1 files changed, 156 insertions, 0 deletions
diff --git a/vchat-keygen b/vchat-keygen
new file mode 100755
index 0000000..08c3b6e
--- /dev/null
+++ b/vchat-keygen
@@ -0,0 +1,156 @@
+#!/bin/sh
+#
+# vchat-client - alpha version
+# vchat-keygen - generate keypair for SSL with anon CA
+#
+# Copyright (C) 2001 Andreas Kotes <count@flatline.de>
+#
+# This program is free software. It can be redistributed and/or modified,
+# provided that this copyright notice is kept intact. This program is
+# distributed in the hope that it will be useful, but without any warranty;
+# without even the implied warranty of merchantability or fitness for a
+# particular purpose. In no event shall the copyright holder be liable for
+# any direct, indirect, incidental or special damages arising in any way out
+# of the use of this software. 
+#
+# where do we want to store the key?
+KEYBASE=$1
+if [ "x$KEYBASE" = "x" ] ; then
+   KEYBASE=$HOME/.vchat
+fi
+# no key? generate one ...
+if [ ! -e $KEYBASE.key ]; then
+   echo "vchat-keygen: generating RSA key $KEYBASE.key"
+   echo "vchat-keygen: please set passphrase for local security"
+   umask 0077
+   openssl genrsa -des3 -out $KEYBASE.key 2048
+else
+   echo "vchat-keygen: private key $KEYBASE.key exists"
+fi
+# no certificate? dump anonymous CA to disk.
+if [ ! -e $KEYBASE.cert ]; then
+   if [ ! -e $KEYBASE.ca.key ]; then
+      echo "vchat-keygen: saving CA key to $KEYBASE.ca.key"
+      cat >$KEYBASE.ca.key <<EOT
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEA0OydKPwRccotlfz4ZhKrVM1vbRa9bWOfZ1c4C6J+iLmZMjuk
+uALo5+c72phZjJ8qXTY+j+J4foRXgBD3qNwDFjtHaDtq4pK70WAWR7+gtnToVjvI
+ngq++Ht82GQQK34QKBBh4U/sdS1qvQWNkW6/tDa61pRwHI9xRhXG3YmVrE0mps/o
+JoaSxQQpk+6nTjuqfbFH+JEqzYgXLLYm5sZ3eRuClCezmQ9a1HSGW+JM4iL7xdRL
+u8o1Ml7PahODIr/Cb4nKco8grJ+gl4ChI+V8VsUNcmmoXdtb7b0x7tCOcvp2TPIE
+VK0sMTDCltGvXDKk3PrL+msAATJhA90FVTUjOQIDAQABAoIBAQCPZoks029J0kLd
+20fID/Jnf6aGkwAsMB/+d4AxhDQjtnivYP7biqvAWRfdH4r/mVQjrJLegczA0ieY
+8Ix86552yPNnWLkxkRO3T6ObVa2C7tV2MwytZaTUuzXi9TOgFqQSS8RTOV+MwkKs
+QT59Xy3YDWTK2hHlmJNgTpwz/Tatjv1zTXzDkb+rGLVjpanPoOvSbth2pXJL7kRf
+pkoDWqw59rDC6QQJxucYbueTSlw3YKg6ZJJ9dSsWf8pljCgwW0lLBHVmcsJw3C+z
+mzZW7I4I5wACGaAMjLR1p8bPWC4VF6cP9MdRJ77VZl2//HXb0nE6SHG5V2eDxiRJ
+NMqe/Z8BAoGBAOy6d7wRKADPPwZaLAKaKqsJSiK5DDnXloPgW4/IZrMmokQ0hF7m
+QXXtOvDkewGvIskLXk93/f47RQdGWZ/WRVPDBlxx2VbpxACJLb+EC9BEGOS/emdZ
