OpenSSL  1.0.1c
 All Classes Files Functions Variables Typedefs Enumerations Enumerator Macros
selfsign.c
Go to the documentation of this file.
1 /* NOCW */
2 /* cc -o ssdemo -I../include selfsign.c ../libcrypto.a */
3 
4 #include <stdio.h>
5 #include <stdlib.h>
6 
7 #include <openssl/pem.h>
8 #include <openssl/conf.h>
9 #include <openssl/x509v3.h>
10 
11 int mkit(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days);
12 
13 int main()
14  {
15  BIO *bio_err;
16  X509 *x509=NULL;
17  EVP_PKEY *pkey=NULL;
18 
20 
21  bio_err=BIO_new_fp(stderr, BIO_NOCLOSE);
22 
23  mkit(&x509,&pkey,512,0,365);
24 
25  RSA_print_fp(stdout,pkey->pkey.rsa,0);
26  X509_print_fp(stdout,x509);
27 
28  PEM_write_PrivateKey(stdout,pkey,NULL,NULL,0,NULL, NULL);
29  PEM_write_X509(stdout,x509);
30 
31  X509_free(x509);
32  EVP_PKEY_free(pkey);
33 
34 #ifdef CUSTOM_EXT
35  /* Only needed if we add objects or custom extensions */
37  OBJ_cleanup();
38 #endif
39 
40  CRYPTO_mem_leaks(bio_err);
41  BIO_free(bio_err);
42  return(0);
43  }
44 
45 #ifdef WIN16
46 # define MS_CALLBACK _far _loadds
47 # define MS_FAR _far
48 #else
49 # define MS_CALLBACK
50 # define MS_FAR
51 #endif
52 
53 static void MS_CALLBACK callback(p, n, arg)
54 int p;
55 int n;
56 void *arg;
57  {
58  char c='B';
59 
60  if (p == 0) c='.';
61  if (p == 1) c='+';
62  if (p == 2) c='*';
63  if (p == 3) c='\n';
64  fputc(c,stderr);
65  }
66 
67 int mkit(x509p,pkeyp,bits,serial,days)
68 X509 **x509p;
69 EVP_PKEY **pkeyp;
70 int bits;
71 int serial;
72 int days;
73  {
74  X509 *x;
75  EVP_PKEY *pk;
76  RSA *rsa;
77  X509_NAME *name=NULL;
78  X509_NAME_ENTRY *ne=NULL;
79  X509_EXTENSION *ex=NULL;
80 
81 
82  if ((pkeyp == NULL) || (*pkeyp == NULL))
83  {
84  if ((pk=EVP_PKEY_new()) == NULL)
85  {
86  abort();
87  return(0);
88  }
89  }
90  else
91  pk= *pkeyp;
92 
93  if ((x509p == NULL) || (*x509p == NULL))
94  {
95  if ((x=X509_new()) == NULL)
96  goto err;
97  }
98  else
99  x= *x509p;
100 
101  rsa=RSA_generate_key(bits,RSA_F4,callback,NULL);
102  if (!EVP_PKEY_assign_RSA(pk,rsa))
103  {
104  abort();
105  goto err;
106  }
107  rsa=NULL;
108 
109  X509_set_version(x,3);
112  X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days);
113  X509_set_pubkey(x,pk);
114 
115  name=X509_get_subject_name(x);
116 
117  /* This function creates and adds the entry, working out the
118  * correct string type and performing checks on its length.
119  * Normally we'd check the return value for errors...
120  */
122  MBSTRING_ASC, "UK", -1, -1, 0);
123  X509_NAME_add_entry_by_txt(name,"CN",
124  MBSTRING_ASC, "OpenSSL Group", -1, -1, 0);
125 
126  X509_set_issuer_name(x,name);
127 
128  /* Add extension using V3 code: we can set the config file as NULL
129  * because we wont reference any other sections. We can also set
130  * the context to NULL because none of these extensions below will need
131  * to access it.
132  */
133 
134  ex = X509V3_EXT_conf_nid(NULL, NULL, NID_netscape_cert_type, "server");
135  X509_add_ext(x,ex,-1);
136  X509_EXTENSION_free(ex);
137 
138  ex = X509V3_EXT_conf_nid(NULL, NULL, NID_netscape_comment,
139  "example comment extension");
140  X509_add_ext(x,ex,-1);
141  X509_EXTENSION_free(ex);
142 
144  "www.openssl.org");
145 
146  X509_add_ext(x,ex,-1);
147  X509_EXTENSION_free(ex);
148 
149 #if 0
150  /* might want something like this too.... */
152  "critical,CA:TRUE");
153 
154 
155  X509_add_ext(x,ex,-1);
156  X509_EXTENSION_free(ex);
157 #endif
158 
159 #ifdef CUSTOM_EXT
160  /* Maybe even add our own extension based on existing */
161  {
162  int nid;
163  nid = OBJ_create("1.2.3.4", "MyAlias", "My Test Alias Extension");
165  ex = X509V3_EXT_conf_nid(NULL, NULL, nid,
166  "example comment alias");
167  X509_add_ext(x,ex,-1);
168  X509_EXTENSION_free(ex);
169  }
170 #endif
171 
172  if (!X509_sign(x,pk,EVP_md5()))
173  goto err;
174 
175  *x509p=x;
176  *pkeyp=pk;
177  return(1);
178 err:
179  return(0);
180  }