aboutsummaryrefslogtreecommitdiffstats
path: root/doc/examples/ca.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'doc/examples/ca.cpp')
-rw-r--r--doc/examples/ca.cpp28
1 files changed, 18 insertions, 10 deletions
diff --git a/doc/examples/ca.cpp b/doc/examples/ca.cpp
index 62564df1a..5458a98cc 100644
--- a/doc/examples/ca.cpp
+++ b/doc/examples/ca.cpp
@@ -21,27 +21,35 @@ using namespace Botan;
int main(int argc, char* argv[])
{
- if(argc != 2)
+ if(argc != 5)
{
- std::cout << "Usage: " << argv[0] << " passphrase" << std::endl;
+ std::cout << "Usage: " << argv[0] << " <passphrase> "
+ << "<ca cert> <ca key> <pkcs10>" << std::endl;
return 1;
}
- try {
- // set up our CA
- X509_Certificate ca_cert("cacert.pem");
+ try
+ {
+ const std::string arg_passphrase = argv[1];
+ const std::string arg_ca_cert = argv[2];
+ const std::string arg_ca_key = argv[3];
+ const std::string arg_req_file = argv[4];
+
+ X509_Certificate ca_cert(arg_ca_cert);
+
std::auto_ptr<PKCS8_PrivateKey> privkey(
- PKCS8::load_key("caprivate.pem", argv[1])
+ PKCS8::load_key(arg_ca_key, arg_passphrase)
);
+
X509_CA ca(ca_cert, *privkey);
// got a request
- PKCS10_Request req("req.pem");
+ PKCS10_Request req(arg_req_file);
- // presumably attempt to verify the req for sanity/accuracy here, but
- // as Verisign, etc have shown, that's not a must. :)
+ // you would insert checks here, and perhaps modify the request
+ // (this example should be extended to show how)
- // now sign it
+ // now sign the request
X509_Certificate new_cert = ca.sign_request(req);
// send the new cert back to the requestor