summaryrefslogtreecommitdiff
path: root/openssl/tests/rsa.testscript
blob: 47f17cb22c40500a97ea196d7048c1c6c9318c80 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
# file      : tests/rsa.testscript
# copyright : Copyright (c) 2016-2019 Code Synthesis Ltd
# license   : OpenSSL and SSLeay Licenses; see accompanying LICENSE file

+cat <<EOI >=openssl.cnf
repository = build2.org
company    = Code Synthesis
email      = info@build2.org

[ req ]

distinguished_name = req_distinguished_name
x509_extensions    = v3_req
prompt             = no
utf8               = yes

[ req_distinguished_name ]

O  = $company
CN = name:$repository

[ v3_req ]

keyUsage         = critical,digitalSignature
extendedKeyUsage = critical,codeSigning
subjectAltName   = email:$email
EOI

+$* genrsa 4096 >=key.pem 2>>~%EOO%
  %Generating RSA private key, 4096 bit long modulus.*%
  %.*
  EOO

+cat key.pem >>~%EOO%
  -----BEGIN RSA PRIVATE KEY-----
  %.{1,64}%.+
  -----END RSA PRIVATE KEY-----
  EOO

+$* req -x509 -new -key key.pem -days 1825 -config openssl.cnf >=cert.pem

+cat cert.pem >>~%EOO%
  -----BEGIN CERTIFICATE-----
  %.{1,64}%.+
  -----END CERTIFICATE-----
  EOO

: cert-fingerprint
:
{
  $* x509 -sha256 -noout -fingerprint <<<../cert.pem >>~%EOO%
    %SHA256 Fingerprint=([[:xdigit:]]{2}:){31}[[:xdigit:]]{2}%
    EOO
}

: sign-verify
:
{
  $* rsautl -sign -inkey ../key.pem <'test' | \
  $* rsautl -verify -certin -inkey ../cert.pem >'test'
}