Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/sun/security/provider/certpath/DisabledAlgorithms/generate.sh
41154 views
1
#

2
# Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.

3
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
#

5
# This code is free software; you can redistribute it and/or modify it

6
# under the terms of the GNU General Public License version 2 only, as

7
# published by the Free Software Foundation.  Oracle designates this

8
# particular file as subject to the "Classpath" exception as provided

9
# by Oracle in the LICENSE file that accompanied this code.

10
#

11
# This code is distributed in the hope that it will be useful, but WITHOUT

12
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

13
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

14
# version 2 for more details (a copy is included in the LICENSE file that

15
# accompanied this code).

16
#

17
# You should have received a copy of the GNU General Public License version

18
# 2 along with this work; if not, write to the Free Software Foundation,

19
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

20
#

21
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

22
# or visit www.oracle.com if you need additional information or have any

23
# questions.

24
#

25


26
#!/bin/ksh

27
#

28
# needs ksh to run the script.

29
set -e

30


31
OPENSSL=openssl

32


33
# generate a self-signed root certificate

34
if [ ! -f root/finished ]; then

35
    if [ ! -d root ]; then

36
        mkdir root

37
    fi

38


39
    # SHA1withRSA 1024

40
    ${OPENSSL} req -x509 -newkey rsa:1024 -keyout root/root_key_1024.pem \

41
        -out root/root_cert_sha1_1024.pem -subj "/C=US/O=Example" \

42
        -config openssl.cnf -reqexts cert_issuer -days 7650 -sha1 \

43
        -passin pass:passphrase -passout pass:passphrase

44


45
    # SHA1withRSA 512

46
    ${OPENSSL} req -x509 -newkey rsa:512 -keyout root/root_key_512.pem \

47
        -out root/root_cert_sha1_512.pem -subj "/C=US/O=Example" \

48
        -config openssl.cnf -reqexts cert_issuer -days 7650 -sha1 \

49
        -passin pass:passphrase -passout pass:passphrase

50


51
    # MD2withRSA 2048

52
    ${OPENSSL} req -x509 -newkey rsa:2048 -keyout root/root_key_2048.pem \

53
        -out root/root_cert_md2_2048.pem -subj "/C=US/O=Example" \

54
        -config openssl.cnf -reqexts cert_issuer -days 7650 -md2 \

55
        -passin pass:passphrase -passout pass:passphrase

56


57
    openssl req -newkey rsa:1024 -keyout root/root_crlissuer_key.pem \

58
        -out root/root_crlissuer_req.pem -subj "/C=US/O=Example" -days 7650 \

59
        -passin pass:passphrase -passout pass:passphrase

60


61
    openssl x509 -req -in root/root_crlissuer_req.pem -extfile openssl.cnf \

62
        -extensions crl_issuer -CA root/root_cert_sha1_1024.pem \

63
        -CAkey root/root_key_1024.pem -out root/root_crlissuer_cert.pem \

64
        -CAcreateserial -CAserial root/root_cert.srl -days 7200 \

65
        -passin pass:passphrase

66


67
    touch root/finished

68
fi

69


70


71
# generate subca cert issuer

72
if [ ! -f subca/finished ]; then

73
    if [ ! -d subca ]; then

74
        mkdir subca

75
    fi

76


77
    # RSA 1024

78
    ${OPENSSL} req -newkey rsa:1024 -keyout subca/subca_key_1024.pem \

79
        -out subca/subca_req_1024.pem -subj "/C=US/O=Example/OU=Class-1" \

80
        -days 7650 -passin pass:passphrase -passout pass:passphrase

81


82
    # RSA 512

83
    ${OPENSSL} req -newkey rsa:512 -keyout subca/subca_key_512.pem \

84
        -out subca/subca_req_512.pem -subj "/C=US/O=Example/OU=Class-1" \

85
        -days 7650 -passin pass:passphrase -passout pass:passphrase

86


87
    # SHA1withRSA 1024 signed with RSA 1024

88
    ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \

89
        -extensions cert_issuer -CA root/root_cert_sha1_1024.pem \

90
        -CAkey root/root_key_1024.pem -out subca/subca_cert_sha1_1024_1024.pem \

