ecc rsa synrc.cnf

include/mad.hrl

@@ -1 +1 @@
--define(VERSION,"5.4-32-g8204936").
+-define(VERSION,"5.4-36-g72a8fcf").

priv/ecc/synrc.cnf

@@ -0,0 +1,115 @@
+[ ca ]
+default_ca = CA_default
+
+[ CA_default ]
+dir               = DIRECTORY
+certs             = $dir/certs
+crl_dir           = $dir/crl
+new_certs_dir     = $dir/certs
+database          = $dir/index.txt
+serial            = $dir/serial
+RANDFILE          = $dir/certs/.rand
+private_key       = $dir/certs/caroot.key
+certificate       = $dir/certs/caroot.pem
+crlnumber         = $dir/crlnumber
+crl               = $dir/crl/ecdsaroot.crl
+crl_extensions    = crl_ext
+default_crl_days  = 3650
+default_md        = sha384
+name_opt          = ca_default
+cert_opt          = ca_default
+default_days      = 3650
+preserve          = no
+policy            = policy_strict
+
+[ policy_strict ]
+countryName             = match
+stateOrProvinceName     = match
+organizationName        = match
+organizationalUnitName  = optional
+commonName              = supplied
+
+[ policy_loose ]
+countryName             = optional
+stateOrProvinceName     = optional
+localityName            = optional
+organizationName        = optional
+organizationalUnitName  = optional
+commonName              = supplied
+
+[ req ]
+default_bits        = 2048
+distinguished_name  = req_distinguished_name
+string_mask         = utf8only
+default_md          = sha384
+x509_extensions     = v3_ca
+
+[ req_distinguished_name ]
+countryName                     = Country Name (2 letter code)
+stateOrProvinceName             = State or Province Name
+localityName                    = Locality Name
+0.organizationName              = Organization Name
+organizationalUnitName          = Organizational Unit Name
+commonName                      = Common Name
+commonName_default              = CA
+countryName_default             = UA
+stateOrProvinceName_default     = Kyiv
+localityName_default            = Kyiv
+0.organizationName_default      = SYNRC
+organizationalUnitName_default  = HQ
+
+[ v3_ca ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer
+basicConstraints = critical, CA:true
+keyUsage = critical, digitalSignature, cRLSign, keyCertSign
+
+[ v3_intermediate_ca ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer
+basicConstraints = critical, CA:true, pathlen:0
+keyUsage = critical, digitalSignature, cRLSign, keyCertSign
+crlDistributionPoints = @crl_info
+authorityInfoAccess = @ocsp_info
+
+[ usr_cert ]
+basicConstraints = CA:FALSE
+nsCertType = client, email
+nsComment = "Synrc Client Certificate"
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
+extendedKeyUsage = clientAuth, emailProtection
+subjectAltName = @alt_names
+
+[ server_cert ]
+basicConstraints = CA:FALSE
+nsCertType = server
+nsComment = "Synrc Server Certificate"
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer:always
+keyUsage = critical, digitalSignature, keyEncipherment
+extendedKeyUsage = serverAuth
+crlDistributionPoints = @crl_info
+authorityInfoAccess = @ocsp_info
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.0 = localhost
+
+[ crl_ext ]
+authorityKeyIdentifier=keyid:always
+
+[ ocsp ]
+basicConstraints = CA:FALSE
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer
+keyUsage = critical, digitalSignature
+extendedKeyUsage = critical, OCSPSigning
+
+[crl_info]
+URI.0 = http://crl.n2o.dev:8081/ecdsaroot.crl
+
+[ocsp_info]
+caIssuers;URI.0 = http://crl.n2o.dev:8081/ecdsaroot.crt
+OCSP;URI.0 = http://ocsp.n2o.dev:8081/

priv/man/module.htm

@@ -6,8 +6,8 @@
     <meta name="description" content="" />
     <meta name="author" content="Maxim Sokhatsky" />
     <title>MAN_NAME</title>
-   <link rel="stylesheet" href="https://n2o.dev/blank.css" />
-   <link rel="stylesheet" href="https://n2o.dev/zima.css" />
+    <link rel="stylesheet" href="https://n2o.dev/blank.css" />
+    <link rel="stylesheet" href="https://n2o.dev/zima.css" />
 </head>
 <body>
 <nav>
@@ -16,26 +16,20 @@
     <a href='#' style="background:#ededed;">MAN_NAME</a>
 </nav>
 <header>
-    <a href="../index.html"><img src="https://n2o.space/img/Synrc Neo.svg"></a>
+    <a href="../index.html"><img src="https://n2o.space/img/Synrc Neo.svg"/></a>
     <h1>MAN_NAME</h1>
 </header>
 <main>
-    <section>
-
-<h3>INTRO</h3>
-
-<p>The MAN_NAME module.</p>
-    </section>
-    <section>
-<p>This module may refer to:
-MAN_MODULES
-</p>
-    </section>
+    <article>
+        <section>
+            <h3>INTRO</h3>
+            <p>The MAN_NAME module.</p>
+        </section>
+        <section>
+            <p>This module may refer to: MAN_MODULES</p>
+        </section>
+    </article>
 </main>
-
-<footer>
-    2005&mdash;2019 &copy; Synrc Research Center
-</footer>
-
+<footer>2005—2019 © Synrc Research Center</footer>
 </body>
 </html>

