git://scientific.zcu.cz / glite-security-test-utils.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a929f6b)
add certificates with serialnumber and emailaddress in the DN.
authorJoni Hahkala <joni.hahkala@cern.ch>
Wed, 2 Aug 2006 17:09:21 +0000 (17:09 +0000)
committerJoni Hahkala <joni.hahkala@cern.ch>
Wed, 2 Aug 2006 17:09:21 +0000 (17:09 +0000)
bin/generate-test-certificates.sh patch | blob | blame | history
test/big-ca/req_conf_email.cnf [new file with mode: 0644] patch | blob
test/big-ca/req_conf_sn.cnf [new file with mode: 0644] patch | blob
test/expired-ca/req_conf_email.cnf [new file with mode: 0644] patch | blob
test/expired-ca/req_conf_sn.cnf [new file with mode: 0644] patch | blob
test/fake-ca/req_conf_email.cnf [new file with mode: 0644] patch | blob
test/fake-ca/req_conf_sn.cnf [new file with mode: 0644] patch | blob
test/trusted-ca/ca_conf.cnf patch | blob | blame | history
test/trusted-ca/req_conf_email.cnf [new file with mode: 0644] patch | blob
test/trusted-ca/req_conf_sn.cnf [new file with mode: 0644] patch | blob

diff --git a/bin/generate-test-certificates.sh b/bin/generate-test-certificates.sh
index dd9d712..81555c7 100755 (executable)
--- a/bin/generate-test-certificates.sh
+++ b/bin/generate-test-certificates.sh
@@ -48,8 +48,24 @@ function create_cert {
     # next new certificate...
 
 
-    CMD="openssl req -out $filebase.req -newkey rsa:$bits -new -keyout $filebase.priv -config $REQ_CONFIG_FILE"
-    echo $CMD; $CMD;
+    case $flags in
+        clientserial)
+           echo serial cert $flags
+           flags="client"
+           CMD="openssl req -out $filebase.req -newkey rsa:$bits -new -keyout $filebase.priv -config $REQ_CONFIG_FILE_SERIAL"
+           echo $CMD; $CMD;
+            ;;
+        clientemail)
+           echo email cert $flags
+           flags="client"
+           CMD="openssl req -out $filebase.req -newkey rsa:$bits -new -keyout $filebase.priv -config $REQ_CONFIG_FILE_EMAIL"
+           echo $CMD; $CMD;
+            ;;
+        *)
+           echo normal cert $flags
+           CMD="openssl req -out $filebase.req -newkey rsa:$bits -new -keyout $filebase.priv -config $REQ_CONFIG_FILE"
+           echo $CMD; $CMD;
+    esac
 
     case $flags in
         client|server|clientserver|fclient|none)
@@ -429,7 +445,7 @@ function create_all {
 
     # i=0;
     # let "i += 1"; echo "State : $i"; cat ${CA_DIR}/serial_proxy.txt; echo;
-    ls -l  ${CA_DIR}/.
+    ls -l  ${CA_DIR}/.
    
     create_cert $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" ${TYPE} $DAYS
 
@@ -443,6 +459,24 @@ function create_all {
     # let "i += 1"; echo "State : $i"; cat ${CA_DIR}/serial_proxy.txt; echo;
     create_cert_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_proxy_exp "expired proxy" -1 proxy_exp
 
+    TYPE="clientserial"
+    CTYPE="client serial"
+
+    create_cert $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" ${TYPE} $DAYS
+    create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy "proxy" 1
+    create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_exp "expired proxy" -1
+    create_cert_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_proxy "proxy" 1 proxy
+    create_cert_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_proxy_exp "expired proxy" -1 proxy_exp
+
+    TYPE="clientemail"
+    CTYPE="client email"
+
+    create_cert $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" ${TYPE} $DAYS
+    create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy "proxy" 1
+    create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_exp "expired proxy" -1
+    create_cert_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_proxy "proxy" 1 proxy
+    create_cert_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_proxy_exp "expired proxy" -1 proxy_exp
+
     TYPE="fclient"
     CTYPE="flag client"
 
