blob: a11a6aec8bf22c77e0865677bd242fa6e31bb77f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
#!/bin/sh
#
# vchat-client - alpha version
# vchat-keygen - generate certificate signing request for sending to
# vchat@vchat.berlin.ccc.de
#
# changed by cryx
#
# Copyright (C) 2001 Andreas Kotes <count@flatline.de>
#
# This program is free software. It can be redistributed and/or modified,
# provided that this copyright notice is kept intact. This program is
# distributed in the hope that it will be useful, but without any warranty;
# without even the implied warranty of merchantability or fitness for a
# particular purpose. In no event shall the copyright holder be liable for
# any direct, indirect, incidental or special damages arising in any way out
# of the use of this software.
#
# where do we want to store the key?
KEYBASE=$1
if [ "x$KEYBASE" = "x" ] ; then
KEYBASE=$HOME/.vchat
fi
# no key? generate one ...
if [ ! -e $KEYBASE.key ]; then
echo "vchat-keygen: generating RSA key $KEYBASE.key"
echo "vchat-keygen: please set passphrase for local security"
umask 0077
openssl genrsa -des3 -out $KEYBASE.key 2048
else
echo "vchat-keygen: private key $KEYBASE.key exists"
fi
# no certificate? dump anonymous CA to disk.
if [ ! -e $KEYBASE.csr ]; then
if [ ! -e $KEYBASE.ca.keyconf ]; then
echo "vchat-keygen: generating config-file for self-signing $KEYBASE.ca.keyconf"
cat >$KEYBASE.ca.keyconf <<EOT
[ req ]
default_bits = 2048
default_keyfile = user.key
distinguished_name = req_distinguished_name
string_mask = nombstr
req_extensions = v3_req
[ req_distinguished_name ]
commonName = Name
commonName_max = 64
emailAddress = Email Address
emailAddress_max = 40
[ v3_req ]
nsCertType = client
basicConstraints = critical,CA:false
EOT
fi
echo "vchat-keygen: generating Certificate Signing Request $KEYBASE.csr"
echo "vchat-keygen: please enter your nickname at the 'Name []:' prompt"
openssl req -new -sha1 -config $KEYBASE.ca.keyconf -key $KEYBASE.key -out $KEYBASE.csr
echo "vchat-keygen: send this ($KEYBASE.csr) Certificate Signing Request to
vchat@vchat.berlin.ccc.de to get it signed by the vchat-CA. You will
receive your signed Certificate shortly."
else
echo "vchat-keygen: Certificate Signing Request $KEYBASE.csr exists"
fi
|