priv/rsa/synrc.cnf

@@ -0,0 +1,115 @@
+[ ca ]
+default_ca = CA_default
+
+[ CA_default ]
+dir               = DIRECTORY
+certs             = $dir/certs
+crl_dir           = $dir/crl
+new_certs_dir     = $dir/certs
+database          = $dir/index.txt
+serial            = $dir/serial
+RANDFILE          = $dir/certs/.rand
+private_key       = $dir/certs/caroot.key
+certificate       = $dir/certs/caroot.pem
+crlnumber         = $dir/crlnumber
+crl               = $dir/crl/rsaroot.crl
+crl_extensions    = crl_ext
+default_crl_days  = 3650
+default_md        = sha384
+name_opt          = ca_default
+cert_opt          = ca_default
+default_days      = 3650
+preserve          = no
+policy            = policy_strict
+
+[ policy_strict ]
+countryName             = match
+stateOrProvinceName     = match
+organizationName        = match
+organizationalUnitName  = optional
+commonName              = supplied
+
+[ policy_loose ]
+countryName             = optional
+stateOrProvinceName     = optional
+localityName            = optional
+organizationName        = optional
+organizationalUnitName  = optional
+commonName              = supplied
+
+[ req ]
+default_bits        = 2048
+distinguished_name  = req_distinguished_name
+string_mask         = utf8only
+default_md          = sha384
+x509_extensions     = v3_ca
+
+[ req_distinguished_name ]
+countryName                     = Country Name (2 letter code)
+stateOrProvinceName             = State or Province Name
+localityName                    = Locality Name
+0.organizationName              = Organization Name
+organizationalUnitName          = Organizational Unit Name
+commonName                      = Common Name
+commonName_default              = CA
+countryName_default             = UA
+stateOrProvinceName_default     = Kyiv
+localityName_default            = Kyiv
+0.organizationName_default      = SYNRC
+organizationalUnitName_default  = HQ
+
+[ v3_ca ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer
+basicConstraints = critical, CA:true
+keyUsage = critical, digitalSignature, cRLSign, keyCertSign
+
+[ v3_intermediate_ca ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer
+basicConstraints = critical, CA:true, pathlen:0
+keyUsage = critical, digitalSignature, cRLSign, keyCertSign
+crlDistributionPoints = @crl_info
+authorityInfoAccess = @ocsp_info
+
+[ usr_cert ]
+basicConstraints = CA:FALSE
+nsCertType = client, email
+nsComment = "Synrc Client Certificate"
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
+extendedKeyUsage = clientAuth, emailProtection
+subjectAltName = @alt_names
+
+[ server_cert ]
+basicConstraints = CA:FALSE
+nsCertType = server
+nsComment = "Synrc Server Certificate"
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer:always
+keyUsage = critical, digitalSignature, keyEncipherment
+extendedKeyUsage = serverAuth
+crlDistributionPoints = @crl_info
+authorityInfoAccess = @ocsp_info
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.0 = localhost
+
+[ crl_ext ]
+authorityKeyIdentifier=keyid:always
+
+[ ocsp ]
+basicConstraints = CA:FALSE
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer
+keyUsage = critical, digitalSignature
+extendedKeyUsage = critical, OCSPSigning
+
+[crl_info]
+URI.0 = http://crl.n2o.dev:8081/rsaroot.crl
+
+[ocsp_info]
+caIssuers;URI.0 = http://crl.n2o.dev:8081/rsaroot.crt
+OCSP;URI.0 = http://ocsp.n2o.dev:8081/

src/mad_man.erl

@@ -9,6 +9,20 @@ man(["html"]) ->
          ++ filelib:wildcard("src/**/*.erl") ],
    {ok,man};
 
+man(["new",Lower]) ->
+   Temp = template(),
+   Name = string:to_upper(Lower),
+   Tem2 = replace(Temp,"MAN_TOOL",hd(string:tokens(Name,"_"))),
+   CNAME = binary_to_list(element(2,file:read_file("CNAME"))),
+   Tem3 = replace(Tem2,"MAN_CNAME",trim(CNAME)),
+   Bin = iolist_to_binary(replace(Tem3,"MAN_NAME",fix(string:tokens(Name,"_")))),
+   filelib:ensure_dir("man/"),
+   Gen = lists:concat(["man/",Lower,".htm"]),
+   case file:read_file_info(Gen) of
+         {error,_} -> write(Gen, Bin);
+         {ok,_} -> io:format("man: file ~p already exists.~n",[Gen]) end,
+   {ok,man};
+
 man(["groff"]) ->
    case lists:all(fun(X) -> mad_groff:do(X) == ok end,
         filelib:wildcard("man/**/*.htm")