+    /*
+     * load ca encryption certificate
+     */
+    {
+	const char *path = concatenate_paths(CA_CERT_PATH, file_in_cacert_enc);
+	cert_t cert;
+
+	if (!load_cert(path, "encryption cacert", &cert))
+	    exit_scepclient("could not load encryption cacert file '%s'", path);
+	x509_ca_enc = cert.u.x509;
+    }
+
+    /* 
+     * input of PKCS#7 file
+     */
+    if (filetype_in & PKCS7)
+    {
+	/* user wants to load a pkcs7 encrypted request
+         * operation is not yet supported!
+	 * would require additional parsing of transaction-id
+
+	   pkcs7 = pkcs7_read_from_file(file_in_pkcs7);
+
+	 */
+    }
+    else
+    {
+	DBG(DBG_CONTROL,
+	    DBG_log("building pkcs7 request")
+	)
+	pkcs7 = scep_build_request(pkcs10->request
+		    , transID, SCEP_PKCSReq_MSG
+		    , x509_ca_enc, pkcs7_symmetric_cipher
+		    , x509_signer, pkcs7_digest_alg, private_key);
+    }
+
+    /*
+     * output pkcs7 encrypted and signed certificate request
+     */
+    if (filetype_out & PKCS7)
+    {
+	const char *path = concatenate_paths(REQ_PATH, file_out_pkcs7);
+
+	if (!write_chunk(path, "pkcs7 encrypted request", pkcs7, 0022, force))
+	    exit_scepclient("could not write pkcs7 file '%s'", path);
+;
+	filetype_out &= ~PKCS7;   /* delete PKCS7 flag */
+    }
+
+    if (!filetype_out)
+	exit_scepclient(NULL); /* no further output required */
+
+    /*
+     * output certificate fetch from SCEP server
+     */
+    if (filetype_out & CERT)
+    {
+	const char *path = concatenate_paths(CA_CERT_PATH, file_in_cacert_sig);
+	cert_t cert;
+	time_t poll_start;
+
+	x509cert_t       *certs         = NULL;
+	chunk_t           envelopedData = empty_chunk;
+	chunk_t           certData      = empty_chunk;
+	contentInfo_t     data          = empty_contentInfo;
+	scep_attributes_t attrs         = empty_scep_attributes;
+
+	if (!load_cert(path, "signature cacert", &cert))
+	    exit_scepclient("could not load signature cacert file '%s'", path);
+	x509_ca_sig = cert.u.x509;
+
+	if (!scep_http_request(scep_url, pkcs7, SCEP_PKI_OPERATION
+	    , request_type, &scep_response))
+	{
+	    exit_scepclient("did not receive a valid scep response");
+	}
+        ugh = scep_parse_response(scep_response, transID, &data, &attrs
+				 , x509_ca_sig);
+	if (ugh != NULL)
+	    exit_scepclient(ugh);
+
+	/* in case of manual mode, we are going into a polling loop */
+	if (attrs.pkiStatus == SCEP_PENDING)
+	{
+	    plog("  scep request pending, polling every %d seconds"
+		, poll_interval);
+            time(&poll_start);
+	    issuerAndSubject = asn1_wrap(ASN1_SEQUENCE, "cc"
+				   , x509_ca_sig->subject
+				   , subject);
+	}
+	while (attrs.pkiStatus == SCEP_PENDING)
+	{
+	    if (max_poll_time > 0
+	    && (time(NULL) - poll_start >= max_poll_time))
+	    {
+		exit_scepclient("maximum poll time reached: %d seconds"
+			       , max_poll_time);
+	    }
+	    DBG(DBG_CONTROL,
+		DBG_log("going to sleep for %d seconds", poll_interval)
+	    )
+	    sleep(poll_interval);
+	    free(scep_response.ptr);
+
+	    DBG(DBG_CONTROL,
+		DBG_log("fingerprint:    %.*s", (int)fingerprint.len, fingerprint.ptr);
+		DBG_log("transaction ID: %.*s", (int)transID.len, transID.ptr)
+	    )
+
+	    freeanychunk(getCertInitial);
+	    getCertInitial = scep_build_request(issuerAndSubject
+				, transID, SCEP_GetCertInitial_MSG
+				, x509_ca_enc, pkcs7_symmetric_cipher
+				, x509_signer, pkcs7_digest_alg, private_key);
+
+	    if (!scep_http_request(scep_url, getCertInitial, SCEP_PKI_OPERATION
+	    , request_type, &scep_response))
+	    {
+		exit_scepclient("did not receive a valid scep response");
+	    }
+            ugh = scep_parse_response(scep_response, transID, &data, &attrs
+				     , x509_ca_sig);
+	    if (ugh != NULL)
+		exit_scepclient(ugh);
+	}
+
+	if (attrs.pkiStatus != SCEP_SUCCESS)
+	{
+	    exit_scepclient("reply status is not 'SUCCESS'");
+	}
+
+	envelopedData = data.content;
+
+	if (data.type != OID_PKCS7_DATA
+	|| !parse_asn1_simple_object(&envelopedData, ASN1_OCTET_STRING, 0, "data"))
+	{
+	    exit_scepclient("contentInfo is not of type 'data'");
+	}
+	if (!pkcs7_parse_envelopedData(envelopedData, &certData
+	    , serialNumber, private_key))
+	{
+	    exit_scepclient("could not decrypt envelopedData");
+	}
+	if (!pkcs7_parse_signedData(certData, NULL, &certs, NULL, NULL))
+        {
+	    exit_scepclient("error parsing the scep response");
+	}
+	freeanychunk(certData);
+
+	/* store the end entity certificate */
+	path = concatenate_paths(HOST_CERT_PATH, file_out_cert);
+	while (certs != NULL)
+ 	{
+	    bool stored = FALSE;
+	    x509cert_t *cert = certs;
+
+	    if (!cert->isCA)
+	    {
+		if (stored)
+		    exit_scepclient("multiple certs received, only first stored");
+		if (!write_chunk(path, "requested cert", cert->certificate, 0022, force))
+		    exit_scepclient("could not write cert file '%s'", path);
+		stored = TRUE;
+	    }
+	    certs = certs->next;
+	    free_x509cert(cert);
+	}
+	filetype_out &= ~CERT;   /* delete CERT flag */
+    }
+
+    exit_scepclient(NULL);
+    return -1; /* should never be reached */
+}
+
+