chromeos/test/data/network/setup-certificates.sh - chromium/src - Git at Google

 #!/bin/bash

 # Copyright 2018 The Chromium Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 INPUT_DIR=${1?first param missing - input directory}
 OUTPUT_DIR=${2?second param missing - output directory}

 # This script grabs certain certificates from ${INPUT_DIR} and places them under
 # ${OUTPUT_DIR}. It uses openssl's x509 command to only take the certificate
 # sections (and not e.g. private keys).
 # Additionally, this script creates ONC files which contain some of the
 # certificates to be used by tests.

 openssl x509 -in "${INPUT_DIR}/root_ca_cert.pem" -inform PEM \
   > "${OUTPUT_DIR}/root_ca_cert.pem"
 openssl x509 -in "${INPUT_DIR}/ok_cert.pem" -inform PEM \
   > "${OUTPUT_DIR}/ok_cert.pem"
 openssl x509 -in "${INPUT_DIR}/intermediate_ca_cert.pem" -inform PEM \
   > "${OUTPUT_DIR}/intermediate_ca_cert.pem"
 openssl x509 -in "${INPUT_DIR}/ok_cert_by_intermediate.pem" -inform PEM \
   > "${OUTPUT_DIR}/ok_cert_by_intermediate.pem"

 # Read the root CA cert and interemdiate CA cert PEM files and replace newlines
 # with \n literals. This is needed because the ONC JSON does not support
 # multi-line strings. Note that replacement is done in two steps, using ',' as
 # intermediate character. PEM files will not contain commas.
 ROOT_CA_CERT_CONTENTS=$(cat root_ca_cert.pem \
   | tr '\n' ',' | sed 's/,/\\n/g')
 INTERMEDIATE_CA_CERT_CONTENTS=$(cat intermediate_ca_cert.pem \
   | tr '\n' ',' | sed 's/,/\\n/g')

 cat > "${OUTPUT_DIR}/root-ca-cert.onc" << EOL
 {
   "Certificates": [
     {
       "GUID": "{b3aae353-cfa9-4093-9aff-9f8ee2bf8c29}",
       "TrustBits": [
         "Web"
       ],
       "Type": "Authority",
       "X509": "${ROOT_CA_CERT_CONTENTS}"
     }
   ],
   "Type": "UnencryptedConfiguration"
 }
 EOL

 cat > "${OUTPUT_DIR}/root-and-intermediate-ca-certs.onc" << EOL
 {
   "Certificates": [
     {
       "GUID": "{b3aae353-cfa9-4093-9aff-9f8ee2bf8c29}",
       "TrustBits": [
         "Web"
       ],
       "Type": "Authority",
       "X509": "${ROOT_CA_CERT_CONTENTS}"
     },
     {
       "GUID": "{ac861420-3342-4537-a20e-3c2ec0809b7a}",
       "TrustBits": [ ],
       "Type": "Authority",
       "X509": "${INTERMEDIATE_CA_CERT_CONTENTS}"
     }
   ],
   "Type": "UnencryptedConfiguration"
 }
 EOL
	#!/bin/bash

	# Copyright 2018 The Chromium Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	INPUT_DIR=${1?first param missing - input directory}
	OUTPUT_DIR=${2?second param missing - output directory}

	# This script grabs certain certificates from ${INPUT_DIR} and places them under
	# ${OUTPUT_DIR}. It uses openssl's x509 command to only take the certificate
	# sections (and not e.g. private keys).
	# Additionally, this script creates ONC files which contain some of the
	# certificates to be used by tests.

	openssl x509 -in "${INPUT_DIR}/root_ca_cert.pem" -inform PEM \
	> "${OUTPUT_DIR}/root_ca_cert.pem"
	openssl x509 -in "${INPUT_DIR}/ok_cert.pem" -inform PEM \
	> "${OUTPUT_DIR}/ok_cert.pem"
	openssl x509 -in "${INPUT_DIR}/intermediate_ca_cert.pem" -inform PEM \
	> "${OUTPUT_DIR}/intermediate_ca_cert.pem"
	openssl x509 -in "${INPUT_DIR}/ok_cert_by_intermediate.pem" -inform PEM \
	> "${OUTPUT_DIR}/ok_cert_by_intermediate.pem"

	# Read the root CA cert and interemdiate CA cert PEM files and replace newlines
	# with \n literals. This is needed because the ONC JSON does not support
	# multi-line strings. Note that replacement is done in two steps, using ',' as
	# intermediate character. PEM files will not contain commas.
	ROOT_CA_CERT_CONTENTS=$(cat root_ca_cert.pem \
	\| tr '\n' ',' \| sed 's/,/\\n/g')
	INTERMEDIATE_CA_CERT_CONTENTS=$(cat intermediate_ca_cert.pem \
	\| tr '\n' ',' \| sed 's/,/\\n/g')

	cat > "${OUTPUT_DIR}/root-ca-cert.onc" << EOL
	{
	"Certificates": [
	{
	"GUID": "{b3aae353-cfa9-4093-9aff-9f8ee2bf8c29}",
	"TrustBits": [
	"Web"
	],
	"Type": "Authority",
	"X509": "${ROOT_CA_CERT_CONTENTS}"
	}
	],
	"Type": "UnencryptedConfiguration"
	}
	EOL

	cat > "${OUTPUT_DIR}/root-and-intermediate-ca-certs.onc" << EOL
	{
	"Certificates": [
	{
	"GUID": "{b3aae353-cfa9-4093-9aff-9f8ee2bf8c29}",
	"TrustBits": [
	"Web"
	],
	"Type": "Authority",
	"X509": "${ROOT_CA_CERT_CONTENTS}"
	},
	{
	"GUID": "{ac861420-3342-4537-a20e-3c2ec0809b7a}",
	"TrustBits": [ ],
	"Type": "Authority",
	"X509": "${INTERMEDIATE_CA_CERT_CONTENTS}"
	}
	],
	"Type": "UnencryptedConfiguration"
	}
	EOL