doc/examples/ex-crq.c

   1 /* This example code is placed in the public domain. */
   2
   3 #ifdef HAVE_CONFIG_H
   4 #include <config.h>
   5 #endif
   6
   7 #include <stdio.h>
   8 #include <stdlib.h>
   9 #include <string.h>
  10 #include <gnutls/gnutls.h>
  11 #include <gnutls/x509.h>
  12 #include <gnutls/abstract.h>
  13 #include <time.h>
  14
  15 /* This example will generate a private key and a certificate
  16  * request.
  17  */
  18
  19 int
  20 main (void)
  21 {
  22   gnutls_x509_crq_t crq;
  23   gnutls_x509_privkey_t key;
  24   unsigned char buffer[10 * 1024];
  25   size_t buffer_size = sizeof (buffer);
  26   unsigned int bits;
  27
  28   gnutls_global_init ();
  29
  30   /* Initialize an empty certificate request, and
  31    * an empty private key.
  32    */
  33   gnutls_x509_crq_init (&crq);
  34
  35   gnutls_x509_privkey_init (&key);
  36
  37   /* Generate an RSA key of moderate security.
  38    */
  39   bits = gnutls_sec_param_to_pk_bits (GNUTLS_PK_RSA, GNUTLS_SEC_PARAM_NORMAL);
  40   gnutls_x509_privkey_generate (key, GNUTLS_PK_RSA, bits, 0);
  41
  42   /* Add stuff to the distinguished name
  43    */
  44   gnutls_x509_crq_set_dn_by_oid (crq, GNUTLS_OID_X520_COUNTRY_NAME,
  45                                  0, "GR", 2);
  46
  47   gnutls_x509_crq_set_dn_by_oid (crq, GNUTLS_OID_X520_COMMON_NAME,
  48                                  0, "Nikos", strlen ("Nikos"));
  49
  50   /* Set the request version.
  51    */
  52   gnutls_x509_crq_set_version (crq, 1);
  53
  54   /* Set a challenge password.
  55    */
  56   gnutls_x509_crq_set_challenge_password (crq, "something to remember here");
  57
  58   /* Associate the request with the private key
  59    */
  60   gnutls_x509_crq_set_key (crq, key);
  61
  62   /* Self sign the certificate request.
  63    */
  64   gnutls_x509_crq_sign2 (crq, key, GNUTLS_DIG_SHA1, 0);
  65
  66   /* Export the PEM encoded certificate request, and
  67    * display it.
  68    */
  69   gnutls_x509_crq_export (crq, GNUTLS_X509_FMT_PEM, buffer, &buffer_size);
  70
  71   printf ("Certificate Request: \n%s", buffer);
  72
  73
  74   /* Export the PEM encoded private key, and
  75    * display it.
  76    */
  77   buffer_size = sizeof (buffer);
  78   gnutls_x509_privkey_export (key, GNUTLS_X509_FMT_PEM, buffer, &buffer_size);
  79
  80   printf ("\n\nPrivate key: \n%s", buffer);
  81
  82   gnutls_x509_crq_deinit (crq);
  83   gnutls_x509_privkey_deinit (key);
  84
  85   return 0;
  86
  87 }