From e6b2a3c9a45e5fd7a0f06bb8a46dbea616696925 Mon Sep 17 00:00:00 2001
From: "W. Trevor King" <wking@drexel.edu>
Date: Sun, 1 Apr 2012 12:39:36 -0400
Subject: [PATCH] People can handle SSL/TLS-cert generation on their own.

---
 contrib/ssl/certgen.py         | 80 ----------------------------------
 contrib/ssl/mk_simple_certs.py | 37 ----------------
 2 files changed, 117 deletions(-)
 delete mode 100644 contrib/ssl/certgen.py
 delete mode 100755 contrib/ssl/mk_simple_certs.py

diff --git a/contrib/ssl/certgen.py b/contrib/ssl/certgen.py
deleted file mode 100644
index 04b9d5b..0000000
--- a/contrib/ssl/certgen.py
+++ /dev/null
@@ -1,80 +0,0 @@
-#
-# certgen.py
-#
-# Copyright (C) Martin Sjogren and AB Strakt 2001, All rights reserved
-#
-# $Id: certgen.py,v 1.2 2004/07/22 12:01:25 martin Exp $
-#
-"""
-Certificate generation module.
-"""
-
-from OpenSSL import crypto
-
-TYPE_RSA = crypto.TYPE_RSA
-TYPE_DSA = crypto.TYPE_DSA
-
-def createKeyPair(type, bits):
-    """
-    Create a public/private key pair.
-
-    Arguments: type - Key type, must be one of TYPE_RSA and TYPE_DSA
-               bits - Number of bits to use in the key
-    Returns:   The public/private key pair in a PKey object
-    """
-    pkey = crypto.PKey()
-    pkey.generate_key(type, bits)
-    return pkey
-
-def createCertRequest(pkey, digest="md5", **name):
-    """
-    Create a certificate request.
-
-    Arguments: pkey   - The key to associate with the request
-               digest - Digestion method to use for signing, default is md5
-               **name - The name of the subject of the request, possible
-                        arguments are:
-                          C     - Country name
-                          ST    - State or province name
-                          L     - Locality name
-                          O     - Organization name
-                          OU    - Organizational unit name
-                          CN    - Common name
-                          emailAddress - E-mail address
-    Returns:   The certificate request in an X509Req object
-    """
-    req = crypto.X509Req()
-    subj = req.get_subject()
-
-    for (key,value) in name.items():
-        setattr(subj, key, value)
-
-    req.set_pubkey(pkey)
-    req.sign(pkey, digest)
-    return req
-
-def createCertificate(req, (issuerCert, issuerKey), serial, (notBefore, notAfter), digest="md5"):
-    """
-    Generate a certificate given a certificate request.
-
-    Arguments: req        - Certificate reqeust to use
-               issuerCert - The certificate of the issuer
-               issuerKey  - The private key of the issuer
-               serial     - Serial number for the certificate
-               notBefore  - Timestamp (relative to now) when the certificate
-                            starts being valid
-               notAfter   - Timestamp (relative to now) when the certificate
-                            stops being valid
-               digest     - Digest method to use for signing, default is md5
-    Returns:   The signed certificate in an X509 object
-    """
-    cert = crypto.X509()
-    cert.set_serial_number(serial)
-    cert.gmtime_adj_notBefore(notBefore)
-    cert.gmtime_adj_notAfter(notAfter)
-    cert.set_issuer(issuerCert.get_subject())
-    cert.set_subject(req.get_subject())
-    cert.set_pubkey(req.get_pubkey())
-    cert.sign(issuerKey, digest)
-    return cert
-
diff --git a/contrib/ssl/mk_simple_certs.py b/contrib/ssl/mk_simple_certs.py
deleted file mode 100755
index b8f4fca..0000000
--- a/contrib/ssl/mk_simple_certs.py
+++ /dev/null
@@ -1,37 +0,0 @@
-#!/usr/bin/python
-"""
-From pyOpenSSL examples with a bit of wrapping.
-Create certificates and private keys for the 'simple' example.
-"""
-
-from OpenSSL import crypto
-import certgen
-
-
-def get_cert_filenames(server_name) :
-    """
-    Generate private key and certification filesnames.
-    mk_certs(server_name) -> (pkey_filename, cert_filename)
-    """
-    pkey_file = '%s.pkey' % server_name
-    cert_file = '%s.cert' % server_name
-    return (pkey_file, cert_file)
-
-def mk_certs(server_name) :
-    """
-    Generate private key and certification files.
-    mk_certs(server_name) -> (pkey_filename, cert_filename)
-    """
-    pkey_file,cert_file = get_cert_filenames(server_name)
-    
-    cakey = certgen.createKeyPair(certgen.TYPE_RSA, 1024)
-    careq = certgen.createCertRequest(cakey, CN='Certificate Authority')
-    cacert = certgen.createCertificate(careq, (careq, cakey), 0, (0, 60*60*24*365*5)) # five years
-    open(pkey_file, 'w').write(crypto.dump_privatekey(crypto.FILETYPE_PEM, cakey))
-    open(cert_file, 'w').write(crypto.dump_certificate(crypto.FILETYPE_PEM, cacert))
-
-if __name__ == "__main__" :
-    import sys
-
-    mk_certs(sys.argv[1])
-
-- 
2.26.2