+DI2934qMhGo4QCSq8I4RTDe0z+55Kj2yVzKv718J1lWaCpC+AtbIB1thAoGBAOHu
+sfcMYV5pV28y77yO/aVRaR19CjnH9mk5kdXLzITy5hYZskgQxmlB/zvMG/nEhAKz
+jwymL7PM0SXM/dWuz54nCYUDHdOexe2DHaFvNaalkziq3eU9B/ANY1+f/nk2TrBm
+TVaAYWld2X8jcXJbevy3H9IgDfzD27M6tFW1W7ZAoGAT/2eMeVWMBfXgwz7LBHt
+8wdbjqoasHzhtkQcjFQ6J7UZRZS9WdfSLMfxj66Uxffo+CgoQRAZuktKwu+Jn1Hm
+8SvIPXqW5yBsg4XW+Izk9QXdp4XwFXXooQiUvZtHryC8w+cjC85ag8RMMpesp1ZY
+0p7Scrm/PAOmKEycZvkGS2ECgYAWYIjZ2i0Op8pUJixedZ8jr5OEqyzHGkoKk/wg
+u8Wu6Uvmpnbk8lxkcnfwGUAwFcmpZtVlQFR7L28LmmkNr/m6RU2JEgzzN8eMxa66
+nYQn1EBnnWzK1qehnAHap8MRiFJ04E4QfbCm5wOTY1c7Xr73Xp9+L9UbNYSyybL8
+Nuh+yQKBgHUJf3RslTr382pFcHxXNQpA5wQHhtuL+VacbddnZNZCflQoJ+Zk1/GV
+0fDgfrY1+LVQvo/rpm6N3FIdLSaFwn2OmZMIwLWfu4BL1NNdWMwjSWkQ8hToVe5e
+707+ARBWPZX0GfZXHUybrZDJNlT01brqo4DhlWxMCPrAj3XNY6yr
+-----END RSA PRIVATE KEY-----
+EOT
+   fi
+   if [ ! -e $KEYBASE.ca.crt ]; then
+      echo "vchat-keygen: saving CA cert to $KEYBASE.ca.crt"
+      cat >$KEYBASE.ca.crt <<EOT
+-----BEGIN CERTIFICATE-----
+MIIC4zCCAcugAwIBAgIBADANBgkqhkiG9w0BAQQFADAbMRkwFwYDVQQDExBBbm9u
+eW1vdXMgRk9PIENBMB4XDTAxMDcwOTE0MzAyM1oXDTExMDcwNzE0MzAyM1owGzEZ
+MBcGA1UEAxMQQW5vbnltb3VzIEZPTyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBANDsnSj8EXHKLZX8+GYSq1TNb20WvW1jn2dXOAuifoi5mTI7pLgC
+6OfnO9qYWYyfKl02Po/ieH6EV4AQ96jcAxY7R2g7auKSu9FgFke/oLZ06FY7yJ4K
+vvh7fNhkECt+ECgQYeFP7HUtar0FjZFuv7Q2utaUcByPcUYVxt2JlaxNJqbP6CaG
+ksUEKZPup047qn2xR/iRKs2IFyy2JubGd3kbgpQns5kPWtR0hlviTOIi+8XUS7vK
+NTJez2oTgyK/wm+JynKPIKyfoJeAoSPlfFbFDXJpqF3bW+29Me7QjnL6dkzyBFSt
+LDEwwpbRr1wypNz6y/prAAEyYQPdBVU1IzkCAwEAAaMyMDAwDwYDVR0TAQH/BAUw
+AwEB/zAdBgNVHQ4EFgQUFsM7fh5NPHIgbUBsGqp+IAH4AjIwDQYJKoZIhvcNAQEE
+BQADggEBALKjPE9OX+FrKOODs+d4P/QJdEwsTKwT3zHjxUTKmhIRE1qphAiEfH2g
+IMgr/7y4MZd7FIx84qrfA+a96Yyb5QdbRu0fGlkom1JZxkKOQ2T5SiX7iU2nXMLa
+tsFoqKwrjG4vWwN8ZrlLT72+fZGTtFCUQm7pTxd7UZcfIcmfE43OJGl155gd2X8j
+jbbyu/lBwdJXznK86cm++lvXYJTeJEybipX/XoGoJtCZq0dGyC7vBTGnBZGmNymQ
+1QHQ8LjnzGK3q1ccLuGZ9QjXOjMImfPXGxiXMHO63Ph27U3jP4LEBsW3iRaUqevY
+Id4rGHl2/jBQyE1CGeN1o9iZBGmFS1c=
+-----END CERTIFICATE-----
+EOT
+   fi
+   if [ -e /tmp/00.pem ]; then
+      echo "vchat-keygen: insecure files lying around, bailing out"
+      exit
+   fi
+   if [ ! -e $KEYBASE.ca.conf ]; then
+      echo "vchat-keygen: generating config-file for CA $KEYBASE.ca.conf"
+      cat >$KEYBASE.ca.conf <<EOT
+[ ca ]
+default_ca              = default_CA
+[ default_CA ]
+dir                     = .
