1#!/bin/bash 2 3# 4# Creates or overwrites 3 files in ./res/raw: 5# - cacert.der 6# - userkey.der 7# - usercert.der 8# 9 10tmpdir=$(mktemp -d './XXXXXXXX') 11trap 'rm -r ${tmpdir}; echo; exit 1' EXIT INT QUIT 12 13# CA_default defined in openssl.cnf 14CA_DIR='demoCA' 15 16SUBJECT=\ 17'/C=US'\ 18'/ST=CA'\ 19'/L=Mountain View'\ 20'/O=Android'\ 21'/CN=localhost' 22PASSWORD='androidtest' 23 24echo "Creating directory '$CA_DIR'..." 25mkdir -p "$tmpdir"/"$CA_DIR"/newcerts \ 26 && echo '01' > "$tmpdir"/"$CA_DIR"/serial \ 27 && touch "$tmpdir"/"$CA_DIR"/index.txt 28 29echo "Generating CA certificate..." 30(cd "$tmpdir" \ 31 && openssl req \ 32 -new \ 33 -x509 \ 34 -days 3650 \ 35 -extensions v3_ca \ 36 -keyout 'cakey.pem' \ 37 -out 'cacert.pem' \ 38 -subj "$SUBJECT" \ 39 -passout 'pass:'"$PASSWORD" \ 40 && openssl x509 \ 41 -outform DER \ 42 -in 'cacert.pem' \ 43 -out 'cacert.der') 44 45echo "Generating user key..." 46(cd "$tmpdir" \ 47 && openssl req \ 48 -newkey rsa:2048 \ 49 -sha256 \ 50 -keyout 'userkey.pem' \ 51 -nodes \ 52 -days 3650 \ 53 -out 'userkey.req' \ 54 -subj "$SUBJECT" \ 55 && openssl pkcs8 \ 56 -topk8 \ 57 -outform DER \ 58 -in 'userkey.pem' \ 59 -out 'userkey.der' \ 60 -nocrypt) 61 62echo "Generating user certificate..." 63(cd "$tmpdir" \ 64 && openssl ca \ 65 -out 'usercert.pem' \ 66 -in 'userkey.req' \ 67 -cert 'cacert.pem' \ 68 -keyfile 'cakey.pem' \ 69 -days 3650 \ 70 -passin 'pass:'"$PASSWORD" \ 71 -batch \ 72 && openssl x509 \ 73 -outform DER \ 74 -in 'usercert.pem' \ 75 -out 'usercert.der') 76 77# Copy important files to raw resources directory 78cp \ 79 "$tmpdir"/cacert.der \ 80 "$tmpdir"/userkey.der \ 81 "$tmpdir"/usercert.der \ 82 'res/raw/' 83 84echo "Finished" 85exit 86