From: Joni Hahkala <joni.hahkala@cern.ch>
Date: Wed, 27 Jul 2005 12:22:09 +0000 (+0000)
Subject: Added 4096bit cert to the set
X-Git-Tag: GLITE_RELEASE_1_5_1~4
X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=ae2aa70d34d413409cc9af332a89fa66f9d38b32;p=glite-security-test-utils.git

Added 4096bit cert to the set
---

diff --git a/bin/generate-test-certificates.sh b/bin/generate-test-certificates.sh
index a501e7f..02ff885 100755
--- a/bin/generate-test-certificates.sh
+++ b/bin/generate-test-certificates.sh
@@ -28,6 +28,8 @@ function create_cert {
     export CN=$2
     flags=$3
     validity=$4
+    bits=${5:-1024}
+
     echo "Creating a cert for '$CN' in files named $filebase.(cert|priv)"
     echo "                with $flags flags and $validity days validity time"
 
@@ -37,12 +39,16 @@ function create_cert {
         return 
     fi
 
+    if [ $flags == "bigclient" ]; then
+	flags="client"
+    fi
+
     # if we are in a state where we are generating proxies (${CA_DIR}/serial_proxy.txt exists)
     # then let's transfer the serial number of the last proxy to the serial.txt file for the 
     # next new certificate...
 
 
-    CMD="openssl req -out $filebase.req -newkey rsa:1024 -new -keyout $filebase.priv -config $REQ_CONFIG_FILE"
+    CMD="openssl req -out $filebase.req -newkey rsa:$bits -new -keyout $filebase.priv -config $REQ_CONFIG_FILE"
     echo $CMD; $CMD;
 
     case $flags in
@@ -66,7 +72,7 @@ function create_cert {
         # cat ${CA_DIR}/serial_proxy.txt
 
     # some minor cleanup
-    rm $filebase.req
+#    rm $filebase.req
 
     create_p12 $filebase
 }
@@ -327,6 +333,17 @@ function create_all {
     # let "i += 1"; echo "State : $i"; cat ${CA_DIR}/serial_proxy.txt; echo;
     create_cert_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_proxy_exp "expired proxy" -1 proxy_exp
 
+    TYPE="bigclient"
+    CTYPE="bigclient"
+
+    create_cert $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" ${TYPE} $DAYS 4096
+
+    create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy "proxy" 1
+    create_cert_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_exp "expired proxy" -1
+
+    create_cert_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_proxy "proxy" 1 proxy
+    create_cert_proxy_proxy $CERT_DIR/${catype}_${TYPE} "$catype ${CTYPE}" proxy_proxy_exp "expired proxy" -1 proxy_exp
+
     TYPE="server"
     CTYPE="server"