+#certs                   = \$dir
+new_certs_dir           = /tmp
+database                = $KEYBASE.ca.db.index
+serial                  = $KEYBASE.ca.db.serial
+certificate             = $KEYBASE.ca.crt
+private_key             = $KEYBASE.ca.key
+default_days            = 1825
+default_crl_days        = 30
+default_md              = md5
+preserve                = no
+x509_extensions         = user_cert
+policy                  = policy_anything
+[ policy_anything ]
+commonName              = supplied
+emailAddress            = supplied
+[ user_cert ]
+basicConstraints        = critical,CA:false
+authorityKeyIdentifier  = keyid:always
+extendedKeyUsage        = clientAuth
+EOT
+      echo -n >$KEYBASE.ca.db.index
+      echo 00 >$KEYBASE.ca.db.serial
+   fi
+   if [ ! -e $KEYBASE.csr ]; then 
+      if [ ! -e $KEYBASE.ca.keyconf ]; then
+         echo "vchat-keygen: generating config-file for self-signing $KEYBASE.ca.keyconf"
+         cat >$KEYBASE.ca.keyconf <<EOT
+[ req ]
+default_bits                    = 2048
+default_keyfile                 = user.key
+distinguished_name              = req_distinguished_name
+string_mask                     = nombstr
+req_extensions                  = v3_req
+[ req_distinguished_name ]
+commonName                      = Name
+commonName_max                  = 64
+emailAddress                    = Email Address
+emailAddress_max                = 40
+[ v3_req ]
+nsCertType                      = client
+basicConstraints                = critical,CA:false
+EOT
+      fi
+      echo "vchat-keygen: generating Certificate Signing Request $KEYBASE.csr"
+      openssl req -new -config $KEYBASE.ca.keyconf -key $KEYBASE.key -out $KEYBASE.csr
+   else
+      echo "vchat-keygen: Certificate Signing Request $KEYBASE.csr exists"
+   fi
+   echo "vchat-keygen: signing certificate $KEYBASE.cert"
+   openssl ca -batch -config $KEYBASE.ca.conf -out $KEYBASE.cert -in $KEYBASE.csr
+   rm /tmp/00.pem $KEYBASE.ca.*
+   echo
+else
+   echo "vchat-keygen: certificate $KEYBASE.cert exists"
+fi

diff --git a/vchat-keygen b/vchat-keygen new file mode 100755 index 0000000..08c3b6e --- /dev/null +++ b/vchat-keygen
@@ -0,0 +1,156 @@
	1	#!/bin/sh
	2
	3	#
	4	# vchat-client - alpha version
	5	# vchat-keygen - generate keypair for SSL with anon CA
	6	#
	7	# Copyright (C) 2001 Andreas Kotes <count@flatline.de>
	8	#
	9	# This program is free software. It can be redistributed and/or modified,
	10	# provided that this copyright notice is kept intact. This program is
	11	# distributed in the hope that it will be useful, but without any warranty;
	12	# without even the implied warranty of merchantability or fitness for a
	13	# particular purpose. In no event shall the copyright holder be liable for
	14	# any direct, indirect, incidental or special damages arising in any way out
	15	# of the use of this software.
	16	#
	17
	18	# where do we want to store the key?
	19	KEYBASE=$1
	20	if [ "x$KEYBASE" = "x" ] ; then
	21	KEYBASE=$HOME/.vchat
	22	fi
	23
	24	# no key? generate one ...
	25	if [ ! -e $KEYBASE.key ]; then
	26	echo "vchat-keygen: generating RSA key $KEYBASE.key"
	27	echo "vchat-keygen: please set passphrase for local security"
	28	umask 0077
	29	openssl genrsa -des3 -out $KEYBASE.key 2048
	30	else
	31	echo "vchat-keygen: private key $KEYBASE.key exists"
	32	fi
	33
	34	# no certificate? dump anonymous CA to disk.
