|
1 #!/bin/sh |
|
2 ############################################################################# |
|
3 ## |
|
4 ## Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies). |
|
5 ## All rights reserved. |
|
6 ## Contact: Nokia Corporation (qt-info@nokia.com) |
|
7 ## |
|
8 ## This file is the build configuration utility of the Qt Toolkit. |
|
9 ## |
|
10 ## $QT_BEGIN_LICENSE:LGPL$ |
|
11 ## No Commercial Usage |
|
12 ## This file contains pre-release code and may not be distributed. |
|
13 ## You may use this file in accordance with the terms and conditions |
|
14 ## contained in the Technology Preview License Agreement accompanying |
|
15 ## this package. |
|
16 ## |
|
17 ## GNU Lesser General Public License Usage |
|
18 ## Alternatively, this file may be used under the terms of the GNU Lesser |
|
19 ## General Public License version 2.1 as published by the Free Software |
|
20 ## Foundation and appearing in the file LICENSE.LGPL included in the |
|
21 ## packaging of this file. Please review the following information to |
|
22 ## ensure the GNU Lesser General Public License version 2.1 requirements |
|
23 ## will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. |
|
24 ## |
|
25 ## In addition, as a special exception, Nokia gives you certain additional |
|
26 ## rights. These rights are described in the Nokia Qt LGPL Exception |
|
27 ## version 1.1, included in the file LGPL_EXCEPTION.txt in this package. |
|
28 ## |
|
29 ## If you have questions regarding the use of this file, please contact |
|
30 ## Nokia at qt-info@nokia.com. |
|
31 ## |
|
32 ## |
|
33 ## |
|
34 ## |
|
35 ## |
|
36 ## |
|
37 ## |
|
38 ## |
|
39 ## $QT_END_LICENSE$ |
|
40 ## |
|
41 ############################################################################# |
|
42 |
|
43 # This script generates digital certificates of different types. |
|
44 |
|
45 #--- Certificates --------------------------------------------------------------------------- |
|
46 echo -e "\ngenerating 1024-bit RSA private key to PEM file ..." |
|
47 openssl genrsa -out rsa-pri-1024.pem 1024 |
|
48 |
|
49 echo -e "\ngenerating the corresponding public key to PEM and DER file ..." |
|
50 openssl rsa -in rsa-pri-1024.pem -pubout -out rsa-pub-1024.pem |
|
51 openssl rsa -in rsa-pri-1024.pem -pubout -out rsa-pub-1024.der -outform der |
|
52 |
|
53 echo -e "\ngenerating certificate signing request (CSR) ..." |
|
54 openssl req -out req.pem -new -key rsa-pri-1024.pem -subj "/CN=name\/with\/slashes/C=NO" |
|
55 |
|
56 echo -e "\n generating a self-signed certifificate to PEM file ..." |
|
57 openssl x509 -req -in req.pem -out cert-ss.pem -signkey rsa-pri-1024.pem |
|
58 |
|
59 echo -e "\n generating a self-signed certifificate to DER file ..." |
|
60 openssl x509 -req -in req.pem -out cert-ss.der -signkey rsa-pri-1024.pem -outform der |
|
61 |
|
62 echo -e "\n generating a certifificate signed by a dummy CA to PEM file ..." |
|
63 openssl x509 -req -in req.pem -out cert.pem -CA ca-cert.pem -set_serial 17 |
|
64 |
|
65 echo -e "\n generating a certifificate signed by a dummy CA to DER file ..." |
|
66 openssl x509 -req -in req.pem -out cert.der -CA ca-cert.pem -set_serial 17 -outform der |
|
67 |
|
68 #--- Public keys -------------------------------------------------------------------------------- |
|
69 echo -e "\n associate public keys with all certificates ..." |
|
70 # Note: For now, there is only one public key (encoded in both PEM and DER), but that could change. |
|
71 /bin/cp rsa-pub-1024.pem cert-ss.pem.pubkey |
|
72 /bin/cp rsa-pub-1024.der cert-ss.der.pubkey |
|
73 /bin/cp rsa-pub-1024.pem cert.pem.pubkey |
|
74 /bin/cp rsa-pub-1024.der cert.der.pubkey |
|
75 |
|
76 #--- Digests -------------------------------------------------------------------------------- |
|
77 echo -e "\n generating md5 and sha1 digests of all certificates ..." |
|
78 for digest in md5 sha1 |
|
79 do |
|
80 openssl x509 -in ca-cert.pem -noout -fingerprint -$digest > ca-cert.pem.digest-$digest |
|
81 openssl x509 -in cert-ss.pem -noout -fingerprint -$digest > cert-ss.pem.digest-$digest |
|
82 openssl x509 -in cert.pem -noout -fingerprint -$digest > cert.pem.digest-$digest |
|
83 done |
|
84 |
|
85 #--- Subjet Alternative Name extension ---------------------------------------------------- |
|
86 echo -e "\n generating self signed root cert. with Subject Alternative Name extension (X509v3) ..." |
|
87 outname=cert-ss-san.pem |
|
88 openssl req -out req-san.pem -new -key rsa-pri-1024.pem -subj "/CN=Johnny GuitarC=NO" |
|
89 openssl req -x509 -in req-san.pem -out $outname -key rsa-pri-1024.pem \ |
|
90 -config san.cnf -extensions subj_alt_name |
|
91 /bin/cp san.cnf $outname.san |
|
92 |
|
93 echo -e "\n cleaning up ..." |
|
94 /bin/rm rsa-pri-1024.pem rsa-pub-1024.* req*.pem |