From 585356e222c5a6116532ba14cce44a2c6cd9c366 Mon Sep 17 00:00:00 2001 From: lloyd Date: Wed, 1 Jan 2014 23:58:46 +0000 Subject: Cull remaining mostly dubious examples. Also remove readme.txt --- doc/examples/gen_certs.cpp | 134 --------------------------------------------- 1 file changed, 134 deletions(-) delete mode 100644 doc/examples/gen_certs.cpp (limited to 'doc/examples/gen_certs.cpp') diff --git a/doc/examples/gen_certs.cpp b/doc/examples/gen_certs.cpp deleted file mode 100644 index 14ae5a0a9..000000000 --- a/doc/examples/gen_certs.cpp +++ /dev/null @@ -1,134 +0,0 @@ -/* -* (C) 2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -/* -* Generate a root CA plus httpd, dovecot, and postfix certs/keys -* -*/ - -#include -#include -#include -#include -#include - -using namespace Botan; - -#include -#include - -namespace { - -void fill_commoninfo(X509_Cert_Options& opts) - { - opts.country = "US"; - opts.organization = "randombit.net"; - opts.email = "admin@randombit.net"; - opts.locality = "Vermont"; - } - -X509_Certificate make_ca_cert(RandomNumberGenerator& rng, - const Private_Key& priv_key, - const X509_Time& now, - const X509_Time& later) - { - X509_Cert_Options opts; - fill_commoninfo(opts); - opts.common_name = "randombit.net CA"; - opts.start = now; - opts.end = later; - opts.CA_key(); - - return X509::create_self_signed_cert(opts, priv_key, "SHA-256", rng); - } - -PKCS10_Request make_server_cert_req(const Private_Key& key, - const std::string& hostname, - RandomNumberGenerator& rng) - { - X509_Cert_Options opts; - opts.common_name = hostname; - fill_commoninfo(opts); - - opts.add_ex_constraint("PKIX.ServerAuth"); - - return X509::create_cert_req(opts, key, "SHA-1", rng); - } - -void save_pair(const std::string& name, - const std::string& password, - const X509_Certificate& cert, - const Private_Key& key, - RandomNumberGenerator& rng) - { - std::string cert_fsname = name + "_cert.pem"; - std::string key_fsname = name + "_key.pem"; - - std::ofstream cert_out(cert_fsname.c_str()); - cert_out << cert.PEM_encode() << "\n"; - cert_out.close(); - - std::ofstream key_out(key_fsname.c_str()); - if(password != "") - key_out << PKCS8::PEM_encode(key, rng, password); - else - key_out << PKCS8::PEM_encode(key); - key_out.close(); - } - -} - -typedef std::chrono::duration> years; - -int main() - { - auto current_time = std::chrono::system_clock::now(); - - X509_Time now = X509_Time(current_time); - X509_Time later = X509_Time(current_time + years(4)); - - LibraryInitializer init; - - AutoSeeded_RNG rng; - - RSA_PrivateKey ca_key(rng, 2048); - - X509_Certificate ca_cert = make_ca_cert(rng, ca_key, now, later); - - const std::string ca_password = "sekrit"; - - save_pair("ca", ca_password, ca_cert, ca_key, rng); - - X509_CA ca(ca_cert, ca_key, "SHA-256"); - - RSA_PrivateKey httpd_key(rng, 1536); - X509_Certificate httpd_cert = ca.sign_request( - make_server_cert_req(httpd_key, "www.randombit.net", rng), - rng, now, later); - - save_pair("httpd", "", httpd_cert, httpd_key, rng); - - RSA_PrivateKey bugzilla_key(rng, 1536); - X509_Certificate bugzilla_cert = ca.sign_request( - make_server_cert_req(bugzilla_key, "bugs.randombit.net", rng), - rng, now, later); - - save_pair("bugzilla", "", bugzilla_cert, bugzilla_key, rng); - - RSA_PrivateKey postfix_key(rng, 1536); - X509_Certificate postfix_cert = ca.sign_request( - make_server_cert_req(postfix_key, "mail.randombit.net", rng), - rng, now, later); - - save_pair("postfix", "", postfix_cert, postfix_key, rng); - - RSA_PrivateKey dovecot_key(rng, 1536); - X509_Certificate dovecot_cert = ca.sign_request( - make_server_cert_req(dovecot_key, "imap.randombit.net", rng), - rng, now, later); - - save_pair("dovecot", "", dovecot_cert, dovecot_key, rng); - } -- cgit v1.2.3