91
        -CAcreateserial -sha1 \

92
        -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase

93


94
    # SHA1withRSA 1024 signed with RSA 512

95
    ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \

96
        -extensions cert_issuer -CA root/root_cert_sha1_512.pem \

97
        -CAkey root/root_key_512.pem -out subca/subca_cert_sha1_1024_512.pem \

98
        -CAcreateserial -sha1 \

99
        -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase

100


101
    # SHA1withRSA 512 signed with RSA 1024

102
    ${OPENSSL} x509 -req -in subca/subca_req_512.pem -extfile openssl.cnf \

103
        -extensions cert_issuer -CA root/root_cert_sha1_1024.pem \

104
        -CAkey root/root_key_1024.pem -out subca/subca_cert_sha1_512_1024.pem \

105
        -CAcreateserial -sha1 \

106
        -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase

107


108
    # SHA1withRSA 512 signed with RSA 512

109
    ${OPENSSL} x509 -req -in subca/subca_req_512.pem -extfile openssl.cnf \

110
        -extensions cert_issuer -CA root/root_cert_sha1_512.pem \

111
        -CAkey root/root_key_512.pem -out subca/subca_cert_sha1_512_512.pem \

112
        -CAcreateserial -sha1 \

113
        -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase

114


115
    # MD2withRSA 1024 signed with RSA 1024

116
    ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \

117
        -extensions cert_issuer -CA root/root_cert_sha1_1024.pem \

118
        -CAkey root/root_key_1024.pem -out subca/subca_cert_md2_1024_1024.pem \

119
        -CAcreateserial -md2 \

120
        -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase

121


122
    # MD2withRSA 1024 signed with RSA 512

123
    ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \

124
        -extensions cert_issuer -CA root/root_cert_sha1_512.pem \

125
        -CAkey root/root_key_512.pem -out subca/subca_cert_md2_1024_512.pem \

126
        -CAcreateserial -md2 \

127
        -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase

128


129
    openssl req -newkey rsa:1024 -keyout subca/subca_crlissuer_key.pem \

130
        -out subca/subca_crlissuer_req.pem -subj "/C=US/O=Example/OU=Class-1" \

131
        -days 7650 -passin pass:passphrase -passout pass:passphrase

132


133
    openssl x509 -req -in subca/subca_crlissuer_req.pem -extfile openssl.cnf \

134
        -extensions crl_issuer -CA root/root_cert_sha1_1024.pem \

135
        -CAkey root/root_key_1024.pem -out subca/subca_crlissuer_cert.pem \

136
        -CAcreateserial -CAserial root/root_cert.srl -days 7200 \

137
        -passin pass:passphrase

138


139
    touch subca/finished

140
fi

141


142


143
# generate certifiacte for Alice

144
if [ ! -f subca/alice/finished ]; then

145
    if [ ! -d subca/alice ]; then

146
        mkdir -p subca/alice

147
    fi

148


149
    # RSA 1024

150
    ${OPENSSL} req -newkey rsa:1024 -keyout subca/alice/alice_key_1024.pem \

151
        -out subca/alice/alice_req_1024.pem \

152
        -subj "/C=US/O=Example/OU=Class-1/CN=Alice" -days 7650 \

153
        -passin pass:passphrase -passout pass:passphrase

154


155
    # RSA 512

156
    ${OPENSSL} req -newkey rsa:512 -keyout subca/alice/alice_key_512.pem \

157
        -out subca/alice/alice_req_512.pem \

158
        -subj "/C=US/O=Example/OU=Class-1/CN=Alice" -days 7650 \

159
        -passin pass:passphrase -passout pass:passphrase

160


161
    # SHA1withRSA 1024 signed with RSA 1024

162
    ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \

163
        -extfile openssl.cnf -extensions ee_of_subca \

164
        -CA subca/subca_cert_sha1_1024_1024.pem \

165
        -CAkey subca/subca_key_1024.pem \

166
        -out subca/alice/alice_cert_sha1_1024_1024.pem -CAcreateserial -sha1 \

