Mercurial > trustbridge
view ui/tests/data/NOTES @ 502:e551de11d8b6
Properly handle the case that the file does not exist.
TRUNCATE makes create file fail if the file does not exist
but we need TRUNCATE in the case that the file already exists
| author | Andre Heinecke <aheinecke@intevation.de> |
|---|---|
| date | Mon, 28 Apr 2014 09:18:07 +0000 |
| parents | 2e662290e3c9 |
| children | 6677d4ecb6fd |
line wrap: on
line source
Testkeys were created with: openssl genrsa -out testkey-priv.pem 3072 openssl rsa -in testkey-priv.pem -out testkey-pub.pem -outform PEM -pubout Certificate List was created manually and contains: PCA-1-Verwaltung-08 Intevation-Email-CA-2013 Intevation-Server-CA-2010 Test files created with: echo -e S:$(openssl dgst -sha256 -sign testkey-priv.pem < list-valid.txt | base64 -w0)\\r > list-valid-signed.txt cat list-valid.txt >> list-valid-signed.txt echo -e S:$(openssl dgst -sha256 -sign testkey-priv.pem < list-valid-updated.txt | base64 -w0)\\r > list-valid-updated-signed.txt cat list-valid-updated.txt >> list-valid-updated-signed.txt echo -e S:$(openssl dgst -sha256 -sign testkey-other.pem < list-valid.txt | base64 -w0)\\r > list-valid-other-signature.txt cat list-valid.txt >> list-valid-other-signature.txt echo -e S:$(openssl dgst -sha1 -sign testkey-other.pem < list-valid.txt | base64 -w0)\\r > list-valid-sha1-signature.txt cat list-valid.txt >> list-valid-sha1-signature.txt cp list-valid-signed.txt list-invalid-signed.txt tail -1 list-valid.txt >> list-invalid-signed.txt # To create test data for something you might want to release PRIVKEY=... echo -e S:$(openssl dgst -sha256 -sign $PRIVKEY < list-valid.txt | base64 -w0)\\r > list-valid-signed-release.txt cat list-valid.txt >> list-valid-signed-release.txt # List with 0 created manually by placing a \0 in the signature # Test server certificate: gen_key type=ec ec_curve=brainpoolP256r1 filename=valid_ssl_bp.key cert_write issuer_name=CN=127.0.0.1,O=Intevation\\ Test,C=DE \ selfsign=1 issuer_key=valid_ssl_bp.key \ not_before=20130101000000 not_after=20301231235959 \ is_ca=1 max_pathlen=0 output_file=valid_ssl_bp.pem cat valid_ssl_bp.key >> valid_ssl_bp.pem gen_key filename=valid_ssl_rsa.key cert_write issuer_name=CN=127.0.0.1,O=Do_Not_Trust_Test,C=DE \ selfsign=1 issuer_key=valid_ssl_rsa.key \ not_before=20130101000000 not_after=20151231235959 \ is_ca=1 max_pathlen=0 output_file=valid_ssl_rsa.pem cat valid_ssl_rsa.key >> valid_ssl_rsa.pem # Test list certificates (using the rsa key) for i in {1..30} do gen_key filename=valid_ssl_rsa.key cert_write issuer_name=CN=TestRootCA$i,O=Do_Not_Trust_Test,C=DE \ selfsign=1 issuer_key=valid_ssl_rsa.key \ not_before=20130101000000 not_after=20151231235959 \ is_ca=1 max_pathlen=0 output_file=valid_ssl_rsa.pem CERT=$(cat valid_ssl_rsa.pem | grep -v "\-\-\-\-" | tr -d "\\n") echo -e I:${CERT}\\r >> list-valid.txt done for i in {1..15} do gen_key filename=valid_ssl_rsa.key cert_write issuer_name=CN=TestRootCADelete$i,O=Do_Not_Trust_Test,C=DE \ selfsign=1 issuer_key=valid_ssl_rsa.key \ not_before=20130101000000 not_after=20151231235959 \ is_ca=1 max_pathlen=0 output_file=valid_ssl_rsa.pem CERT=$(cat valid_ssl_rsa.pem | grep -v "\-\-\-\-" | tr -d "\\n") echo -e R:${CERT}\\r >> list-valid.txt done cp list-valid.txt list-valid-updated.txt for i in {1..5} do gen_key filename=valid_ssl_rsa.key cert_write issuer_name=CN=New_Certificate_$i,O=Do_Not_Trust_Test,C=DE \ selfsign=1 issuer_key=valid_ssl_rsa.key \ not_before=20130101000000 not_after=20151231235959 \ is_ca=1 max_pathlen=0 output_file=valid_ssl_rsa.pem CERT=$(cat valid_ssl_rsa.pem | grep -v "\-\-\-\-" | tr -d "\\n") echo -e I:${CERT}\\r >> list-valid-updated.txt done # Datum manuell angepasst und intevation root ca zu R: hinzugefuegt # NSS mkdir nss certutil -d nss -A -i valid_ssl_rsa.pem -n "test" -t c,C certutil -d nss -D -n "test"