/* NOCW */ /* demos/spkigen.c * 18-Mar-1997 - eay - A quick hack :-) * version 1.1, it would probably help to save or load the * private key :-) */ #include <stdio.h> #include <stdlib.h> #include <openssl/err.h> #include <openssl/asn1.h> #include <openssl/objects.h> #include <openssl/evp.h> #include <openssl/x509.h> #include <openssl/pem.h> /* The following two don't exist in SSLeay but they are in here as * examples */ #define PEM_write_SPKI(fp,x) \ PEM_ASN1_write((int (*)())i2d_NETSCAPE_SPKI,"SPKI",fp,\ (char *)x,NULL,NULL,0,NULL) int SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey); /* These are defined in the next version of SSLeay */ int EVP_PKEY_assign(EVP_PKEY *pkey, int type,char *key); #define RSA_F4 0x10001 #define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ (char *)(rsa)) int main(argc,argv) int argc; char *argv[]; { RSA *rsa=NULL; NETSCAPE_SPKI *spki=NULL; EVP_PKEY *pkey=NULL; char buf[128]; int ok=0,i; FILE *fp; pkey=EVP_PKEY_new(); if (argc < 2) { /* Generate an RSA key, the random state should have been seeded * with lots of calls to RAND_seed(....) */ fprintf(stderr,"generating RSA key, could take some time...\n"); if ((rsa=RSA_generate_key(512,RSA_F4,NULL)) == NULL) goto err; } else { if ((fp=fopen(argv[1],"r")) == NULL) { perror(argv[1]); goto err; } if ((rsa=PEM_read_RSAPrivateKey(fp,NULL,NULL)) == NULL) goto err; fclose(fp); } if (!EVP_PKEY_assign_RSA(pkey,rsa)) goto err; rsa=NULL; /* lets make the spki and set the public key and challenge */ if ((spki=NETSCAPE_SPKI_new()) == NULL) goto err; if (!SPKI_set_pubkey(spki,pkey)) goto err; fprintf(stderr,"please enter challenge string:"); fflush(stderr); buf[0]='\0'; fgets(buf,sizeof buf,stdin); i=strlen(buf); if (i > 0) buf[--i]='\0'; if (!ASN1_STRING_set((ASN1_STRING *)spki->spkac->challenge, buf,i)) goto err; if (!NETSCAPE_SPKI_sign(spki,pkey,EVP_md5())) goto err; PEM_write_SPKI(stdout,spki); if (argc < 2) PEM_write_RSAPrivateKey(stdout,pkey->pkey.rsa,NULL,NULL,0,NULL); ok=1; err: if (!ok) { fprintf(stderr,"something bad happened...."); ERR_print_errors_fp(stderr); } NETSCAPE_SPKI_free(spki); EVP_PKEY_free(pkey); exit(!ok); } /* This function is in the next version of SSLeay */ int EVP_PKEY_assign(pkey,type,key) EVP_PKEY *pkey; int type; char *key; { if (pkey == NULL) return(0); if (pkey->pkey.ptr != NULL) { if (pkey->type == EVP_PKEY_RSA) RSA_free(pkey->pkey.rsa); /* else memory leak */ } pkey->type=type; pkey->pkey.ptr=key; return(1); } /* While I have a * X509_set_pubkey() and X509_REQ_set_pubkey(), SPKI_set_pubkey() does * not currently exist so here is a version of it. * The next SSLeay release will probably have * X509_set_pubkey(), * X509_REQ_set_pubkey() and * NETSCAPE_SPKI_set_pubkey() * as macros calling the same function */ int SPKI_set_pubkey(x,pkey) NETSCAPE_SPKI *x; EVP_PKEY *pkey; { int ok=0; X509_PUBKEY *pk; X509_ALGOR *a; ASN1_OBJECT *o; unsigned char *s,*p; int i; if (x == NULL) return(0); if ((pk=X509_PUBKEY_new()) == NULL) goto err; a=pk->algor; /* set the algorithm id */ if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err; ASN1_OBJECT_free(a->algorithm); a->algorithm=o; /* Set the parameter list */ if ((a->parameter == NULL) || (a->parameter->type != V_ASN1_NULL)) { ASN1_TYPE_free(a->parameter); a->parameter=ASN1_TYPE_new(); a->parameter->type=V_ASN1_NULL; } i=i2d_PublicKey(pkey,NULL); if ((s=(unsigned char *)malloc(i+1)) == NULL) goto err; p=s; i2d_PublicKey(pkey,&p); if (!ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err; free(s); X509_PUBKEY_free(x->spkac->pubkey); x->spkac->pubkey=pk; pk=NULL; ok=1; err: if (pk != NULL) X509_PUBKEY_free(pk); return(ok); }