58 lines
1.4 KiB
Bash
Executable File
58 lines
1.4 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
# Copyright 2018 The Chromium Authors
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
# found in the LICENSE file.
|
|
|
|
try () {
|
|
echo "$@"
|
|
"$@" || exit 1
|
|
}
|
|
|
|
try rm -rf out
|
|
try mkdir out
|
|
|
|
try openssl genrsa -out out/key_usage_rsa_raw.key 2048
|
|
try openssl ecparam -genkey -name prime256v1 -noout \
|
|
-out out/key_usage_p256_raw.key
|
|
|
|
# Convert the private keys to PKCS#8 format.
|
|
try openssl pkcs8 -topk8 -nocrypt -in out/key_usage_rsa_raw.key \
|
|
-out out/key_usage_rsa.key
|
|
try openssl pkcs8 -topk8 -nocrypt -in out/key_usage_p256_raw.key \
|
|
-out out/key_usage_p256.key
|
|
|
|
certs=" \
|
|
rsa_no_extension \
|
|
rsa_keyencipherment \
|
|
rsa_digitalsignature \
|
|
rsa_both \
|
|
p256_no_extension \
|
|
p256_keyagreement \
|
|
p256_digitalsignature \
|
|
p256_both"
|
|
for cert in $certs; do
|
|
key=${cert%%_*}
|
|
SUBJECT_NAME="subj_${cert}" \
|
|
try openssl req \
|
|
-new \
|
|
-key "out/key_usage_${key}.key" \
|
|
-out "out/key_usage_${cert}.csr" \
|
|
-config ee.cnf
|
|
try openssl x509 \
|
|
-req \
|
|
-in "out/key_usage_${cert}.csr" \
|
|
-signkey "out/key_usage_${key}.key" \
|
|
-days 3650 \
|
|
-extfile ee.cnf \
|
|
-extensions "ext_${cert}" \
|
|
-out "out/key_usage_${cert}.pem" \
|
|
-text
|
|
|
|
try /bin/sh -c "cat out/key_usage_${key}.key out/key_usage_${cert}.pem \
|
|
> ../certificates/key_usage_${cert}.pem"
|
|
done
|
|
|
|
try cp "out/key_usage_rsa.key" ../certificates
|
|
try cp "out/key_usage_p256.key" ../certificates
|