test/java/security/cert/CertPathValidator/nameConstraints/generate.sh - toolchain/jdk/jdk9_jdk - Git at Google

 #
 # Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License version 2 only, as
 # published by the Free Software Foundation.  Oracle designates this
 # particular file as subject to the "Classpath" exception as provided
 # by Oracle in the LICENSE file that accompanied this code.
 #
 # This code is distributed in the hope that it will be useful, but WITHOUT
 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 # FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 # version 2 for more details (a copy is included in the LICENSE file that
 # accompanied this code).
 #
 # You should have received a copy of the GNU General Public License version
 # 2 along with this work; if not, write to the Free Software Foundation,
 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 #
 # Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 # or visit www.oracle.com if you need additional information or have any
 # questions.
 #

 #!/bin/ksh
 #
 # needs ksh to run the script.
 OPENSSL=openssl

 # generate a self-signed root certificate
 if [ ! -f root/root_cert.pem ]; then
     if [ ! -d root ]; then
         mkdir root
     fi

     ${OPENSSL} req -x509 -newkey rsa:1024 -keyout root/root_key.pem \
         -out root/root_cert.pem -subj "/C=US/O=Example" \
         -config openssl.cnf -reqexts cert_issuer -days 7650 \
         -passin pass:passphrase -passout pass:passphrase
 fi

 # generate subca cert issuer
 if [ ! -f subca/subca_cert.pem ]; then
     if [ ! -d subca ]; then
         mkdir subca
     fi

     ${OPENSSL} req -newkey rsa:1024 -keyout subca/subca_key.pem \
         -out subca/subca_req.pem -subj "/C=US/O=Example/OU=Class-1" \
         -days 7650 -passin pass:passphrase -passout pass:passphrase

     ${OPENSSL} x509 -req -in subca/subca_req.pem -extfile openssl.cnf \
         -extensions cert_issuer -CA root/root_cert.pem \
         -CAkey root/root_key.pem -out subca/subca_cert.pem -CAcreateserial \
         -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
 fi

 # generate certifiacte for Alice
 if [ ! -f subca/alice/alice_cert.pem ]; then
     if [ ! -d subca/alice ]; then
         mkdir -p subca/alice
     fi

     ${OPENSSL} req -newkey rsa:1024 -keyout subca/alice/alice_key.pem \
         -out subca/alice/alice_req.pem \
         -subj "/C=US/O=Example/OU=Class-1/CN=Alice" -days 7650 \
         -passin pass:passphrase -passout pass:passphrase

     ${OPENSSL} x509 -req -in subca/alice/alice_req.pem \
         -extfile openssl.cnf -extensions alice_of_subca \
         -CA subca/subca_cert.pem -CAkey subca/subca_key.pem \
         -out subca/alice/alice_cert.pem -CAcreateserial \
         -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
 fi

 # generate certifiacte for Bob
 if [ ! -f subca/bob/bob.pem ]; then
     if [ ! -d subca/bob ]; then
         mkdir -p subca/bob
     fi

     ${OPENSSL} req -newkey rsa:1024 -keyout subca/bob/bob_key.pem \
         -out subca/bob/bob_req.pem \
         -subj "/C=US/O=Example/OU=Class-1/CN=Bob" -days 7650 \
         -passin pass:passphrase -passout pass:passphrase

     ${OPENSSL} x509 -req -in subca/bob/bob_req.pem \
         -extfile openssl.cnf -extensions ee_of_subca \
         -CA subca/subca_cert.pem -CAkey subca/subca_key.pem \
         -out subca/bob/bob_cert.pem -CAcreateserial \
         -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
 fi

 # generate certifiacte for Susan
 if [ ! -f subca/susan/susan_cert.pem ]; then
     if [ ! -d subca/susan ]; then
         mkdir -p subca/susan
     fi

     ${OPENSSL} req -newkey rsa:1024 -keyout subca/susan/susan_key.pem \
         -out subca/susan/susan_req.pem \
         -subj "/C=US/O=Example/OU=Class-1/CN=Susan" -days 7650 \
         -passin pass:passphrase -passout pass:passphrase