	35	if [ ! -e $KEYBASE.cert ]; then
	36	if [ ! -e $KEYBASE.ca.key ]; then
	37	echo "vchat-keygen: saving CA key to $KEYBASE.ca.key"
	38	cat >$KEYBASE.ca.key <<EOT
	39	-----BEGIN RSA PRIVATE KEY-----
	40	MIIEowIBAAKCAQEA0OydKPwRccotlfz4ZhKrVM1vbRa9bWOfZ1c4C6J+iLmZMjuk
	41	uALo5+c72phZjJ8qXTY+j+J4foRXgBD3qNwDFjtHaDtq4pK70WAWR7+gtnToVjvI
	42	ngq++Ht82GQQK34QKBBh4U/sdS1qvQWNkW6/tDa61pRwHI9xRhXG3YmVrE0mps/o
	43	JoaSxQQpk+6nTjuqfbFH+JEqzYgXLLYm5sZ3eRuClCezmQ9a1HSGW+JM4iL7xdRL
	44	u8o1Ml7PahODIr/Cb4nKco8grJ+gl4ChI+V8VsUNcmmoXdtb7b0x7tCOcvp2TPIE
	45	VK0sMTDCltGvXDKk3PrL+msAATJhA90FVTUjOQIDAQABAoIBAQCPZoks029J0kLd
	46	20fID/Jnf6aGkwAsMB/+d4AxhDQjtnivYP7biqvAWRfdH4r/mVQjrJLegczA0ieY
	47	8Ix86552yPNnWLkxkRO3T6ObVa2C7tV2MwytZaTUuzXi9TOgFqQSS8RTOV+MwkKs
	48	QT59Xy3YDWTK2hHlmJNgTpwz/Tatjv1zTXzDkb+rGLVjpanPoOvSbth2pXJL7kRf
	49	pkoDWqw59rDC6QQJxucYbueTSlw3YKg6ZJJ9dSsWf8pljCgwW0lLBHVmcsJw3C+z
	50	mzZW7I4I5wACGaAMjLR1p8bPWC4VF6cP9MdRJ77VZl2//HXb0nE6SHG5V2eDxiRJ
	51	NMqe/Z8BAoGBAOy6d7wRKADPPwZaLAKaKqsJSiK5DDnXloPgW4/IZrMmokQ0hF7m
	52	QXXtOvDkewGvIskLXk93/f47RQdGWZ/WRVPDBlxx2VbpxACJLb+EC9BEGOS/emdZ
	53	DI2934qMhGo4QCSq8I4RTDe0z+55Kj2yVzKv718J1lWaCpC+AtbIB1thAoGBAOHu
	54	sfcMYV5pV28y77yO/aVRaR19CjnH9mk5kdXLzITy5hYZskgQxmlB/zvMG/nEhAKz
	55	jwymL7PM0SXM/dWuz54nCYUDHdOexe2DHaFvNaalkziq3eU9B/ANY1+f/nk2TrBm
	56	+TVaAYWld2X8jcXJbevy3H9IgDfzD27M6tFW1W7ZAoGAT/2eMeVWMBfXgwz7LBHt
	57	8wdbjqoasHzhtkQcjFQ6J7UZRZS9WdfSLMfxj66Uxffo+CgoQRAZuktKwu+Jn1Hm
	58	8SvIPXqW5yBsg4XW+Izk9QXdp4XwFXXooQiUvZtHryC8w+cjC85ag8RMMpesp1ZY
	59	0p7Scrm/PAOmKEycZvkGS2ECgYAWYIjZ2i0Op8pUJixedZ8jr5OEqyzHGkoKk/wg
	60	u8Wu6Uvmpnbk8lxkcnfwGUAwFcmpZtVlQFR7L28LmmkNr/m6RU2JEgzzN8eMxa66
	61	nYQn1EBnnWzK1qehnAHap8MRiFJ04E4QfbCm5wOTY1c7Xr73Xp9+L9UbNYSyybL8
	62	Nuh+yQKBgHUJf3RslTr382pFcHxXNQpA5wQHhtuL+VacbddnZNZCflQoJ+Zk1/GV
	63	0fDgfrY1+LVQvo/rpm6N3FIdLSaFwn2OmZMIwLWfu4BL1NNdWMwjSWkQ8hToVe5e
	64	707+ARBWPZX0GfZXHUybrZDJNlT01brqo4DhlWxMCPrAj3XNY6yr
	65	-----END RSA PRIVATE KEY-----
	66	EOT
	67	fi
	68	if [ ! -e $KEYBASE.ca.crt ]; then
	69	echo "vchat-keygen: saving CA cert to $KEYBASE.ca.crt"
	70	cat >$KEYBASE.ca.crt <<EOT
	71	-----BEGIN CERTIFICATE-----
	72	MIIC4zCCAcugAwIBAgIBADANBgkqhkiG9w0BAQQFADAbMRkwFwYDVQQDExBBbm9u
	73	eW1vdXMgRk9PIENBMB4XDTAxMDcwOTE0MzAyM1oXDTExMDcwNzE0MzAyM1owGzEZ
	74	MBcGA1UEAxMQQW5vbnltb3VzIEZPTyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
	75	ADCCAQoCggEBANDsnSj8EXHKLZX8+GYSq1TNb20WvW1jn2dXOAuifoi5mTI7pLgC
	76	6OfnO9qYWYyfKl02Po/ieH6EV4AQ96jcAxY7R2g7auKSu9FgFke/oLZ06FY7yJ4K
	77	vvh7fNhkECt+ECgQYeFP7HUtar0FjZFuv7Q2utaUcByPcUYVxt2JlaxNJqbP6CaG
	78	ksUEKZPup047qn2xR/iRKs2IFyy2JubGd3kbgpQns5kPWtR0hlviTOIi+8XUS7vK
	79	NTJez2oTgyK/wm+JynKPIKyfoJeAoSPlfFbFDXJpqF3bW+29Me7QjnL6dkzyBFSt
