summaryrefslogtreecommitdiff
path: root/security/nss/tests/common/certsetup.sh
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/tests/common/certsetup.sh')
-rw-r--r--security/nss/tests/common/certsetup.sh57
1 files changed, 57 insertions, 0 deletions
diff --git a/security/nss/tests/common/certsetup.sh b/security/nss/tests/common/certsetup.sh
new file mode 100644
index 0000000000..2b5cef840b
--- /dev/null
+++ b/security/nss/tests/common/certsetup.sh
@@ -0,0 +1,57 @@
+# Generate input to certutil
+certscript() {
+ ca=n
+ while [ $# -gt 0 ]; do
+ case $1 in
+ sign) echo 0 ;;
+ kex) echo 2 ;;
+ ca) echo 5;echo 6;ca=y ;;
+ esac; shift
+ done;
+ echo 9
+ echo n
+ echo $ca
+ echo
+ echo n
+}
+
+# $1: name
+# $2: type
+# $3+: usages: sign or kex
+make_cert() {
+ name=$1
+ type=$2
+
+ # defaults
+ type_args=()
+ trust=',,'
+ sign=(-x)
+ sighash=(-Z SHA256)
+
+ case $type in
+ dsa) type_args=(-g 1024) ;;
+ rsa) type_args=(-g 1024) ;;
+ rsa2048) type_args=(-g 2048);type=rsa ;;
+ rsa8192) type_args=(-g 8192);type=rsa ;;
+ rsapss) type_args=(-g 1024 --pss);type=rsa ;;
+ rsapss384) type_args=(-g 1024 --pss);type=rsa;sighash=(-Z SHA384) ;;
+ rsapss512) type_args=(-g 2048 --pss);type=rsa;sighash=(-Z SHA512) ;;
+ rsapss_noparam) type_args=(-g 2048 --pss);type=rsa;sighash=() ;;
+ p256) type_args=(-q nistp256);type=ec ;;
+ p384) type_args=(-q secp384r1);type=ec ;;
+ p521) type_args=(-q secp521r1);type=ec ;;
+ rsa_ca) type_args=(-g 1024);trust='CT,CT,CT';type=rsa ;;
+ rsa_chain) type_args=(-g 1024);sign=(-c rsa_ca);type=rsa;;
+ rsapss_ca) type_args=(-g 1024 --pss);trust='CT,CT,CT';type=rsa ;;
+ rsapss_chain) type_args=(-g 1024);sign=(-c rsa_pss_ca);type=rsa;;
+ rsa_ca_rsapss_chain) type_args=(-g 1024 --pss-sign);sign=(-c rsa_ca);type=rsa;;
+ ecdh_rsa) type_args=(-q nistp256);sign=(-c rsa_ca);type=ec ;;
+ esac
+ shift 2
+ counter=$(($counter + 1))
+ certscript $@ | ${BINDIR}/certutil -S \
+ -z ${R_NOISE_FILE} -d "${PROFILEDIR}" \
+ -n $name -s "CN=$name" -t "$trust" "${sign[@]}" -m "$counter" \
+ -w -2 -v 120 -k "$type" "${type_args[@]}" "${sighash[@]}" -1 -2
+ html_msg $? 0 "create certificate: $@"
+}