Old test/java/security/cert/CertPathValidator/nameConstraints/generate.sh

   1 #
   2 # Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
   3 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4 #
   5 # This code is free software; you can redistribute it and/or modify it
   6 # under the terms of the GNU General Public License version 2 only, as
   7 # published by the Free Software Foundation.  Oracle designates this
   8 # particular file as subject to the "Classpath" exception as provided
   9 # by Oracle in the LICENSE file that accompanied this code.
  10 #
  11 # This code is distributed in the hope that it will be useful, but WITHOUT
  12 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13 # FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14 # version 2 for more details (a copy is included in the LICENSE file that
  15 # accompanied this code).
  16 #
  17 # You should have received a copy of the GNU General Public License version
  18 # 2 along with this work; if not, write to the Free Software Foundation,
  19 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20 #
  21 # Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22 # or visit www.oracle.com if you need additional information or have any
  23 # questions.
  24 #
  25 
  26 #!/bin/ksh
  27 #
  28 # needs ksh to run the script.
  29 OPENSSL=openssl
  30 
  31 # generate a self-signed root certificate
  32 if [ ! -f root/root_cert.pem ]; then
  33     if [ ! -d root ]; then
  34         mkdir root
  35     fi
  36 
  37     ${OPENSSL} req -x509 -newkey rsa:1024 -keyout root/root_key.pem \
  38         -out root/root_cert.pem -subj "/C=US/O=Example" \
  39         -config openssl.cnf -reqexts cert_issuer -days 7650 \
  40         -passin pass:passphrase -passout pass:passphrase
  41 fi
  42 
  43 # generate subca cert issuer
  44 if [ ! -f subca/subca_cert.pem ]; then
  45     if [ ! -d subca ]; then
  46         mkdir subca
  47     fi
  48 
  49     ${OPENSSL} req -newkey rsa:1024 -keyout subca/subca_key.pem \
  50         -out subca/subca_req.pem -subj "/C=US/O=Example/OU=Class-1" \
  51         -days 7650 -passin pass:passphrase -passout pass:passphrase
  52 
  53     ${OPENSSL} x509 -req -in subca/subca_req.pem -extfile openssl.cnf \
  54         -extensions cert_issuer -CA root/root_cert.pem \
  55         -CAkey root/root_key.pem -out subca/subca_cert.pem -CAcreateserial \
  56         -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
  57 fi
  58 
  59 # generate certifiacte for Alice
  60 if [ ! -f subca/alice/alice_cert.pem ]; then
  61     if [ ! -d subca/alice ]; then
  62         mkdir -p subca/alice
  63     fi
  64 
  65     ${OPENSSL} req -newkey rsa:1024 -keyout subca/alice/alice_key.pem \
  66         -out subca/alice/alice_req.pem \
  67         -subj "/C=US/O=Example/OU=Class-1/CN=Alice" -days 7650 \
  68         -passin pass:passphrase -passout pass:passphrase
  69 
  70     ${OPENSSL} x509 -req -in subca/alice/alice_req.pem \
  71         -extfile openssl.cnf -extensions alice_of_subca \
  72         -CA subca/subca_cert.pem -CAkey subca/subca_key.pem \
  73         -out subca/alice/alice_cert.pem -CAcreateserial \
  74         -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
  75 fi
  76 
  77 # generate certifiacte for Bob
  78 if [ ! -f subca/bob/bob.pem ]; then
  79     if [ ! -d subca/bob ]; then
  80         mkdir -p subca/bob
  81     fi
  82 
  83     ${OPENSSL} req -newkey rsa:1024 -keyout subca/bob/bob_key.pem \
  84         -out subca/bob/bob_req.pem \
  85         -subj "/C=US/O=Example/OU=Class-1/CN=Bob" -days 7650 \
  86         -passin pass:passphrase -passout pass:passphrase
  87 
  88     ${OPENSSL} x509 -req -in subca/bob/bob_req.pem \
  89         -extfile openssl.cnf -extensions ee_of_subca \
  90         -CA subca/subca_cert.pem -CAkey subca/subca_key.pem \
  91         -out subca/bob/bob_cert.pem -CAcreateserial \
  92         -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
  93 fi
  94 
  95 # generate certifiacte for Susan
  96 if [ ! -f subca/susan/susan_cert.pem ]; then
  97     if [ ! -d subca/susan ]; then
  98         mkdir -p subca/susan
  99     fi
 100 
 101     ${OPENSSL} req -newkey rsa:1024 -keyout subca/susan/susan_key.pem \
 102         -out subca/susan/susan_req.pem \
 103         -subj "/C=US/O=Example/OU=Class-1/CN=Susan" -days 7650 \
 104         -passin pass:passphrase -passout pass:passphrase
 105 
 106     ${OPENSSL} x509 -req -in subca/susan/susan_req.pem \
 107         -extfile openssl.cnf -extensions susan_of_subca \
 108         -CA subca/subca_cert.pem -CAkey subca/subca_key.pem \
 109         -out subca/susan/susan_cert.pem -CAcreateserial \
 110         -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
 111 fi
 112