	80	LDEwwpbRr1wypNz6y/prAAEyYQPdBVU1IzkCAwEAAaMyMDAwDwYDVR0TAQH/BAUw
	81	AwEB/zAdBgNVHQ4EFgQUFsM7fh5NPHIgbUBsGqp+IAH4AjIwDQYJKoZIhvcNAQEE
	82	BQADggEBALKjPE9OX+FrKOODs+d4P/QJdEwsTKwT3zHjxUTKmhIRE1qphAiEfH2g
	83	IMgr/7y4MZd7FIx84qrfA+a96Yyb5QdbRu0fGlkom1JZxkKOQ2T5SiX7iU2nXMLa
	84	tsFoqKwrjG4vWwN8ZrlLT72+fZGTtFCUQm7pTxd7UZcfIcmfE43OJGl155gd2X8j
	85	jbbyu/lBwdJXznK86cm++lvXYJTeJEybipX/XoGoJtCZq0dGyC7vBTGnBZGmNymQ
	86	1QHQ8LjnzGK3q1ccLuGZ9QjXOjMImfPXGxiXMHO63Ph27U3jP4LEBsW3iRaUqevY
	87	Id4rGHl2/jBQyE1CGeN1o9iZBGmFS1c=
	88	-----END CERTIFICATE-----
	89	EOT
	90	fi
	91	if [ -e /tmp/00.pem ]; then
	92	echo "vchat-keygen: insecure files lying around, bailing out"
	93	exit
	94	fi
	95	if [ ! -e $KEYBASE.ca.conf ]; then
	96	echo "vchat-keygen: generating config-file for CA $KEYBASE.ca.conf"
	97	cat >$KEYBASE.ca.conf <<EOT
	98	[ ca ]
	99	default_ca = default_CA
	100	[ default_CA ]
	101	dir = .
	102	#certs = \$dir
	103	new_certs_dir = /tmp
	104	database = $KEYBASE.ca.db.index
	105	serial = $KEYBASE.ca.db.serial
	106	certificate = $KEYBASE.ca.crt
	107	private_key = $KEYBASE.ca.key
	108	default_days = 1825
	109	default_crl_days = 30
	110	default_md = md5
	111	preserve = no
	112	x509_extensions = user_cert
	113	policy = policy_anything
	114	[ policy_anything ]
	115	commonName = supplied
	116	emailAddress = supplied
	117	[ user_cert ]
	118	basicConstraints = critical,CA:false
	119	authorityKeyIdentifier = keyid:always
	120	extendedKeyUsage = clientAuth
	121	EOT
	122	echo -n >$KEYBASE.ca.db.index
	123	echo 00 >$KEYBASE.ca.db.serial
	124	fi
	125	if [ ! -e $KEYBASE.csr ]; then
	126	if [ ! -e $KEYBASE.ca.keyconf ]; then
	127	echo "vchat-keygen: generating config-file for self-signing $KEYBASE.ca.keyconf"
	128	cat >$KEYBASE.ca.keyconf <<EOT
	129	[ req ]
	130	default_bits = 2048
	131	default_keyfile = user.key
	132	distinguished_name = req_distinguished_name
	133	string_mask = nombstr
	134	req_extensions = v3_req
	135	[ req_distinguished_name ]
	136	commonName = Name
	137	commonName_max = 64
	138	emailAddress = Email Address
	139	emailAddress_max = 40
	140	[ v3_req ]
	141	nsCertType = client
	142	basicConstraints = critical,CA:false
	143	EOT
	144	fi
	145	echo "vchat-keygen: generating Certificate Signing Request $KEYBASE.csr"
	146	openssl req -new -config $KEYBASE.ca.keyconf -key $KEYBASE.key -out $KEYBASE.csr
	147	else
	148	echo "vchat-keygen: Certificate Signing Request $KEYBASE.csr exists"
	149	fi
	150	echo "vchat-keygen: signing certificate $KEYBASE.cert"
	151	openssl ca -batch -config $KEYBASE.ca.conf -out $KEYBASE.cert -in $KEYBASE.csr
	152	rm /tmp/00.pem $KEYBASE.ca.*
	153	echo
	154	else
	155	echo "vchat-keygen: certificate $KEYBASE.cert exists"
	156	fi