blob: fd3ea0e1d297168d82a1b9d6672b1205c41df401 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
/*
Generate a 1024 bit RSA key, and then create a PKCS #10 certificate request for
that key. The private key will be stored as an encrypted PKCS #8 object, and
stored in another file.
Written by Jack Lloyd (lloyd@randombit.net), April 7, 2003
This file is in the public domain
*/
#include <botan/init.h>
#include <botan/x509self.h>
#include <botan/rsa.h>
#include <botan/dsa.h>
using namespace Botan;
#include <iostream>
#include <fstream>
#include <memory>
int main(int argc, char* argv[])
{
if(argc != 6)
{
std::cout << "Usage: " << argv[0] <<
" passphrase name country_code organization email" << std::endl;
return 1;
}
try
{
std::auto_ptr<RandomNumberGenerator> rng(make_rng());
RSA_PrivateKey priv_key(*rng, 1024);
// If you want a DSA key instead of RSA, comment out the above line and
// uncomment this one:
//DSA_PrivateKey priv_key(DL_Group("dsa/jce/1024"));
std::ofstream key_file("private.pem");
key_file << PKCS8::PEM_encode(priv_key, *rng, argv[1]);
X509_Cert_Options opts;
opts.common_name = argv[2];
opts.country = argv[3];
opts.organization = argv[4];
opts.email = argv[5];
/* Some hard-coded options, just to give you an idea of what's there */
opts.challenge = "a fixed challenge passphrase";
opts.locality = "Baltimore";
opts.state = "MD";
opts.org_unit = "Testing";
opts.add_ex_constraint("PKIX.ClientAuth");
opts.add_ex_constraint("PKIX.IPsecUser");
opts.add_ex_constraint("PKIX.EmailProtection");
opts.xmpp = "someid@xmpp.org";
PKCS10_Request req = X509::create_cert_req(opts, priv_key, *rng);
std::ofstream req_file("req.pem");
req_file << req.PEM_encode();
}
catch(std::exception& e)
{
std::cout << e.what() << std::endl;
return 1;
}
return 0;
}
|