blob: 479d64f87838518dd212f287702a5d8b1691ac58 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
# file : tests/rsa.testscript
# license : OpenSSL and SSLeay Licenses; see accompanying LICENSE file
+cat <<EOI >=openssl.cnf
repository = build2.org
company = Code Synthesis
email = info@build2.org
[ req ]
distinguished_name = req_distinguished_name
x509_extensions = v3_req
prompt = no
utf8 = yes
[ req_distinguished_name ]
O = $company
CN = name:$repository
[ v3_req ]
keyUsage = critical,digitalSignature
extendedKeyUsage = critical,codeSigning
subjectAltName = email:$email
EOI
+$* genrsa 4096 >=key.pem 2>>~%EOO%
%Generating RSA private key, 4096 bit long modulus.*%
%.*
EOO
+cat key.pem >>~%EOO%
-----BEGIN RSA PRIVATE KEY-----
%.{1,64}%.+
-----END RSA PRIVATE KEY-----
EOO
+$* req -x509 -new -key key.pem -days 1825 -config openssl.cnf >=cert.pem
+cat cert.pem >>~%EOO%
-----BEGIN CERTIFICATE-----
%.{1,64}%.+
-----END CERTIFICATE-----
EOO
: cert-fingerprint
:
{
$* x509 -sha256 -noout -fingerprint <<<../cert.pem >>~%EOO%
%SHA256 Fingerprint=([[:xdigit:]]{2}:){31}[[:xdigit:]]{2}%
EOO
}
: sign-verify
:
{
$* rsautl -sign -inkey ../key.pem <'test' | \
$* rsautl -verify -certin -inkey ../cert.pem >'test'
}
|