@@ -706,6 +740,8 @@ for catype in $CATYPES; do
     export CA_CONF=$CA_DIR/ca_conf.cnf
     export CA_PROXY_CONF=$CA_DIR/ca_proxy_conf.cnf
     export REQ_CONFIG_FILE=$CA_DIR/req_conf.cnf
+    export REQ_CONFIG_FILE_SERIAL=$CA_DIR/req_conf_sn.cnf
+    export REQ_CONFIG_FILE_EMAIL=$CA_DIR/req_conf_email.cnf
     export REQ_PROXY_CONFIG_FILE=$CA_DIR/req_proxy_conf.cnf
     export REQ_PROXY_PROXY_CONFIG_FILE=$CA_DIR/req_proxy_proxy_conf.cnf
     export PROXY_BITS=512
diff --git a/test/big-ca/req_conf_email.cnf b/test/big-ca/req_conf_email.cnf
new file mode 100644 (file)
index 0000000..fdcd280
--- /dev/null
+++ b/test/big-ca/req_conf_email.cnf
@@ -0,0 +1,33 @@
+[ req ]\r
+default_bits           = $ENV::BITS\r
+default_keyfile        = keyfile.pem\r
+distinguished_name     = req_distinguished_name\r
+attributes             = req_attributes\r
+prompt                 = no\r
+output_password        = $ENV::PASSWORD\r
+ca_cert                           = CA_cert\r
+\r
+[ req_distinguished_name ]\r
+countryName                    = UG\r
+\r
+#stateOrProvinceName          = South area\r
+\r
+localityName                   = Tropic\r
+\r
+organizationName                      = Utopia\r
+\r
+organizationalUnitName         = Relaxation\r
+\r
+commonName                     = $ENV::CN\r
+\r
+emailAddress                   = test@home.org\r
+\r
+[ req_attributes ]\r
+#challengePassword              = $ENV::PASSWORD\r
+\r
+[ CA_cert ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier=hash\r
+authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ proxy_none ]\r
diff --git a/test/big-ca/req_conf_sn.cnf b/test/big-ca/req_conf_sn.cnf
new file mode 100644 (file)
index 0000000..8eb3308
--- /dev/null
+++ b/test/big-ca/req_conf_sn.cnf
@@ -0,0 +1,35 @@
+[ req ]\r
+default_bits           = $ENV::BITS\r
+default_keyfile        = keyfile.pem\r
+distinguished_name     = req_distinguished_name\r
+attributes             = req_attributes\r
+prompt                 = no\r
+output_password        = $ENV::PASSWORD\r
+ca_cert                           = CA_cert\r
+\r
+[ req_distinguished_name ]\r
+countryName                    = UG\r
+\r
+#stateOrProvinceName          = South area\r
+\r
+localityName                   = Tropic\r
+\r
+organizationName                      = Utopia\r
+\r
+organizationalUnitName         = Relaxation\r
+\r
+commonName                     = $ENV::CN\r
+\r
+#emailAddress                   = Email Address\r
+\r
+serialNumber                   = 12341324\r
+\r
+[ req_attributes ]\r
+#challengePassword              = $ENV::PASSWORD\r
+\r
+[ CA_cert ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier=hash\r
+authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ proxy_none ]\r
diff --git a/test/expired-ca/req_conf_email.cnf b/test/expired-ca/req_conf_email.cnf
new file mode 100644 (file)
index 0000000..fdcd280
--- /dev/null
+++ b/test/expired-ca/req_conf_email.cnf
@@ -0,0 +1,33 @@
+[ req ]\r
+default_bits           = $ENV::BITS\r
+default_keyfile        = keyfile.pem\r
+distinguished_name     = req_distinguished_name\r
+attributes             = req_attributes\r
+prompt                 = no\r
+output_password        = $ENV::PASSWORD\r
+ca_cert                           = CA_cert\r
+\r
+[ req_distinguished_name ]\r
+countryName                    = UG\r
+\r
+#stateOrProvinceName          = South area\r
+\r
+localityName                   = Tropic\r
+\r
+organizationName                      = Utopia\r
+\r
+organizationalUnitName         = Relaxation\r
+\r
+commonName                     = $ENV::CN\r
+\r
+emailAddress                   = test@home.org\r
+\r
+[ req_attributes ]\r
+#challengePassword              = $ENV::PASSWORD\r
+\r
+[ CA_cert ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier=hash\r
+authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ proxy_none ]\r
diff --git a/test/expired-ca/req_conf_sn.cnf b/test/expired-ca/req_conf_sn.cnf
new file mode 100644 (file)
index 0000000..8eb3308
--- /dev/null
+++ b/test/expired-ca/req_conf_sn.cnf
@@ -0,0 +1,35 @@
+[ req ]\r
+default_bits           = $ENV::BITS\r
+default_keyfile        = keyfile.pem\r
+distinguished_name     = req_distinguished_name\r
+attributes             = req_attributes\r
+prompt                 = no\r
+output_password        = $ENV::PASSWORD\r
+ca_cert                           = CA_cert\r
+\r
+[ req_distinguished_name ]\r
+countryName                    = UG\r
+\r
+#stateOrProvinceName          = South area\r
+\r
+localityName                   = Tropic\r
+\r
+organizationName                      = Utopia\r
+\r
+organizationalUnitName         = Relaxation\r
+\r
+commonName                     = $ENV::CN\r
+\r
+#emailAddress                   = Email Address\r
+\r
+serialNumber                   = 12341324\r
+\r
+[ req_attributes ]\r
+#challengePassword              = $ENV::PASSWORD\r
+\r
+[ CA_cert ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier=hash\r
+authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ proxy_none ]\r
