genserv.sh - OpenGrok cross reference for /external/curl/tests/certs/scripts/genserv.sh

Lines Matching +full:- +full:- +full:prefix
22 # SPDX-License-Identifier: curl
27 set -eu
30 if [ -f /usr/local/ssl/bin/openssl ]; then
34 command -v "$OPENSSL"
37 USAGE='echo Usage is genserv.sh <prefix> <caprefix>'
44 # The -sha256 option was introduced in OpenSSL 1.0.1
45 DIGESTALGO=-sha256
53 PREFIX="${1:-}"
54 if [ -z "$PREFIX" ]; then
55   echo 'No configuration prefix'
58   if [ ! -f "$PREFIX-sv.prm" ]; then
59     echo "No configuration file $PREFIX-sv.prm"
64 CAPREFIX="${2:-}"
65 if [ -z "$CAPREFIX" ]; then
66   echo 'No CA prefix'
69   if [ ! -f "$CAPREFIX-ca.cacert" ]; then
70     echo "No CA certificate file $CAPREFIX-ca.caert"
73   if [ ! -f "$CAPREFIX-ca.key" ]; then
79 if [ -n "$NOTOK" ]; then
85 echo "PREFIX=$PREFIX CAPREFIX=$CAPREFIX DURATION=$DURATION KEYSIZE=$KEYSIZE"
87 set -x
90   "$OPENSSL" dhparam -2 -out "$PREFIX-sv.dhp" "$KEYSIZE"
93 …"$OPENSSL" req -config "$PREFIX-sv.prm" -newkey "rsa:$KEYSIZE" -keyout "$PREFIX-sv.key" -out "$PRE…
98 "$OPENSSL" rsa -in "$PREFIX-sv.key" -out "$PREFIX-sv.key" -passin fd:0 <<EOF
104 "$OPENSSL" rsa -in "$PREFIX-sv.key" -pubout -outform DER -out "$PREFIX-sv.pub.der"
105 "$OPENSSL" rsa -in "$PREFIX-sv.key" -pubout -outform PEM -out "$PREFIX-sv.pub.pem"
106 …-extfile "$PREFIX-sv.prm" -days "$DURATION" -CA "$CAPREFIX-ca.cacert" -CAkey "$CAPREFIX-ca.key" -C…
109 …pkcs12 -export -des3 -out "$PREFIX-sv.p12" -caname "$CAPREFIX" -name "$PREFIX" -inkey "$PREFIX-sv.…
112 "$OPENSSL" x509 -noout -text -hash -in "$PREFIX-sv.crt" -nameopt multiline
115 touch "$CAPREFIX-ca.db"
116 echo 01 > "$CAPREFIX-ca.cnt"
117 "$OPENSSL" ca -config "$CAPREFIX-ca.cnf" -revoke "$PREFIX-sv.crt"
120 "$OPENSSL" ca -config "$CAPREFIX-ca.cnf" -gencrl -out "$PREFIX-sv.crl"
122 "$OPENSSL" x509 -in "$PREFIX-sv.crt" -outform der -out "$PREFIX-sv.der"
125 touch "$PREFIX-sv.dhp"
126 cat "$PREFIX-sv.prm" "$PREFIX-sv.key" "$PREFIX-sv.crt" "$PREFIX-sv.dhp" > "$PREFIX-sv.pem"
127 chmod o-r "$PREFIX-sv.prm"
129 "$OPENSSL" x509 -in "$PREFIX-sv.pem" -pubkey -noout | \
130 "$OPENSSL" pkey -pubin -outform der | "$OPENSSL" dgst -sha256 -binary | \
131 "$OPENSSL" enc -base64 > "$PREFIX-sv.pubkey-pinned"
133 echo "$PREFIX-sv.pem done"