     ${OPENSSL} x509 -req -in subca/susan/susan_req.pem \
         -extfile openssl.cnf -extensions susan_of_subca \
         -CA subca/subca_cert.pem -CAkey subca/subca_key.pem \
         -out subca/susan/susan_cert.pem -CAcreateserial \
         -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
 fi
	#
	# Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
	# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
	#
	# This code is free software; you can redistribute it and/or modify it
	# under the terms of the GNU General Public License version 2 only, as
	# published by the Free Software Foundation. Oracle designates this
	# particular file as subject to the "Classpath" exception as provided
	# by Oracle in the LICENSE file that accompanied this code.
	#
	# This code is distributed in the hope that it will be useful, but WITHOUT
	# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	# version 2 for more details (a copy is included in the LICENSE file that
	# accompanied this code).
	#
	# You should have received a copy of the GNU General Public License version
	# 2 along with this work; if not, write to the Free Software Foundation,
	# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
	#
	# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
	# or visit www.oracle.com if you need additional information or have any
	# questions.
	#

	#!/bin/ksh
	#
	# needs ksh to run the script.
	OPENSSL=openssl

	# generate a self-signed root certificate
	if [ ! -f root/root_cert.pem ]; then
	if [ ! -d root ]; then
	mkdir root
	fi

	${OPENSSL} req -x509 -newkey rsa:1024 -keyout root/root_key.pem \
	-out root/root_cert.pem -subj "/C=US/O=Example" \
	-config openssl.cnf -reqexts cert_issuer -days 7650 \
	-passin pass:passphrase -passout pass:passphrase
	fi

	# generate subca cert issuer
	if [ ! -f subca/subca_cert.pem ]; then
	if [ ! -d subca ]; then
	mkdir subca
	fi

	${OPENSSL} req -newkey rsa:1024 -keyout subca/subca_key.pem \
	-out subca/subca_req.pem -subj "/C=US/O=Example/OU=Class-1" \
	-days 7650 -passin pass:passphrase -passout pass:passphrase

	${OPENSSL} x509 -req -in subca/subca_req.pem -extfile openssl.cnf \
	-extensions cert_issuer -CA root/root_cert.pem \
	-CAkey root/root_key.pem -out subca/subca_cert.pem -CAcreateserial \
	-CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
	fi

	# generate certifiacte for Alice
	if [ ! -f subca/alice/alice_cert.pem ]; then
	if [ ! -d subca/alice ]; then
	mkdir -p subca/alice
	fi

	${OPENSSL} req -newkey rsa:1024 -keyout subca/alice/alice_key.pem \
	-out subca/alice/alice_req.pem \
	-subj "/C=US/O=Example/OU=Class-1/CN=Alice" -days 7650 \
	-passin pass:passphrase -passout pass:passphrase

	${OPENSSL} x509 -req -in subca/alice/alice_req.pem \
	-extfile openssl.cnf -extensions alice_of_subca \
	-CA subca/subca_cert.pem -CAkey subca/subca_key.pem \
	-out subca/alice/alice_cert.pem -CAcreateserial \
	-CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
	fi

	# generate certifiacte for Bob
	if [ ! -f subca/bob/bob.pem ]; then
	if [ ! -d subca/bob ]; then
	mkdir -p subca/bob
	fi

	${OPENSSL} req -newkey rsa:1024 -keyout subca/bob/bob_key.pem \
	-out subca/bob/bob_req.pem \
	-subj "/C=US/O=Example/OU=Class-1/CN=Bob" -days 7650 \
	-passin pass:passphrase -passout pass:passphrase

	${OPENSSL} x509 -req -in subca/bob/bob_req.pem \
	-extfile openssl.cnf -extensions ee_of_subca \
	-CA subca/subca_cert.pem -CAkey subca/subca_key.pem \
	-out subca/bob/bob_cert.pem -CAcreateserial \
	-CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
	fi

	# generate certifiacte for Susan
	if [ ! -f subca/susan/susan_cert.pem ]; then
	if [ ! -d subca/susan ]; then
	mkdir -p subca/susan
	fi

	${OPENSSL} req -newkey rsa:1024 -keyout subca/susan/susan_key.pem \
	-out subca/susan/susan_req.pem \
	-subj "/C=US/O=Example/OU=Class-1/CN=Susan" -days 7650 \
	-passin pass:passphrase -passout pass:passphrase

	${OPENSSL} x509 -req -in subca/susan/susan_req.pem \
	-extfile openssl.cnf -extensions susan_of_subca \
	-CA subca/subca_cert.pem -CAkey subca/subca_key.pem \
	-out subca/susan/susan_cert.pem -CAcreateserial \
	-CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
	fi