diff options
author | JackLivio <jack@livio.io> | 2017-08-17 11:19:50 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-08-17 11:19:50 -0400 |
commit | 3abb4b1f55beda8209e4171c8947c17456f7f1ae (patch) | |
tree | 73fbe3397b7e45553837c95bc64e161fb63525af /tools | |
parent | d187c1ea698ea20e7a0f66cf548b29e4edf1aeb6 (diff) | |
parent | 661e26609e4c6ba2bb6b6241e9d8fcbba4e52c27 (diff) | |
download | sdl_core-3abb4b1f55beda8209e4171c8947c17456f7f1ae.tar.gz |
Merge pull request #1644 from AByzhynar/fix/Add_SDL_support_for_PEM_certs
Update SDL to support PEM serts and generate_test_certificates.py script
Diffstat (limited to 'tools')
-rwxr-xr-x | tools/Utils/generate_test_certificates.py | 31 |
1 files changed, 19 insertions, 12 deletions
diff --git a/tools/Utils/generate_test_certificates.py b/tools/Utils/generate_test_certificates.py index 73b6f53cc8..2c1d2cddbf 100755 --- a/tools/Utils/generate_test_certificates.py +++ b/tools/Utils/generate_test_certificates.py @@ -118,12 +118,13 @@ def gen_pkcs12(out, key_file, cert_file, verification_certificate) : "-name 'SPT key and certificates'", "-CAfile ", verification_certificate, \ " -passout pass:") - """ - Encode certificate $out to base 64 - """ - with open(out, "rb") as cert: - with open(out + ".enc", "wb") as enc_cert: - enc_cert.write(cert.read().encode("base64")) +def gen_pem_file(out, key_file, cert_file, verification_certificate) : + """Join $key_file, $cert_file, $verification_certificate in pem file named $out""" + files = [key_file, cert_file, verification_certificate] + with open(out, "wb") as cert: + for fl in files: + with open(fl) as infile: + cert.write(infile.read()) def answers(name, app_id, country, state, locality, organization, unit, email) : """Answer string generator @@ -228,47 +229,53 @@ def main(): server_key_file = os.path.join(server_dir, "server.key") server_cert_file = os.path.join(server_dir, "server.crt") server_pkcs12_file = os.path.join(server_dir, "spt_credential.p12") + server_pem_file = os.path.join(server_dir, "spt_credential.pem") gen_rsa_key(server_key_file, 2048) gen_cert(server_cert_file, server_key_file, ford_server_cert_file, ford_server_key_file, days, server_answer) gen_pkcs12(server_pkcs12_file, server_key_file, server_cert_file, client_verification_ca_cert_file) + gen_pem_file(server_pem_file, server_key_file, server_cert_file, client_verification_ca_cert_file) print print " --== Server unsigned certificate generating ==-- " server_unsigned_cert_file = os.path.join(server_dir, "server_unsigned.crt") server_pkcs12_unsigned_file = os.path.join(server_dir, "spt_credential_unsigned.p12") + server_pem_unsigned_file = os.path.join(server_dir, "spt_credential_unsigned.pem") gen_root_cert(server_unsigned_cert_file, server_key_file, days, server_unsigned_answer) gen_pkcs12(server_pkcs12_unsigned_file, server_key_file, server_unsigned_cert_file, client_verification_ca_cert_file) + gen_pem_file(server_pem_unsigned_file, server_key_file, server_unsigned_cert_file, client_verification_ca_cert_file) print print " --== Server expired certificate generating ==-- " server_expired_cert_file = os.path.join(server_dir, "server_expired.crt") server_pkcs12_expired_file = os.path.join(server_dir, "spt_credential_expired.p12") + server_pem_expired_file = os.path.join(server_dir, "spt_credential_expired.pem") gen_expire_cert(server_expired_cert_file, server_key_file, ford_server_cert_file, ford_server_key_file, days, server_expired_answer) gen_pkcs12(server_pkcs12_expired_file, server_key_file, server_expired_cert_file, client_verification_ca_cert_file) + gen_pem_file(server_pem_expired_file, server_key_file, server_expired_cert_file, client_verification_ca_cert_file) print print " --== Client pkcs12 certificate generating ==-- " client_key_file = os.path.join(client_dir, "client.key") client_cert_file = os.path.join(client_dir, "client.crt") - client_pkcs12_file = os.path.join(client_dir, "client_credential.p12") + client_pkcs12_file = os.path.join(client_dir, "client_credential.pem") gen_rsa_key(client_key_file, 2048) gen_cert(client_cert_file, client_key_file, ford_client_cert_file, ford_client_key_file, days, client_answer) - gen_pkcs12(client_pkcs12_file, client_key_file, client_cert_file, server_verification_ca_cert_file) + gen_pem_file(client_pkcs12_file, client_key_file, client_cert_file, server_verification_ca_cert_file) print print " --== Client pkcs12 unsigned certificate generating ==-- " client_unsigned_cert_file = os.path.join(client_dir, "client_unsigned.crt") - client_pkcs12_unsigned_file = os.path.join(client_dir, "client_credential_unsigned.p12") + client_pkcs12_unsigned_file = os.path.join(client_dir, "client_credential_unsigned.pem") gen_root_cert(client_unsigned_cert_file, client_key_file, days, client_unsigned_answer) - gen_pkcs12(client_pkcs12_unsigned_file, client_key_file, client_unsigned_cert_file, server_verification_ca_cert_file) + gen_pem_file(client_pkcs12_unsigned_file, client_key_file, client_unsigned_cert_file, server_verification_ca_cert_file) print print " --== Client pkcs12 expired certificate generating ==-- " client_expired_cert_file = os.path.join(client_dir, "client_expired.crt") - client_pkcs12_expired_file = os.path.join(client_dir, "client_credential_expired.p12") + client_pkcs12_expired_file = os.path.join(client_dir, "client_credential_expired.pem") gen_expire_cert(client_expired_cert_file, client_key_file, ford_client_cert_file, ford_client_key_file, days, client_expired_answer) - gen_pkcs12(client_pkcs12_expired_file, client_key_file, client_expired_cert_file, server_verification_ca_cert_file) + gen_pem_file(client_pkcs12_expired_file, client_key_file, client_expired_cert_file, server_verification_ca_cert_file) subprocess.call(["c_rehash", server_dir]) subprocess.call(["c_rehash", client_dir]) |