Skip to main content

Browse the archive

https://github.com/henrycg/earand
06 April 2024, 00:31:16 UTC
Raw File
Tip revision: 362625f3847ddd2e2d5a90cf5f93b4b3ea76e059 authored by Henry Corrigan-Gibbs on 21 May 2018, 19:54:59 UTC
Merge branch 'master' of github.com:henrycg/earand
Tip revision: 362625f
gen_keys.c 
#include <openssl/rsa.h>

#include "gen_keys.h"
#include "util.h"

void SetBogusTimeSubject(X509* cert)
{
  // Set the X509 version to 3
  CHECK_CALL(cert->cert_info->version = M_ASN1_INTEGER_new());
  CHECK_CALL(ASN1_INTEGER_set(cert->cert_info->version, 3));

  // Set the issuer field of the cert
  X509_NAME* issuer = X509_get_issuer_name(cert);
  CHECK_CALL(issuer);
  CHECK_CALL(X509_NAME_add_entry_by_txt(issuer, "O", MBSTRING_ASC, 
        (const unsigned char *)"CA Issuer", -1, -1, 0)); 
  CHECK_CALL(X509_set_issuer_name(cert, issuer));

  // Set the subject field of the cert
  X509_NAME* subj = X509_get_subject_name(cert);
  CHECK_CALL(subj);
  CHECK_CALL(X509_NAME_add_entry_by_txt(subj, "O", MBSTRING_ASC, 
        (const unsigned char *)"CA Subject", -1, -1, 0)); 
  CHECK_CALL(X509_set_subject_name(cert, subj));

  // Set cert to expire in one year
  CHECK_CALL(X509_gmtime_adj(cert->cert_info->validity->notBefore, 0));
  CHECK_CALL(X509_gmtime_adj(cert->cert_info->validity->notAfter, 365*24*60*60));
}

X509* GenerateDsa(DsaParams params)
{
  EVP_PKEY* pk = EVP_PKEY_new();
  EC_KEY* key = EC_KEY_new();
  CHECK_CALL(EC_KEY_set_group(key, DsaParams_GetCurve(params)));
  CHECK_CALL(EC_KEY_generate_key(key));
  CHECK_CALL(EC_KEY_get0_public_key(key));

  CHECK_CALL(EVP_PKEY_set1_EC_KEY(pk, key));

  X509* cert = X509_new();
  CHECK_CALL(cert);
  CHECK_CALL(X509_set_pubkey(cert, pk));

  EC_KEY_free(key);
  EVP_PKEY_free(pk);

  SetBogusTimeSubject(cert);

  return cert;
}

X509* GenerateRsa(RsaParams params)
{
  EVP_PKEY* pk = EVP_PKEY_new();
  RSA* rsa = RSA_new();

  CHECK_CALL(rsa = RSA_generate_key(RsaParams_GetModulusBits(params), 
       65537, NULL, NULL));

  CHECK_CALL(EVP_PKEY_set1_RSA(pk, rsa));

  X509* cert = X509_new();
  CHECK_CALL(cert);
  CHECK_CALL(X509_set_pubkey(cert, pk));

  RSA_free(rsa);
  EVP_PKEY_free(pk);

  SetBogusTimeSubject(cert);

  return cert;
}
back to top