#!/bin/sh set -o nounset set -o errexit SOFTHSM=/usr/local/bin/softhsm2-util INSTDIR=../catlfish PREFIX=.. . test.shvars createca () { mkdir ${INSTDIR}/tests/httpsca ( cd ${INSTDIR}/tests/httpsca ; \ mkdir -p demoCA/newcerts ; \ touch demoCA/index.txt ; \ echo 00 > demoCA/serial ; \ echo '[ req ]' > caconfig.txt ; \ echo 'distinguished_name = req_distinguished_name' >> caconfig.txt ; \ echo 'x509_extensions = v3_ca' >> caconfig.txt ; \ echo 'string_mask = utf8only' >> caconfig.txt ; \ echo '[ req_distinguished_name ]' >> caconfig.txt ; \ echo '[ v3_ca ]' >> caconfig.txt ; \ echo 'basicConstraints=CA:true' >> caconfig.txt ; \ openssl req -newkey rsa:2048 -keyout key.pem -out req.csr -nodes -subj '/countryName=SE/stateOrProvinceName=Stockholm/organizationName=Test/commonName=ca/O=ca' -config caconfig.txt ; \ openssl ca -in req.csr -selfsign -keyfile key.pem -out demoCA/cacert.pem -batch \ ) } createcert () { mkdir ${INSTDIR}/tests/httpscert openssl req -new -newkey rsa:2048 -keyout ${INSTDIR}/tests/httpscert/httpskey-1.pem -out ${INSTDIR}/tests/httpsca/httpscert-1.csr -nodes -subj '/countryName=SE/stateOrProvinceName=Stockholm/organizationName=Test/CN=localhost' ( cd ${INSTDIR}/tests/httpsca ; \ openssl ca -in httpscert-1.csr -keyfile key.pem -out httpscert-1.pem -batch \ ) cp ${INSTDIR}/tests/httpsca/httpscert-1.pem ${INSTDIR}/tests/httpscert/ } rm -r ${INSTDIR}/tests || true mkdir ${INSTDIR}/tests createca createcert mkdir ${INSTDIR}/tests/keys (cd ${INSTDIR}/tests/keys ; ../../../tools/create-key.sh logkey) openssl pkcs8 -topk8 -nocrypt -in ${INSTDIR}/tests/keys/logkey-private.pem -out ${INSTDIR}/tests/keys/logkey-private.pkcs8 mkdir ${INSTDIR}/tests/mergedb touch ${INSTDIR}/tests/mergedb/logorder mkdir ${INSTDIR}/tests/mergedb-secondary touch ${INSTDIR}/tests/mergedb-secondary/logorder printf 0 > ${INSTDIR}/tests/mergedb-secondary/verifiedsize mkdir ${INSTDIR}/tests/known_roots cp ../tools/testcerts/roots/* ${INSTDIR}/tests/known_roots for machine in ${MACHINES}; do \ (cd ${INSTDIR}/tests; ../../tools/compileconfig.py --config ../../test/catlfish-test.cfg --localconfig ../../test/catlfish-test-local-${machine}.cfg) && \ mkdir -p ${INSTDIR}/tests/machine/machine-${machine}/db && \ touch ${INSTDIR}/tests/machine/machine-${machine}/db/index && touch ${INSTDIR}/tests/machine/machine-${machine}/db/newentries done (cd ${INSTDIR}/tests; ../../tools/compileconfig.py --config ../../test/catlfish-test.cfg --localconfig ../../test/catlfish-test-local-merge-2.cfg) (cd ${INSTDIR}/tests; ../../tools/compileconfig.py --config ../../test/catlfish-test.cfg --localconfig ../../test/catlfish-test-local-signing.cfg) mkdir ${INSTDIR}/tests/privatekeys mkdir ${INSTDIR}/tests/publickeys for node in ${NODES}; do \ (cd ${INSTDIR}/tests/privatekeys ; ../../../tools/create-key.sh ${node}) ; \ mv ${INSTDIR}/tests/privatekeys/${node}.pem ${INSTDIR}/tests/publickeys/ ; \ mkdir -p ${INSTDIR}/tests/nodes/${node}/log done (cd ${INSTDIR}/tests/privatekeys ; ../../../tools/create-key.sh merge-1) mv ${INSTDIR}/tests/privatekeys/merge-1.pem ${INSTDIR}/tests/publickeys/ (cd ${INSTDIR}/tests/privatekeys ; ../../../tools/create-key.sh merge-2) mv ${INSTDIR}/tests/privatekeys/merge-2.pem ${INSTDIR}/tests/publickeys/ test -x ${SOFTHSM} && ${SOFTHSM} --init-token --slot=0 --label=mylabel --so-pin=ffff --pin=ffff || true test -x ${SOFTHSM} && ${SOFTHSM} --import ${INSTDIR}/tests/keys/logkey-private.pkcs8 --slot 0 --label mylabel --pin ffff --id 00 || true