test/ssl/lib.sh


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

#! /bin/sh

# PEM format

# req fields
# C  = Country
# ST = State/Province
# L = Locality
# O = Organization
# OU = Org Unit
# CN = commonName
# ? = emailAddress

umask 077

run() {
  echo '$' "$@"
  "$@" 2>&1 | sed 's/^/  > /' 
}

# key -> csr
run_req() {
  tmp="csr.template"
  args=""
  while test "$1" != '--'; do
    args="$args $1"
    shift
  done
  shift

  (
    echo "[req]"
    echo "prompt=no"
    echo "distinguished_name=req_distinguished_name"
    echo "[req_distinguished_name]"
    for arg; do echo "$arg"; done
  ) > "$tmp"
  run openssl req $args -config "$tmp"
  rm -f csr.template
}

run_ca() {
  ser=`cat ${CaName}/serial`
  run openssl ca -batch -config "${CaName}/config.ini" "$@"
  while test "$1" != '-out'; do
    shift
  done
  if test "$1" = '-out'; then
    cp "${CaName}/certs/$ser.pem" "$2"
  fi
}