diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
| commit | 36d22d82aa202bb199967e9512281e9a53db42c9 (patch) | |
| tree | 105e8c98ddea1c1e4784a60a5a6410fa416be2de /security/nss/tests/common/certsetup.sh | |
| parent | Initial commit. (diff) | |
| download | firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.tar.xz firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.zip | |
Adding upstream version 115.7.0esr.upstream/115.7.0esr
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/nss/tests/common/certsetup.sh')
| -rw-r--r-- | security/nss/tests/common/certsetup.sh | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/security/nss/tests/common/certsetup.sh b/security/nss/tests/common/certsetup.sh new file mode 100644 index 0000000000..2f0055f1a2 --- /dev/null +++ b/security/nss/tests/common/certsetup.sh @@ -0,0 +1,75 @@ +# Generate input to certutil +certscript() { + ca=n + while [ $# -gt 0 ]; do + case $1 in + sign) echo 0 ;; + kex) echo 2 ;; + ca) echo 5;echo 6;ca=y ;; + esac; shift + done; + echo 9 + echo n + echo $ca + echo + echo n +} + +# $1: name +# $2: type +# $3+: usages: sign or kex +make_cert() { + name=$1 + type=$2 + + # defaults + type_args=() + trust=',,' + sign=(-x) + sighash=(-Z SHA256) + + case $type in + dsa) type_args=(-g 1024) ;; + rsa) type_args=(-g 1024) ;; + rsa2048) type_args=(-g 2048);type=rsa ;; + rsa8192) type_args=(-g 8192);type=rsa ;; + rsapss) type_args=(-g 1024 --pss);type=rsa ;; + rsapss384) type_args=(-g 1024 --pss);type=rsa;sighash=(-Z SHA384) ;; + rsapss512) type_args=(-g 2048 --pss);type=rsa;sighash=(-Z SHA512) ;; + rsapss_noparam) type_args=(-g 2048 --pss);type=rsa;sighash=() ;; + p256) type_args=(-q nistp256);type=ec ;; + p384) type_args=(-q secp384r1);type=ec ;; + p521) type_args=(-q secp521r1);type=ec ;; + rsa_ca) type_args=(-g 1024);trust='CT,CT,CT';type=rsa ;; + rsa_chain) type_args=(-g 1024);sign=(-c rsa_ca);type=rsa;; + rsapss_ca) type_args=(-g 1024 --pss);trust='CT,CT,CT';type=rsa ;; + rsapss_chain) type_args=(-g 1024);sign=(-c rsa_pss_ca);type=rsa;; + rsa_ca_rsapss_chain) type_args=(-g 1024 --pss-sign);sign=(-c rsa_ca);type=rsa;; + ecdh_rsa) type_args=(-q nistp256);sign=(-c rsa_ca);type=ec ;; + delegator_p256) + touch empty.txt + type_args=(-q nistp256 --extGeneric 1.3.6.1.4.1.44363.44:not-critical:empty.txt) + type=ec + ;; + delegator_rsae2048) + touch empty.txt + type_args=(-g 2048 --extGeneric 1.3.6.1.4.1.44363.44:not-critical:empty.txt) + type=rsa + ;; + delegator_rsa_pss2048) + touch empty.txt + type_args=(-g 2048 --pss --extGeneric 1.3.6.1.4.1.44363.44:not-critical:empty.txt) + type=rsa + ;; + esac + msg="create certificate: $@" + shift 2 + counter=$(($counter + 1)) + cmd=(${BINDIR}/certutil -S \ + -z "$R_NOISE_FILE" -d "$PROFILEDIR" \ + -n $name -s "CN=$name" -t "$trust" "${sign[@]}" -m "$counter" \ + -w -2 -v 120 -k "$type" "${type_args[@]}" "${sighash[@]}" -1 -2) + echo "${cmd[@]}" + certscript $@ | "${cmd[@]}" + html_msg $? 0 "$msg" +} |