Blame - apps/CtsVerifier/create_test_certs.sh - platform/cts

blob: 93fa377030207cb81124288631f05e2194538f9c [file] [log] [blame]

Robin Lee	b4be0a9	2015-06-15 19:13:00 -0700	[diff] [blame]	1	#!/bin/bash
				2
				3	#
				4	# Creates or overwrites 3 files in ./res/raw:
				5	# - cacert.der
				6	# - userkey.der
				7	# - usercert.der
				8	#
				9
				10	tmpdir=$(mktemp -d './XXXXXXXX')
				11	trap 'rm -r ${tmpdir}; echo; exit 1' EXIT INT QUIT
				12
				13	# CA_default defined in openssl.cnf
				14	CA_DIR='demoCA'
				15
				16	SUBJECT=\
				17	'/C=US'\
				18	'/ST=CA'\
				19	'/L=Mountain View'\
				20	'/O=Android'\
				21	'/CN=localhost'
				22	PASSWORD='androidtest'
Rubin Xu	751b3f8	2018-04-30 16:41:13 +0100	[diff] [blame]	23	SAN=\
				24	'DNS:localhost'
Robin Lee	b4be0a9	2015-06-15 19:13:00 -0700	[diff] [blame]	25
				26	echo "Creating directory '$CA_DIR'..."
				27	mkdir -p "$tmpdir"/"$CA_DIR"/newcerts \
				28	&& echo '01' > "$tmpdir"/"$CA_DIR"/serial \
				29	&& touch "$tmpdir"/"$CA_DIR"/index.txt
Rubin Xu	751b3f8	2018-04-30 16:41:13 +0100	[diff] [blame]	30	cat /etc/ssl/openssl.cnf <(printf "\n[SAN]\nsubjectAltName=$SAN") \
				31	> "$tmpdir"/openssl.conf
Robin Lee	b4be0a9	2015-06-15 19:13:00 -0700	[diff] [blame]	32
				33	echo "Generating CA certificate..."
				34	(cd "$tmpdir" \
				35	&& openssl req \
				36	-new \
				37	-x509 \
				38	-days 3650 \
				39	-extensions v3_ca \
				40	-keyout 'cakey.pem' \
				41	-out 'cacert.pem' \
				42	-subj "$SUBJECT" \
				43	-passout 'pass:'"$PASSWORD" \
				44	&& openssl x509 \
				45	-outform DER \
				46	-in 'cacert.pem' \
				47	-out 'cacert.der')
				48
				49	echo "Generating user key..."
				50	(cd "$tmpdir" \
				51	&& openssl req \
				52	-newkey rsa:2048 \
				53	-sha256 \
				54	-keyout 'userkey.pem' \
				55	-nodes \
				56	-days 3650 \
				57	-out 'userkey.req' \
				58	-subj "$SUBJECT" \
Rubin Xu	751b3f8	2018-04-30 16:41:13 +0100	[diff] [blame]	59	-extensions SAN \
				60	-config openssl.conf \
Robin Lee	b4be0a9	2015-06-15 19:13:00 -0700	[diff] [blame]	61	&& openssl pkcs8 \
				62	-topk8 \
				63	-outform DER \
				64	-in 'userkey.pem' \
				65	-out 'userkey.der' \
				66	-nocrypt)
				67
				68	echo "Generating user certificate..."
				69	(cd "$tmpdir" \
				70	&& openssl ca \
				71	-out 'usercert.pem' \
				72	-in 'userkey.req' \
				73	-cert 'cacert.pem' \
				74	-keyfile 'cakey.pem' \
				75	-days 3650 \
				76	-passin 'pass:'"$PASSWORD" \
Rubin Xu	751b3f8	2018-04-30 16:41:13 +0100	[diff] [blame]	77	-extensions SAN \
				78	-config openssl.conf \
Robin Lee	b4be0a9	2015-06-15 19:13:00 -0700	[diff] [blame]	79	-batch \
				80	&& openssl x509 \
				81	-outform DER \
				82	-in 'usercert.pem' \
				83	-out 'usercert.der')
				84
				85	# Copy important files to raw resources directory
				86	cp \
				87	"$tmpdir"/cacert.der \
				88	"$tmpdir"/userkey.der \
				89	"$tmpdir"/usercert.der \
				90	'res/raw/'
				91
				92	echo "Finished"
				93	exit