net/data/ssl/scripts/client_authentication/generate-client-certificates.sh - Issue 12220104: Wire up SSL client authentication for OpenSSL/Android through the net/ stack

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/data/ssl/scripts/client_authentication/generate-client-certificates.sh

Issue 12220104: Wire up SSL client authentication for OpenSSL/Android through the net/ stack (Closed) Base URL: http://git.chromium.org/chromium/src.git@master

Patch Set: Created 7 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« net/base/openssl_private_key_store_memory.cc ('K') | « net/data/ssl/scripts/client_authentication/client_authentication.cnf ('k') | net/data/ssl/scripts/client_authentication/run-test-server.sh » ('j') | net/socket/ssl_client_socket_openssl.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
	(Empty)
1 #!/bin/bash

2

3 # Copyright (c) 2012 The Chromium Authors. All rights reserved.

4 # Use of this source code is governed by a BSD-style license that can be

5 # found in the LICENSE file.

6

7 # This script generates certificates for the unittests in

8 # net/base/client_cert_store_unittest.cc. The output files are versioned in

9 # net/data/ssl/certificates (client_1.pem, client_2.pem).

10

11 try () {

12 echo "$@"

13 $@ \|\| exit 1

14 }

15

16 # For each authority below a root ca certificate and one client certificate will

17 # be created.

18 authorities="1 2"

19

20 try rm -rf out

21 try mkdir out

22

23 for id in $authorities

24 do

25 # Generate a private key for the root cert.

26 try openssl genrsa -out out/root_$id.key 2048

27

28 # Create a certificate signing request for the root cert.

29 ID=$id \

30 DISTINGUISHED_NAME=ca_dn \

31 try openssl req \

32 -new \

33 -key out/root_$id.key \

34 -out out/root_$id.csr \

35 -config client_authentication.cnf

36

37 # Sign the root cert.

38 ID=$id \

39 DISTINGUISHED_NAME=ca_dn \

40 try openssl x509 \

41 -req -days 3650 \

42 -in out/root_$id.csr \

43 -signkey out/root_$id.key \

44 -out out/root_$id.pem

45 -config client_authentication.cnf

46

47 # Generate a private key for the client.

48 try openssl genrsa -out out/client_$id.key 2048

49

50 # Create a certificate signing request for the client cert.

51 ID=$id \

52 DISTINGUISHED_NAME=client_dn \

53 try openssl req \

54 -new \

55 -key out/client_$id.key \

56 -out out/client_$id.csr \

57 -config client_authentication.cnf

58

59 try touch out/$id-index.txt

60 try echo 1 > out/$id-serial

61

62 ID=$id \

63 DISTINGUISHED_NAME=client_dn \

64 try openssl ca \

65 -batch \

66 -in out/client_$id.csr \

67 -cert out/root_$id.pem \

68 -keyfile out/root_$id.key \

69 -out out/client_$id.pem \

70 -config client_authentication.cnf

71

72 # Package the client cert and private key into a pkcs12 file.

73 try openssl pkcs12 \

74 -inkey out/client_$id.key \

75 -in out/client_$id.pem \

76 -out out/client_$id.p12 \

77 -export \

78 -passout pass:

79 done

OLD	NEW