1 #!/bin/bash 2 3 # 4 # Creates or overwrites 3 files in ./res/raw: 5 # - cacert.der 6 # - userkey.der 7 # - usercert.der 8 # 9 10 tmpdir=$(mktemp -d './XXXXXXXX') 11 trap 'rm -r ${tmpdir}; echo; exit 1' EXIT INT QUIT 12 13 # CA_default defined in openssl.cnf 14 CA_DIR='demoCA' 15 16 SUBJECT=\ 17 '/C=US'\ 18 '/ST=CA'\ 19 '/L=Mountain View'\ 20 '/O=Android'\ 21 '/CN=localhost' 22 PASSWORD='androidtest' 23 24 echo "Creating directory '$CA_DIR'..." 25 mkdir -p "$tmpdir"/"$CA_DIR"/newcerts \ 26 && echo '01' > "$tmpdir"/"$CA_DIR"/serial \ 27 && touch "$tmpdir"/"$CA_DIR"/index.txt 28 29 echo "Generating CA certificate..." 30 (cd "$tmpdir" \ 31 && openssl req \ 32 -new \ 33 -x509 \ 34 -days 3650 \ 35 -extensions v3_ca \ 36 -keyout 'cakey.pem' \ 37 -out 'cacert.pem' \ 38 -subj "$SUBJECT" \ 39 -passout 'pass:'"$PASSWORD" \ 40 && openssl x509 \ 41 -outform DER \ 42 -in 'cacert.pem' \ 43 -out 'cacert.der') 44 45 echo "Generating user key..." 46 (cd "$tmpdir" \ 47 && openssl req \ 48 -newkey rsa:2048 \ 49 -sha256 \ 50 -keyout 'userkey.pem' \ 51 -nodes \ 52 -days 3650 \ 53 -out 'userkey.req' \ 54 -subj "$SUBJECT" \ 55 && openssl pkcs8 \ 56 -topk8 \ 57 -outform DER \ 58 -in 'userkey.pem' \ 59 -out 'userkey.der' \ 60 -nocrypt) 61 62 echo "Generating user certificate..." 63 (cd "$tmpdir" \ 64 && openssl ca \ 65 -out 'usercert.pem' \ 66 -in 'userkey.req' \ 67 -cert 'cacert.pem' \ 68 -keyfile 'cakey.pem' \ 69 -days 3650 \ 70 -passin 'pass:'"$PASSWORD" \ 71 -batch \ 72 && openssl x509 \ 73 -outform DER \ 74 -in 'usercert.pem' \ 75 -out 'usercert.der') 76 77 # Copy important files to raw resources directory 78 cp \ 79 "$tmpdir"/cacert.der \ 80 "$tmpdir"/userkey.der \ 81 "$tmpdir"/usercert.der \ 82 'res/raw/' 83 84 echo "Finished" 85 exit 86
