TDE core libraries
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

ksslcertificatefactory.cc 3.2KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122
  1. /* This file is part of the KDE project
  2. *
  3. * Copyright (C) 2000 George Staikos <staikos@kde.org>
  4. *
  5. * This library is free software; you can redistribute it and/or
  6. * modify it under the terms of the GNU Library General Public
  7. * License as published by the Free Software Foundation; either
  8. * version 2 of the License, or (at your option) any later version.
  9. *
  10. * This library is distributed in the hope that it will be useful,
  11. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  13. * Library General Public License for more details.
  14. *
  15. * You should have received a copy of the GNU Library General Public License
  16. * along with this library; see the file COPYING.LIB. If not, write to
  17. * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
  18. * Boston, MA 02110-1301, USA.
  19. */
  20. #include <ksslcertificatefactory.h>
  21. #include <ksslcertificate.h>
  22. #include <stdlib.h>
  23. //#include <kopenssl.h>
  24. KSSLCertificate*
  25. KSSLCertificateFactory::generateSelfSigned(KSSLKeyType /*keytype*/) {
  26. #if 0
  27. //#ifdef KSSL_HAVE_SSL
  28. X509_NAME *x509name = X509_NAME_new();
  29. X509 *x509;
  30. ASN1_UTCTIME *beforeafter;
  31. KSSLCertificate *newcert;
  32. int rc;
  33. // FIXME: generate the private key
  34. if (keytype == KEYTYPE_UNKNOWN || (key=EVP_PKEY_new()) == NULL) {
  35. X509_NAME_free(x509name);
  36. return NULL;
  37. }
  38. switch(keytype) {
  39. case KEYTYPE_RSA:
  40. if (!EVP_PKEY_assign_RSA(key, RSA_generate_key(newkey,0x10001,
  41. req_cb,bio_err))) {
  42. }
  43. break;
  44. case KEYTYPE_DSA:
  45. if (!DSA_generate_key(dsa_params)) goto end;
  46. if (!EVP_PKEY_assign_DSA(pkey,dsa_params)) goto end;
  47. dsa_params=NULL;
  48. if (pkey->type == EVP_PKEY_DSA)
  49. digest=EVP_dss1();
  50. break;
  51. }
  52. // FIXME: dn doesn't exist
  53. // FIXME: allow the notAfter value to be parameterized
  54. // FIXME: allow a password to lock the key with
  55. // Fill in the certificate
  56. X509_NAME_add_entry_by_NID(x509name, OBJ_txt2nid("CN"), 0x1001,
  57. (unsigned char *) dn, -1, -1, 0);
  58. x509 = X509_new();
  59. rc = X509_set_issuer_name(x509, x509name);
  60. if (rc != 0) {
  61. X509_free(x509);
  62. X509_NAME_free(x509name);
  63. return NULL;
  64. }
  65. rc = X509_set_subject_name(x509, x509name);
  66. if (rc != 0) {
  67. X509_free(x509);
  68. X509_NAME_free(x509name);
  69. return NULL;
  70. }
  71. ASN1_INTEGER_set(X509_get_serialNumber(*x509), 0);
  72. X509_NAME_free(x509name);
  73. // Make it a 1 year certificate
  74. beforeafter = ASN1_UTCTIME_new();
  75. if (!X509_gmtime_adj(beforeafter, -60*60*24)) { // yesterday
  76. X509_free(x509);
  77. return NULL;
  78. }
  79. if (!X509_set_notBefore(x509, beforeafter)) {
  80. X509_free(x509);
  81. return NULL;
  82. }
  83. if (!X509_gmtime_adj(beforeafter, 60*60*24*364)) { // a year from yesterday
  84. X509_free(x509);
  85. return NULL;
  86. }
  87. if (!X509_set_notAfter(x509, beforeafter)) {
  88. X509_free(x509);
  89. return NULL;
  90. }
  91. ASN1_UTCTIME_free(beforeafter);
  92. if (!X509_set_pubkey(x509, key)) {
  93. X509_free(x509);
  94. return NULL;
  95. }
  96. rc = X509_sign(x509, key, EVP_sha1());
  97. if (rc != 0) {
  98. X509_free(x509);
  99. return NULL;
  100. }
  101. newCert = new KSSLCertificate;
  102. newCert->setCert(x509);
  103. return newCert;
  104. #else
  105. return NULL;
  106. #endif
  107. }