diff --git a/test/fake-ca/req_conf_email.cnf b/test/fake-ca/req_conf_email.cnf
new file mode 100644 (file)
index 0000000..fdcd280
--- /dev/null
+++ b/test/fake-ca/req_conf_email.cnf
@@ -0,0 +1,33 @@
+[ req ]\r
+default_bits           = $ENV::BITS\r
+default_keyfile        = keyfile.pem\r
+distinguished_name     = req_distinguished_name\r
+attributes             = req_attributes\r
+prompt                 = no\r
+output_password        = $ENV::PASSWORD\r
+ca_cert                           = CA_cert\r
+\r
+[ req_distinguished_name ]\r
+countryName                    = UG\r
+\r
+#stateOrProvinceName          = South area\r
+\r
+localityName                   = Tropic\r
+\r
+organizationName                      = Utopia\r
+\r
+organizationalUnitName         = Relaxation\r
+\r
+commonName                     = $ENV::CN\r
+\r
+emailAddress                   = test@home.org\r
+\r
+[ req_attributes ]\r
+#challengePassword              = $ENV::PASSWORD\r
+\r
+[ CA_cert ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier=hash\r
+authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ proxy_none ]\r
diff --git a/test/fake-ca/req_conf_sn.cnf b/test/fake-ca/req_conf_sn.cnf
new file mode 100644 (file)
index 0000000..8eb3308
--- /dev/null
+++ b/test/fake-ca/req_conf_sn.cnf
@@ -0,0 +1,35 @@
+[ req ]\r
+default_bits           = $ENV::BITS\r
+default_keyfile        = keyfile.pem\r
+distinguished_name     = req_distinguished_name\r
+attributes             = req_attributes\r
+prompt                 = no\r
+output_password        = $ENV::PASSWORD\r
+ca_cert                           = CA_cert\r
+\r
+[ req_distinguished_name ]\r
+countryName                    = UG\r
+\r
+#stateOrProvinceName          = South area\r
+\r
+localityName                   = Tropic\r
+\r
+organizationName                      = Utopia\r
+\r
+organizationalUnitName         = Relaxation\r
+\r
+commonName                     = $ENV::CN\r
+\r
+#emailAddress                   = Email Address\r
+\r
+serialNumber                   = 12341324\r
+\r
+[ req_attributes ]\r
+#challengePassword              = $ENV::PASSWORD\r
+\r
+[ CA_cert ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier=hash\r
+authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ proxy_none ]\r
diff --git a/test/trusted-ca/ca_conf.cnf b/test/trusted-ca/ca_conf.cnf
index 42d548d..7ae8401 100644 (file)
--- a/test/trusted-ca/ca_conf.cnf
+++ b/test/trusted-ca/ca_conf.cnf
@@ -20,6 +20,7 @@ organizationName       = optional
 organizationalUnitName = optional\r
 commonName             = supplied\r
 emailAddress           = optional\r
+serialNumber           = optional\r
 \r
 [ ca_cert ]\r
 basicConstraints=CA:TRUE\r
diff --git a/test/trusted-ca/req_conf_email.cnf b/test/trusted-ca/req_conf_email.cnf
new file mode 100644 (file)
index 0000000..fdcd280
--- /dev/null
+++ b/test/trusted-ca/req_conf_email.cnf
@@ -0,0 +1,33 @@
+[ req ]\r
+default_bits           = $ENV::BITS\r
+default_keyfile        = keyfile.pem\r
+distinguished_name     = req_distinguished_name\r
+attributes             = req_attributes\r
+prompt                 = no\r
+output_password        = $ENV::PASSWORD\r
+ca_cert                           = CA_cert\r
+\r
+[ req_distinguished_name ]\r
+countryName                    = UG\r
+\r
+#stateOrProvinceName          = South area\r
+\r
+localityName                   = Tropic\r
+\r
+organizationName                      = Utopia\r
+\r
+organizationalUnitName         = Relaxation\r
+\r
+commonName                     = $ENV::CN\r
+\r
+emailAddress                   = test@home.org\r
+\r
+[ req_attributes ]\r
+#challengePassword              = $ENV::PASSWORD\r
+\r
+[ CA_cert ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier=hash\r
+authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ proxy_none ]\r
diff --git a/test/trusted-ca/req_conf_sn.cnf b/test/trusted-ca/req_conf_sn.cnf
new file mode 100644 (file)
index 0000000..99e8218
--- /dev/null
+++ b/test/trusted-ca/req_conf_sn.cnf
@@ -0,0 +1,35 @@
+[ req ]\r
+default_bits           = $ENV::BITS\r
+default_keyfile        = keyfile.pem\r
+distinguished_name     = req_distinguished_name\r
+attributes             = req_attributes\r
+prompt                 = no\r
+output_password        = $ENV::PASSWORD\r
+ca_cert                           = CA_cert\r
+\r
+[ req_distinguished_name ]\r
+countryName                    = UK\r
+\r
+#stateOrProvinceName          = South area\r
+\r
+localityName                   = Tropic\r
+\r
+organizationName                      = Utopia\r
+\r
+organizationalUnitName         = Relaxation\r
+\r
+commonName                     = $ENV::CN\r
+\r
+#emailAddress                   = Email Address\r
+\r
+serialNumber                   = 12341324\r
+\r
+[ req_attributes ]\r
+#challengePassword              = $ENV::PASSWORD\r
+\r
+[ CA_cert ]\r
+basicConstraints = CA:true\r
+subjectKeyIdentifier=hash\r
+authorityKeyIdentifier=keyid:always,issuer:always\r
+\r
+[ proxy_none ]\r
Unnamed repository; edit this file 'description' to name the repository.