+++ /dev/null
-#!/bin/sh
-#
-# Copying and distribution of this file, with or without modification,
-# are permitted in any medium without royalty provided the copyright
-# notice and this notice are preserved. This file is offered as-is,
-# without any warranty.
-
-ORG="/C=FR/ST=Brittany/L=Vannes/O=IoT.bzh"
-
-cat > extensions << EOC
-[root]
-basicConstraints=CA:TRUE
-keyUsage=keyCertSign
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid
-[derivate]
-basicConstraints=CA:TRUE
-keyUsage=keyCertSign,digitalSignature
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid
-EOC
-
-keyof() { echo -n "$1.key.pem"; }
-certof() { echo -n "$1.cert.pem"; }
-
-generate() {
-
-local s="$1" n="$2" cn="$3" sig="$4"
-local key="$(keyof "$n")" cert="$(certof "$n")"
-
-if [ ! -f "$key" ]
-then
- echo
- echo "generation of the $n key"
- openssl genpkey \
- -algorithm RSA -pkeyopt rsa_keygen_bits:4096 \
- -outform PEM \
- -out "$key"
-fi
-
-if [ ! -f "$cert" -o "$key" -nt "$cert" ]
-then
- echo
- echo "generation of the $n certificate"
- openssl req -new \
- -key "$key" \
- -subj "$ORG/CN=$cn" |
- openssl x509 -req \
- -days 3653 \
- -sha256 \
- -extfile extensions \
- -trustout \
- $sig \
- -set_serial $s \
- -setalias "$cn" \
- -out "$cert"
-fi
-
-}
-
-
-genroot() {
- local s="$1" n="$2" cn="$3"
- generate "$s" "$n" "$cn" "-signkey $(keyof "$n") -extensions root"
-}
-
-derivate() {
- local s="$1" n="$2" cn="$3" i="$4"
- generate "$s" "$n" "$cn" "-CA $(certof "$i") -CAkey $(keyof "$i") -extensions derivate"
-}
-
-
-genroot 1 root "Root certificate"
-derivate 2 developer "Root developer" root
-derivate 3 platform "Root platform" root
-derivate 4 partner "Root partner" root
-derivate 5 public "Root public" root
-
-rm extensions
Code Review / src / app-framework-main.git / blobdiff