The Tor Browser / file comparison
comparison: security/nss/tests/chains/ocspd-config/ocspd-certs.sh
security/nss/tests/chains/ocspd-config/ocspd-certs.sh
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
equal
deleted
inserted
replaced
| -1:000000000000 | 0:569c816b460c |
|---|---|
| 1 #!/bin/bash | |
| 2 | |
| 3 DATA_DIR=$1 | |
| 4 OCSP_DIR=$2 | |
| 5 CERT_DIR=$3 | |
| 6 | |
| 7 TEST_PWD="nssnss" | |
| 8 CONF_TEMPLATE="ocspd.conf.template" | |
| 9 | |
| 10 convert_cert() | |
| 11 { | |
| 12 CERT_NAME=$1 | |
| 13 CERT_SIGNER=$2 | |
| 14 | |
| 15 openssl x509 -in ${DATA_DIR}/${CERT_NAME}${CERT_SIGNER}.der -inform DER -out ${DATA_DIR}/${CERT_NAME}.pem -outform PEM | |
| 16 } | |
| 17 | |
| 18 convert_crl() | |
| 19 { | |
| 20 CRL_NAME=$1 | |
| 21 | |
| 22 openssl crl -in ${DATA_DIR}/${CRL_NAME}.crl -inform DER -out ${DATA_DIR}/${CRL_NAME}crl.pem -outform PEM | |
| 23 } | |
| 24 | |
| 25 convert_key() | |
| 26 { | |
| 27 KEY_NAME=$1 | |
| 28 | |
| 29 pk12util -o ${DATA_DIR}/${KEY_NAME}.p12 -n ${KEY_NAME} -d ${DATA_DIR}/${KEY_NAME}DB -k ${DATA_DIR}/${KEY_NAME}DB/dbpasswd -W ${TEST_PWD} | |
| 30 openssl pkcs12 -in ${DATA_DIR}/${KEY_NAME}.p12 -out ${DATA_DIR}/${KEY_NAME}.key.tmp -passin pass:${TEST_PWD} -passout pass:${TEST_PWD} | |
| 31 | |
| 32 STATUS=0 | |
| 33 cat ${DATA_DIR}/${KEY_NAME}.key.tmp | while read LINE; do | |
| 34 echo "${LINE}" | grep "BEGIN ENCRYPTED PRIVATE KEY" > /dev/null && STATUS=1 | |
| 35 [ ${STATUS} -eq 1 ] && echo "${LINE}" | |
| 36 echo "${LINE}" | grep "END ENCRYPTED PRIVATE KEY" > /dev/null && break | |
| 37 done > ${DATA_DIR}/${KEY_NAME}.key | |
| 38 | |
| 39 rm ${DATA_DIR}/${KEY_NAME}.key.tmp | |
| 40 } | |
| 41 | |
| 42 create_conf() | |
| 43 { | |
| 44 CONF_FILE=$1 | |
| 45 CA=$2 | |
| 46 OCSP=$3 | |
| 47 PORT=$4 | |
| 48 | |
| 49 cat ${CONF_TEMPLATE} | \ | |
| 50 sed "s:@DIR@:${OCSP_DIR}:" | \ | |
| 51 sed "s:@CA_CERT@:${DATA_DIR}/${CA}.pem:" | \ | |
| 52 sed "s:@CA_CRL@:${DATA_DIR}/${CA}crl.pem:" | \ | |
| 53 sed "s:@CA_KEY@:${DATA_DIR}/${CA}.key:" | \ | |
| 54 sed "s:@OCSP_PID@:${OCSP}.pid:" | \ | |
| 55 sed "s:@PORT@:${PORT}:" \ | |
| 56 > ${CONF_FILE} | |
| 57 } | |
| 58 | |
| 59 copy_cert() | |
| 60 { | |
| 61 CERT_NAME=$1 | |
| 62 CERT_SIGNER=$2 | |
| 63 | |
| 64 cp ${DATA_DIR}/${CERT_NAME}${CERT_SIGNER}.der ${CERT_DIR}/${CERT_NAME}.cert | |
| 65 } | |
| 66 | |
| 67 | |
| 68 copy_key() | |
| 69 { | |
| 70 KEY_NAME=$1 | |
| 71 | |
| 72 cp ${DATA_DIR}/${KEY_NAME}.p12 ${CERT_DIR}/${KEY_NAME}.p12 | |
| 73 } | |
| 74 | |
| 75 convert_cert OCSPRoot | |
| 76 convert_crl OCSPRoot | |
| 77 convert_key OCSPRoot | |
| 78 | |
| 79 convert_cert OCSPCA1 OCSPRoot | |
| 80 convert_crl OCSPCA1 | |
| 81 convert_key OCSPCA1 | |
| 82 | |
| 83 convert_cert OCSPCA2 OCSPRoot | |
| 84 convert_crl OCSPCA2 | |
| 85 convert_key OCSPCA2 | |
| 86 | |
| 87 convert_cert OCSPCA3 OCSPRoot | |
| 88 convert_crl OCSPCA3 | |
| 89 convert_key OCSPCA3 | |
| 90 | |
| 91 create_conf ocspd0.conf OCSPRoot ocspd0 2600 | |
| 92 create_conf ocspd1.conf OCSPCA1 ocspd1 2601 | |
| 93 create_conf ocspd2.conf OCSPCA2 ocspd2 2602 | |
| 94 create_conf ocspd3.conf OCSPCA3 ocspd3 2603 | |
| 95 | |
| 96 copy_cert OCSPRoot | |
| 97 copy_cert OCSPCA1 OCSPRoot | |
| 98 copy_cert OCSPCA2 OCSPRoot | |
| 99 copy_cert OCSPCA3 OCSPRoot | |
| 100 copy_cert OCSPEE11 OCSPCA1 | |
| 101 copy_cert OCSPEE12 OCSPCA1 | |
| 102 copy_cert OCSPEE13 OCSPCA1 | |
| 103 copy_cert OCSPEE14 OCSPCA1 | |
| 104 copy_cert OCSPEE15 OCSPCA1 | |
| 105 copy_cert OCSPEE21 OCSPCA2 | |
| 106 copy_cert OCSPEE22 OCSPCA2 | |
| 107 copy_cert OCSPEE23 OCSPCA2 | |
| 108 copy_cert OCSPEE31 OCSPCA3 | |
| 109 copy_cert OCSPEE32 OCSPCA3 | |
| 110 copy_cert OCSPEE33 OCSPCA3 | |
| 111 | |
| 112 copy_key OCSPRoot | |
| 113 copy_key OCSPCA1 | |
| 114 copy_key OCSPCA2 | |
| 115 copy_key OCSPCA3 | |
| 116 |
