kio

ksslcertificatefactory.cc

00001 /* This file is part of the KDE project
00002  *
00003  * Copyright (C) 2000 George Staikos <staikos@kde.org>
00004  *
00005  * This library is free software; you can redistribute it and/or
00006  * modify it under the terms of the GNU Library General Public
00007  * License as published by the Free Software Foundation; either
00008  * version 2 of the License, or (at your option) any later version.
00009  *
00010  * This library is distributed in the hope that it will be useful,
00011  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00012  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00013  * Library General Public License for more details.
00014  *
00015  * You should have received a copy of the GNU Library General Public License
00016  * along with this library; see the file COPYING.LIB.  If not, write to
00017  * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
00018  * Boston, MA 02110-1301, USA.
00019  */ 
00020 
00021 #include <ksslcertificatefactory.h>
00022 #include <ksslcertificate.h>
00023 #include <stdlib.h>
00024 
00025 //#include <kopenssl.h>
00026 
00027 KSSLCertificate*
00028 KSSLCertificateFactory::generateSelfSigned(KSSLKeyType /*keytype*/) {
00029 #if 0
00030   //#ifdef KSSL_HAVE_SSL
00031   X509_NAME *x509name = X509_NAME_new();
00032   X509      *x509;
00033   ASN1_UTCTIME *beforeafter;
00034   KSSLCertificate *newcert;
00035   int rc;
00036 
00037   // FIXME: generate the private key
00038   if (keytype == KEYTYPE_UNKNOWN || (key=EVP_PKEY_new()) == NULL) {
00039     X509_NAME_free(x509name);
00040     return NULL;
00041   }
00042 
00043   switch(keytype) {
00044   case KEYTYPE_RSA:
00045     if (!EVP_PKEY_assign_RSA(key, RSA_generate_key(newkey,0x10001,
00046                            req_cb,bio_err))) {
00047       
00048     } 
00049     break;
00050   case KEYTYPE_DSA:
00051     if (!DSA_generate_key(dsa_params)) goto end;
00052     if (!EVP_PKEY_assign_DSA(pkey,dsa_params)) goto end;
00053     dsa_params=NULL; 
00054     if (pkey->type == EVP_PKEY_DSA)
00055       digest=EVP_dss1();
00056     break;
00057   }
00058 
00059   // FIXME: dn doesn't exist
00060   // FIXME: allow the notAfter value to be parameterized
00061   // FIXME: allow a password to lock the key with
00062 
00063   // Fill in the certificate
00064   X509_NAME_add_entry_by_NID(x509name, OBJ_txt2nid("CN"), 0x1001,
00065                              (unsigned char *) dn, -1, -1, 0);
00066 
00067   x509 = X509_new();
00068   rc = X509_set_issuer_name(x509, x509name);
00069   if (rc != 0) {
00070     X509_free(x509);
00071     X509_NAME_free(x509name);
00072     return NULL;
00073   }
00074   rc = X509_set_subject_name(x509, x509name);
00075   if (rc != 0) {
00076     X509_free(x509);
00077     X509_NAME_free(x509name);
00078     return NULL;
00079   }
00080   ASN1_INTEGER_set(X509_get_serialNumber(*x509), 0);
00081 
00082   X509_NAME_free(x509name);
00083 
00084   // Make it a 1 year certificate
00085   beforeafter = ASN1_UTCTIME_new();
00086   if (!X509_gmtime_adj(beforeafter, -60*60*24)) {     // yesterday
00087     X509_free(x509);
00088     return NULL;
00089   }
00090   if (!X509_set_notBefore(x509, beforeafter)) {
00091     X509_free(x509);
00092     return NULL;
00093   }
00094   if (!X509_gmtime_adj(beforeafter, 60*60*24*364)) {  // a year from yesterday
00095     X509_free(x509);
00096     return NULL;
00097   }
00098   if (!X509_set_notAfter(x509, beforeafter)) {
00099     X509_free(x509);
00100     return NULL;
00101   }
00102   ASN1_UTCTIME_free(beforeafter);
00103 
00104   if (!X509_set_pubkey(x509, key)) {
00105     X509_free(x509);
00106     return NULL;
00107   }
00108 
00109   rc = X509_sign(x509, key, EVP_sha1());
00110   if (rc != 0) {
00111     X509_free(x509);
00112     return NULL;
00113   }
00114 
00115   newCert = new KSSLCertificate;
00116   newCert->setCert(x509);
00117   return newCert;  
00118 #else
00119   return NULL;
00120 #endif
00121 }
00122
kio

ksslcertificatefactory.cc

kio

API Reference