167
        -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase

168


169
    # SHA1withRSA 1024 signed with RSA 512

170
    ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \

171
        -extfile openssl.cnf -extensions ee_of_subca \

172
        -CA subca/subca_cert_sha1_512_1024.pem \

173
        -CAkey subca/subca_key_512.pem \

174
        -out subca/alice/alice_cert_sha1_1024_512.pem -CAcreateserial -sha1 \

175
        -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase

176


177
    # SHA1withRSA 512 signed with RSA 1024

178
    ${OPENSSL} x509 -req -in subca/alice/alice_req_512.pem \

179
        -extfile openssl.cnf -extensions ee_of_subca \

180
        -CA subca/subca_cert_sha1_1024_1024.pem \

181
        -CAkey subca/subca_key_1024.pem \

182
        -out subca/alice/alice_cert_sha1_512_1024.pem -CAcreateserial -sha1 \

183
        -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase

184


185
    # SHA1withRSA 512 signed with RSA 512

186
    ${OPENSSL} x509 -req -in subca/alice/alice_req_512.pem \

187
        -extfile openssl.cnf -extensions ee_of_subca \

188
        -CA subca/subca_cert_sha1_512_1024.pem \

189
        -CAkey subca/subca_key_512.pem \

190
        -out subca/alice/alice_cert_sha1_512_512.pem -CAcreateserial -sha1 \

191
        -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase

192


193
    # MD2withRSA 1024 signed with RSA 1024

194
    ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \

195
        -extfile openssl.cnf -extensions ee_of_subca \

196
        -CA subca/subca_cert_sha1_1024_1024.pem \

197
        -CAkey subca/subca_key_1024.pem \

198
        -out subca/alice/alice_cert_md2_1024_1024.pem -CAcreateserial -md2 \

199
        -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase

200


201
    # MD2withRSA 1024 signed with RSA 512

202
    ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \

203
        -extfile openssl.cnf -extensions ee_of_subca \

204
        -CA subca/subca_cert_sha1_512_1024.pem \

205
        -CAkey subca/subca_key_512.pem \

206
        -out subca/alice/alice_cert_md2_1024_512.pem -CAcreateserial -md2 \

207
        -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase

208


209
    touch subca/alice/finished

210
fi

211


212
if [ ! -f root/revoked ]; then

213
    if [ ! -d root ]; then

214
        mkdir root

215
    fi

216


217
    if [ ! -f root/index.txt ]; then

218
        touch root/index.txt

219
        echo 00 > root/crlnumber

220
    fi

221


222
    openssl ca -gencrl -config openssl.cnf -name ca_top -crldays 7000 -md sha1 \

223
        -crl_reason superseded -keyfile root/root_crlissuer_key.pem \

224
        -cert root/root_crlissuer_cert.pem -out root/top_crl.pem \

225
        -passin pass:passphrase

226


227
    touch root/revoked

228
fi

229


230
if [ ! -f subca/revoked ]; then

231
    if [ ! -d subca ]; then

232
        mkdir subca

233
    fi

234


235
    if [ ! -f subca/index.txt ]; then

236
        touch subca/index.txt

237
        echo 00 > subca/crlnumber

238
    fi

239


240
    # revoke alice's SHA1withRSA 1024 signed with RSA 1024

241
    openssl ca -revoke subca/alice/alice_cert_sha1_1024_1024.pem \

242
        -config openssl.cnf \

243
        -name ca_subca -crl_reason superseded \

244
        -keyfile subca/subca_crlissuer_key.pem \

245
        -cert subca/subca_crlissuer_cert.pem -passin pass:passphrase

246


247
    openssl ca -gencrl -config openssl.cnf \

248
        -name ca_subca -crldays 7000 -md md2 \

249
        -crl_reason superseded -keyfile subca/subca_crlissuer_key.pem \

250
        -cert subca/subca_crlissuer_cert.pem \

251
        -out subca/subca_crl.pem \

252
        -passin pass:passphrase

253


254
    touch subca/revoked

255
fi

256


257