summaryrefslogtreecommitdiff
path: root/vchat-keygen
blob: fa92c60bcbbd3653ad9dc6a10a1710d3ce04f792 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
#!/bin/sh

#
# vchat-client - alpha version
# vchat-keygen - generate certificate signing request for sending to
# vchat@vchat.berlin.ccc.de
#
# changed by cryx
#
# Copyright (C) 2001 Andreas Kotes <count@flatline.de>
#
# This program is free software. It can be redistributed and/or modified,
# provided that this copyright notice is kept intact. This program is
# distributed in the hope that it will be useful, but without any warranty;
# without even the implied warranty of merchantability or fitness for a
# particular purpose. In no event shall the copyright holder be liable for
# any direct, indirect, incidental or special damages arising in any way out
# of the use of this software. 
#

# where do we want to store the key?
KEYBASE=$1
if [ "x$KEYBASE" = "x" ] ; then
   KEYBASE=$HOME/.vchat
fi

# no key? generate one ...
if [ ! -e $KEYBASE.key ]; then
   echo "vchat-keygen: generating RSA key $KEYBASE.key"
   echo "vchat-keygen: please set passphrase for local security"
   umask 0077
   openssl genrsa -des3 -out $KEYBASE.key 2048
else
   echo "vchat-keygen: private key $KEYBASE.key exists"
fi

# no certificate? dump anonymous CA to disk.
   if [ ! -e $KEYBASE.csr ]; then 
      if [ ! -e $KEYBASE.ca.keyconf ]; then
         echo "vchat-keygen: generating config-file for self-signing $KEYBASE.ca.keyconf"
         cat >$KEYBASE.ca.keyconf <<EOT
[ req ]
default_bits                    = 2048
default_keyfile                 = user.key
distinguished_name              = req_distinguished_name
string_mask                     = nombstr
req_extensions                  = v3_req
[ req_distinguished_name ]
commonName                      = Name
commonName_max                  = 64
emailAddress                    = Email Address
emailAddress_max                = 40
[ v3_req ]
nsCertType                      = client
basicConstraints                = critical,CA:false
EOT
      fi
      echo "vchat-keygen: generating Certificate Signing Request $KEYBASE.csr"
		echo "vchat-keygen: please enter your nickname at the 'Name []:' prompt"
      openssl req -new -config $KEYBASE.ca.keyconf -key $KEYBASE.key -out $KEYBASE.csr
		echo "vchat-keygen: send this ($KEYBASE.csr) Certificate Signing Request to
		vchat@vchat.berlin.ccc.de to get it signed by the vchat-CA. You will
		receive your signed Certificate shortly."
   else
      echo "vchat-keygen: Certificate Signing Request $KEYBASE.csr exists"
   fi