113498266Sopenharmony_ci#!/bin/bash
213498266Sopenharmony_ci#***************************************************************************
313498266Sopenharmony_ci#                                  _   _ ____  _
413498266Sopenharmony_ci#  Project                     ___| | | |  _ \| |
513498266Sopenharmony_ci#                             / __| | | | |_) | |
613498266Sopenharmony_ci#                            | (__| |_| |  _ <| |___
713498266Sopenharmony_ci#                             \___|\___/|_| \_\_____|
813498266Sopenharmony_ci#
913498266Sopenharmony_ci# Copyright (C) EdelWeb for EdelKey and OpenEvidence
1013498266Sopenharmony_ci#
1113498266Sopenharmony_ci# This software is licensed as described in the file COPYING, which
1213498266Sopenharmony_ci# you should have received as part of this distribution. The terms
1313498266Sopenharmony_ci# are also available at https://curl.se/docs/copyright.html.
1413498266Sopenharmony_ci#
1513498266Sopenharmony_ci# You may opt to use, copy, modify, merge, publish, distribute and/or sell
1613498266Sopenharmony_ci# copies of the Software, and permit persons to whom the Software is
1713498266Sopenharmony_ci# furnished to do so, under the terms of the COPYING file.
1813498266Sopenharmony_ci#
1913498266Sopenharmony_ci# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
2013498266Sopenharmony_ci# KIND, either express or implied.
2113498266Sopenharmony_ci#
2213498266Sopenharmony_ci# SPDX-License-Identifier: curl
2313498266Sopenharmony_ci#
2413498266Sopenharmony_ci###########################################################################
2513498266Sopenharmony_ci
2613498266Sopenharmony_ciOPENSSL=openssl
2713498266Sopenharmony_ciif [ -f /usr/local/ssl/bin/openssl ] ; then
2813498266Sopenharmony_ciOPENSSL=/usr/local/ssl/bin/openssl
2913498266Sopenharmony_cifi
3013498266Sopenharmony_ci
3113498266Sopenharmony_ciUSAGE="echo Usage is genroot.sh \<name\>"
3213498266Sopenharmony_ci
3313498266Sopenharmony_ciHOME=`pwd`
3413498266Sopenharmony_cicd $HOME
3513498266Sopenharmony_ci
3613498266Sopenharmony_ciKEYSIZE=2048
3713498266Sopenharmony_ciDURATION=6000
3813498266Sopenharmony_ci# The -sha256 option was introduced in OpenSSL 1.0.1
3913498266Sopenharmony_ciDIGESTALGO=-sha256
4013498266Sopenharmony_ci
4113498266Sopenharmony_ciPREFIX=$1
4213498266Sopenharmony_ciif [ ".$PREFIX" = . ] ; then
4313498266Sopenharmony_ci   echo No configuration prefix
4413498266Sopenharmony_ci   NOTOK=1
4513498266Sopenharmony_cielse
4613498266Sopenharmony_ci   if [ ! -f $PREFIX-ca.prm ] ; then
4713498266Sopenharmony_ci      echo No configuration file $PREFIX-ca.prm
4813498266Sopenharmony_ci      NOTOK=1
4913498266Sopenharmony_ci   fi
5013498266Sopenharmony_cifi
5113498266Sopenharmony_ci
5213498266Sopenharmony_ciif [ ".$NOTOK" != . ] ; then
5313498266Sopenharmony_ci   echo "Sorry, I can't do that for you."
5413498266Sopenharmony_ci   $USAGE
5513498266Sopenharmony_ci   exit
5613498266Sopenharmony_cifi
5713498266Sopenharmony_ci
5813498266Sopenharmony_ciGETSERIAL="\$t = time ;\$d =  \$t . substr(\$t+$$ ,-4,4)-1;print \$d"
5913498266Sopenharmony_ciSERIAL=`/usr/bin/env perl -e "$GETSERIAL"`
6013498266Sopenharmony_ci
6113498266Sopenharmony_ci# exit on first fail
6213498266Sopenharmony_ciset -e
6313498266Sopenharmony_ci
6413498266Sopenharmony_ciecho SERIAL=$SERIAL PREFIX=$PREFIX DURATION=$DURATION KEYSIZE=$KEYSIZE
6513498266Sopenharmony_ci
6613498266Sopenharmony_ciecho "openssl genrsa -out $PREFIX-ca.key -passout XXX $KEYSIZE"
6713498266Sopenharmony_ciopenssl genrsa -out $PREFIX-ca.key -passout pass:secret $KEYSIZE
6813498266Sopenharmony_ci
6913498266Sopenharmony_ciecho "openssl req -config $PREFIX-ca.prm -new -key $PREFIX-ca.key -out $PREFIX-ca.csr"
7013498266Sopenharmony_ci$OPENSSL req -config $PREFIX-ca.prm -new -key $PREFIX-ca.key -out $PREFIX-ca.csr -passin pass:secret
7113498266Sopenharmony_ci
7213498266Sopenharmony_ciecho "openssl x509 -set_serial $SERIAL -extfile $PREFIX-ca.prm -days $DURATION -req -signkey $PREFIX-ca.key -in $PREFIX-ca.csr -out $PREFIX-$SERIAL.ca-cacert $DIGESTALGO "
7313498266Sopenharmony_ci
7413498266Sopenharmony_ci$OPENSSL x509  -set_serial $SERIAL -extfile $PREFIX-ca.prm -days $DURATION -req -signkey $PREFIX-ca.key -in $PREFIX-ca.csr -out $PREFIX-$SERIAL-ca.cacert $DIGESTALGO
7513498266Sopenharmony_ci
7613498266Sopenharmony_ciecho "openssl x509 -text -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline > $PREFIX-ca.cacert "
7713498266Sopenharmony_ci$OPENSSL x509 -text -in $PREFIX-$SERIAL-ca.cacert -nameopt multiline > $PREFIX-ca.cacert
7813498266Sopenharmony_ci
7913498266Sopenharmony_ciecho "openssl x509 -in $PREFIX-ca.cacert -outform der -out $PREFIX-ca.der "
8013498266Sopenharmony_ci$OPENSSL x509 -in $PREFIX-ca.cacert -outform der -out $PREFIX-ca.der
8113498266Sopenharmony_ci
8213498266Sopenharmony_ciecho "openssl x509 -in $PREFIX-ca.cacert -text -nameopt multiline > $PREFIX-ca.crt "
8313498266Sopenharmony_ci
8413498266Sopenharmony_ci$OPENSSL x509 -in $PREFIX-ca.cacert -text -nameopt multiline > $PREFIX-ca.crt
8513498266Sopenharmony_ci
8613498266Sopenharmony_ciecho "openssl x509 -noout -text -in $PREFIX-ca.cacert -nameopt multiline"
8713498266Sopenharmony_ci$OPENSSL x509 -noout -text -in $PREFIX-ca.cacert -nameopt multiline
8813498266Sopenharmony_ci
8913498266Sopenharmony_ci#$OPENSSL rsa -in ../keys/$PREFIX-ca.key -text -noout -pubout
90