Mercurial > trustbridge
view ui/tests/data/NOTES @ 289:9ad00a3255f4
Change cinst from stdin input to use arguments.
As we have to execute this process on Windows over the
shell a stdin / stdout communication is not really possible
without some major hacks. So you now have to supply an
instructions file and the path to the certificatelist as arguments when
this process is called
author | Andre Heinecke <aheinecke@intevation.de> |
---|---|
date | Wed, 02 Apr 2014 13:52:02 +0000 |
parents | a7317252a27c |
children | 534df06d5c67 |
line wrap: on
line source
Testkeys were created with: openssl genrsa -out testkey-priv.pem 3072 openssl rsa -in testkey-priv.pem -out testkey-pub.pem -outform PEM -pubout Certificate List was created manually and contains: PCA-1-Verwaltung-08 Intevation-Email-CA-2013 Intevation-Server-CA-2010 Test files created with: echo -e S:$(openssl dgst -sha256 -sign testkey-priv.pem < list-valid.txt | base64 -w0)\\r > list-valid-signed.txt cat list-valid.txt >> list-valid-signed.txt echo -e S:$(openssl dgst -sha256 -sign testkey-other.pem < list-valid.txt | base64 -w0)\\r > list-valid-other-signature.txt cat list-valid.txt >> list-valid-other-signature.txt echo -e S:$(openssl dgst -sha1 -sign testkey-other.pem < list-valid.txt | base64 -w0)\\r > list-valid-sha1-signature.txt cat list-valid.txt >> list-valid-sha1-signature.txt cp list-valid-signed.txt list-invalid-signed.txt tail -1 list-valid.txt >> list-invalid-signed.txt # List with 0 created manually by placing a \0 in the signature # Test server certificate: gen_key type=ec ec_curve=brainpoolP256r1 filename=valid_ssl_bp.key cert_write issuer_name=CN=127.0.0.1,O=Intevation\\ Test,C=DE \ selfsign=1 issuer_key=valid_ssl_bp.key \ not_before=20130101000000 not_after=20301231235959 \ is_ca=1 max_pathlen=0 output_file=valid_ssl_bp.pem cat valid_ssl_bp.key >> valid_ssl_bp.pem gen_key filename=valid_ssl_rsa.key cert_write issuer_name=CN=127.0.0.1,O=Do_Not_Trust_Test,C=DE \ selfsign=1 issuer_key=valid_ssl_rsa.key \ not_before=20130101000000 not_after=20151231235959 \ is_ca=1 max_pathlen=0 output_file=valid_ssl_rsa.pem cat valid_ssl_rsa.key >> valid_ssl_rsa.pem # Test list certificates (using the rsa key) for i in {1..30} do gen_key filename=valid_ssl_rsa.key cert_write issuer_name=CN=TestRootCA$i,O=Do_Not_Trust_Test,C=DE \ selfsign=1 issuer_key=valid_ssl_rsa.key \ not_before=20130101000000 not_after=20151231235959 \ is_ca=1 max_pathlen=0 output_file=valid_ssl_rsa.pem CERT=$(cat valid_ssl_rsa.pem | grep -v "\-\-\-\-" | tr -d "\\n") echo -e I:${CERT}\\r >> list-valid.txt done for i in {1..15} do gen_key filename=valid_ssl_rsa.key cert_write issuer_name=CN=TestRootCADelete$i,O=Do_Not_Trust_Test,C=DE \ selfsign=1 issuer_key=valid_ssl_rsa.key \ not_before=20130101000000 not_after=20151231235959 \ is_ca=1 max_pathlen=0 output_file=valid_ssl_rsa.pem CERT=$(cat valid_ssl_rsa.pem | grep -v "\-\-\-\-" | tr -d "\\n") echo -e R:${CERT}\\r >> list-valid.txt done