mirror of
https://github.com/moonlight-stream/moonlight-ios.git
synced 2026-02-16 10:31:02 +00:00
89 lines
2.3 KiB
C
89 lines
2.3 KiB
C
|
|
#include "mkcert.h"
|
|
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
|
|
#include <openssl/pem.h>
|
|
#include <openssl/rsa.h>
|
|
#include <openssl/bn.h>
|
|
#include <openssl/x509.h>
|
|
#include <openssl/rand.h>
|
|
|
|
static const int NUM_BITS = 2048;
|
|
static const int SERIAL = 0;
|
|
static const int NUM_YEARS = 20;
|
|
|
|
void mkcert(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int years) {
|
|
X509* cert = X509_new();
|
|
EVP_PKEY* pk = EVP_PKEY_new();
|
|
BIGNUM* bne = BN_new();
|
|
RSA* rsa = RSA_new();
|
|
|
|
BN_set_word(bne, RSA_F4);
|
|
RSA_generate_key_ex(rsa, bits, bne, NULL);
|
|
|
|
EVP_PKEY_assign_RSA(pk, rsa);
|
|
|
|
X509_set_version(cert, 2);
|
|
ASN1_INTEGER_set(X509_get_serialNumber(cert), serial);
|
|
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
X509_gmtime_adj(X509_get_notBefore(cert), 0);
|
|
X509_gmtime_adj(X509_get_notAfter(cert), 60 * 60 * 24 * 365 * years);
|
|
#else
|
|
ASN1_TIME* before = ASN1_STRING_dup(X509_get0_notBefore(cert));
|
|
ASN1_TIME* after = ASN1_STRING_dup(X509_get0_notAfter(cert));
|
|
|
|
X509_gmtime_adj(before, 0);
|
|
X509_gmtime_adj(after, 60 * 60 * 24 * 365 * years);
|
|
|
|
X509_set1_notBefore(cert, before);
|
|
X509_set1_notAfter(cert, after);
|
|
|
|
ASN1_STRING_free(before);
|
|
ASN1_STRING_free(after);
|
|
#endif
|
|
|
|
X509_set_pubkey(cert, pk);
|
|
|
|
X509_NAME* name = X509_get_subject_name(cert);
|
|
X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC,
|
|
(const unsigned char*)"NVIDIA GameStream Client",
|
|
-1, -1, 0);
|
|
X509_set_issuer_name(cert, name);
|
|
|
|
X509_sign(cert, pk, EVP_sha256());
|
|
|
|
BN_free(bne);
|
|
|
|
*x509p = cert;
|
|
*pkeyp = pk;
|
|
}
|
|
|
|
struct CertKeyPair generateCertKeyPair(void) {
|
|
BIO *bio_err;
|
|
X509 *x509 = NULL;
|
|
EVP_PKEY *pkey = NULL;
|
|
PKCS12 *p12 = NULL;
|
|
|
|
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
|
|
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
|
|
|
|
mkcert(&x509, &pkey, NUM_BITS, SERIAL, NUM_YEARS);
|
|
|
|
p12 = PKCS12_create("limelight", "GameStream", pkey, x509, NULL, 0, 0, 0, 0, 0);
|
|
if (p12 == NULL) {
|
|
printf("Error generating a valid PKCS12 certificate.\n");
|
|
}
|
|
|
|
BIO_free(bio_err);
|
|
|
|
return (CertKeyPair){x509, pkey, p12};
|
|
}
|
|
|
|
void freeCertKeyPair(struct CertKeyPair certKeyPair) {
|
|
X509_free(certKeyPair.x509);
|
|
EVP_PKEY_free(certKeyPair.pkey);
|
|
PKCS12_free(certKeyPair.p12);
|
|
}
|