| Index: net/data/ssl/scripts/generate-weak-test-chains.sh
|
| diff --git a/net/data/ssl/scripts/generate-weak-test-chains.sh b/net/data/ssl/scripts/generate-weak-test-chains.sh
|
| deleted file mode 100755
|
| index 3bf239c5aaa2cabea6958309cd0c9f242bc0f72a..0000000000000000000000000000000000000000
|
| --- a/net/data/ssl/scripts/generate-weak-test-chains.sh
|
| +++ /dev/null
|
| @@ -1,172 +0,0 @@
|
| -#!/bin/sh
|
| -
|
| -# Copyright (c) 2011 The Chromium Authors. All rights reserved.
|
| -# Use of this source code is governed by a BSD-style license that can be
|
| -# found in the LICENSE file.
|
| -
|
| -# This script generates a set of test (end-entity, intermediate, root)
|
| -# certificates with (weak, strong), (RSA, DSA, ECDSA) key pairs.
|
| -
|
| -key_types="768-rsa 1024-rsa 2048-rsa prime256v1-ecdsa"
|
| -
|
| -try () {
|
| - echo "$@"
|
| - "$@" || exit 1
|
| -}
|
| -
|
| -generate_key_command () {
|
| - case "$1" in
|
| - dsa)
|
| - echo "dsaparam -genkey"
|
| - ;;
|
| - ecdsa)
|
| - echo "ecparam -genkey"
|
| - ;;
|
| - rsa)
|
| - echo genrsa
|
| - ;;
|
| - *)
|
| - exit 1
|
| - esac
|
| -}
|
| -
|
| -try rm -rf out
|
| -try mkdir out
|
| -
|
| -# Create the serial number files.
|
| -try /bin/sh -c "echo 01 > out/2048-rsa-root-serial"
|
| -for key_type in $key_types
|
| -do
|
| - try /bin/sh -c "echo 01 > out/$key_type-intermediate-serial"
|
| -done
|
| -
|
| -# Generate one root CA certificate.
|
| -try openssl genrsa -out out/2048-rsa-root.key 2048
|
| -
|
| -CA_COMMON_NAME="2048 RSA Test Root CA" \
|
| - CA_DIR=out \
|
| - CA_NAME=req_env_dn \
|
| - KEY_SIZE=2048 \
|
| - ALGO=rsa \
|
| - CERT_TYPE=root \
|
| - try openssl req \
|
| - -new \
|
| - -key out/2048-rsa-root.key \
|
| - -extensions ca_cert \
|
| - -out out/2048-rsa-root.csr \
|
| - -config ca.cnf
|
| -
|
| -CA_COMMON_NAME="2048 RSA Test Root CA" \
|
| - CA_DIR=out \
|
| - CA_NAME=req_env_dn \
|
| - try openssl x509 \
|
| - -req -days 3650 \
|
| - -in out/2048-rsa-root.csr \
|
| - -extensions ca_cert \
|
| - -extfile ca.cnf \
|
| - -signkey out/2048-rsa-root.key \
|
| - -out out/2048-rsa-root.pem \
|
| - -text
|
| -
|
| -# Generate private keys of all types and strengths for intermediate CAs and
|
| -# end-entities.
|
| -for key_type in $key_types
|
| -do
|
| - key_size=$(echo "$key_type" | sed -E 's/-.+//')
|
| - algo=$(echo "$key_type" | sed -E 's/.+-//')
|
| -
|
| - if [ ecdsa = $algo ]
|
| - then
|
| - key_size="-name $key_size"
|
| - fi
|
| -
|
| - try openssl $(generate_key_command $algo) \
|
| - -out out/$key_type-intermediate.key $key_size
|
| -done
|
| -
|
| -for key_type in $key_types
|
| -do
|
| - key_size=$(echo "$key_type" | sed -E 's/-.+//')
|
| - algo=$(echo "$key_type" | sed -E 's/.+-//')
|
| -
|
| - if [ ecdsa = $algo ]
|
| - then
|
| - key_size="-name $key_size"
|
| - fi
|
| -
|
| - for signer_key_type in $key_types
|
| - do
|
| - try openssl $(generate_key_command $algo) \
|
| - -out out/$key_type-ee-by-$signer_key_type-intermediate.key $key_size
|
| - done
|
| -done
|
| -
|
| -# The root signs the intermediates.
|
| -for key_type in $key_types
|
| -do
|
| - key_size=$(echo "$key_type" | sed -E 's/-.+//')
|
| - algo=$(echo "$key_type" | sed -E 's/.+-//')
|
| -
|
| - CA_COMMON_NAME="$key_size $algo Test intermediate CA" \
|
| - CA_DIR=out \
|
| - CA_NAME=req_env_dn \
|
| - KEY_SIZE=$key_size \
|
| - ALGO=$algo \
|
| - CERT_TYPE=intermediate \
|
| - try openssl req \
|
| - -new \
|
| - -key out/$key_type-intermediate.key \
|
| - -out out/$key_type-intermediate.csr \
|
| - -config ca.cnf
|
| -
|
| - # Make sure the signer's DB file exists.
|
| - touch out/2048-rsa-root-index.txt
|
| -
|
| - CA_COMMON_NAME="2048 RSA Test Root CA" \
|
| - CA_DIR=out \
|
| - CA_NAME=req_env_dn \
|
| - KEY_SIZE=2048 \
|
| - ALGO=rsa \
|
| - CERT_TYPE=root \
|
| - try openssl ca \
|
| - -batch \
|
| - -extensions ca_cert \
|
| - -in out/$key_type-intermediate.csr \
|
| - -out out/$key_type-intermediate.pem \
|
| - -config ca.cnf
|
| -done
|
| -
|
| -# The intermediates sign the end-entities.
|
| -for key_type in $key_types
|
| -do
|
| - for signer_key_type in $key_types
|
| - do
|
| - key_size=$(echo "$key_type" | sed -E 's/-.+//')
|
| - algo=$(echo "$key_type" | sed -E 's/.+-//')
|
| - signer_key_size=$(echo "$signer_key_type" | sed -E 's/-.+//')
|
| - signer_algo=$(echo "$signer_key_type" | sed -E 's/.+-//')
|
| - touch out/$signer_key_type-intermediate-index.txt
|
| -
|
| - KEY_SIZE=$key_size \
|
| - try openssl req \
|
| - -new \
|
| - -key out/$key_type-ee-by-$signer_key_type-intermediate.key \
|
| - -out out/$key_type-ee-by-$signer_key_type-intermediate.csr \
|
| - -config ee.cnf
|
| -
|
| - CA_COMMON_NAME="$signer_key_size $algo Test intermediate CA" \
|
| - CA_DIR=out \
|
| - CA_NAME=req_env_dn \
|
| - KEY_SIZE=$signer_key_size \
|
| - ALGO=$signer_algo \
|
| - CERT_TYPE=intermediate \
|
| - try openssl ca \
|
| - -batch \
|
| - -in out/$key_type-ee-by-$signer_key_type-intermediate.csr \
|
| - -out out/$key_type-ee-by-$signer_key_type-intermediate.pem \
|
| - -config ca.cnf
|
| - done
|
| -done
|
| -
|
| -# Copy final outputs.
|
| -try cp out/*root*pem out/*intermediate*pem ../certificates
|
|
|
Chromium Code Reviews
Issue 992733002:
Remove //net (except for Android test stuff) and sdch (Closed)
Base URL: git@github.com:domokit/mojo.git@master