Robin Lee | b4be0a9 | 2015-06-15 19:13:00 -0700 | [diff] [blame] | 1 | #!/bin/bash |
| 2 | |
| 3 | # |
| 4 | # Creates or overwrites 3 files in ./res/raw: |
| 5 | # - cacert.der |
| 6 | # - userkey.der |
| 7 | # - usercert.der |
| 8 | # |
| 9 | |
| 10 | tmpdir=$(mktemp -d './XXXXXXXX') |
| 11 | trap 'rm -r ${tmpdir}; echo; exit 1' EXIT INT QUIT |
| 12 | |
| 13 | # CA_default defined in openssl.cnf |
| 14 | CA_DIR='demoCA' |
| 15 | |
| 16 | SUBJECT=\ |
| 17 | '/C=US'\ |
| 18 | '/ST=CA'\ |
| 19 | '/L=Mountain View'\ |
| 20 | '/O=Android'\ |
| 21 | '/CN=localhost' |
| 22 | PASSWORD='androidtest' |
| 23 | |
| 24 | echo "Creating directory '$CA_DIR'..." |
| 25 | mkdir -p "$tmpdir"/"$CA_DIR"/newcerts \ |
| 26 | && echo '01' > "$tmpdir"/"$CA_DIR"/serial \ |
| 27 | && touch "$tmpdir"/"$CA_DIR"/index.txt |
| 28 | |
| 29 | echo "Generating CA certificate..." |
| 30 | (cd "$tmpdir" \ |
| 31 | && openssl req \ |
| 32 | -new \ |
| 33 | -x509 \ |
| 34 | -days 3650 \ |
| 35 | -extensions v3_ca \ |
| 36 | -keyout 'cakey.pem' \ |
| 37 | -out 'cacert.pem' \ |
| 38 | -subj "$SUBJECT" \ |
| 39 | -passout 'pass:'"$PASSWORD" \ |
| 40 | && openssl x509 \ |
| 41 | -outform DER \ |
| 42 | -in 'cacert.pem' \ |
| 43 | -out 'cacert.der') |
| 44 | |
| 45 | echo "Generating user key..." |
| 46 | (cd "$tmpdir" \ |
| 47 | && openssl req \ |
| 48 | -newkey rsa:2048 \ |
| 49 | -sha256 \ |
| 50 | -keyout 'userkey.pem' \ |
| 51 | -nodes \ |
| 52 | -days 3650 \ |
| 53 | -out 'userkey.req' \ |
| 54 | -subj "$SUBJECT" \ |
| 55 | && openssl pkcs8 \ |
| 56 | -topk8 \ |
| 57 | -outform DER \ |
| 58 | -in 'userkey.pem' \ |
| 59 | -out 'userkey.der' \ |
| 60 | -nocrypt) |
| 61 | |
| 62 | echo "Generating user certificate..." |
| 63 | (cd "$tmpdir" \ |
| 64 | && openssl ca \ |
| 65 | -out 'usercert.pem' \ |
| 66 | -in 'userkey.req' \ |
| 67 | -cert 'cacert.pem' \ |
| 68 | -keyfile 'cakey.pem' \ |
| 69 | -days 3650 \ |
| 70 | -passin 'pass:'"$PASSWORD" \ |
| 71 | -batch \ |
| 72 | && openssl x509 \ |
| 73 | -outform DER \ |
| 74 | -in 'usercert.pem' \ |
| 75 | -out 'usercert.der') |
| 76 | |
| 77 | # Copy important files to raw resources directory |
| 78 | cp \ |
| 79 | "$tmpdir"/cacert.der \ |
| 80 | "$tmpdir"/userkey.der \ |
| 81 | "$tmpdir"/usercert.der \ |
| 82 | 'res/raw/' |
| 83 | |
| 84 | echo "Finished" |
| 85 | exit |