diff options
| author | luwenpeng <[email protected]> | 2021-08-31 17:53:17 +0800 |
|---|---|---|
| committer | luwenpeng <[email protected]> | 2021-08-31 17:53:17 +0800 |
| commit | b94a73294db47900b6d937ef1f74cded19915801 (patch) | |
| tree | 9cd39be038c22605f3f83737743caabf89af9e10 /tool | |
| parent | 917c5cfaf7536b93b0d302030215ab9eec8e502a (diff) | |
TSG-7583: 自签发证书用于TSG各组件间加密通信
Diffstat (limited to 'tool')
| -rwxr-xr-x | tool | 101 |
1 files changed, 101 insertions, 0 deletions
@@ -0,0 +1,101 @@ +#!/usr/bin/env bash +set -eu + +COMMAND=$1 +shift +OUT=$1 +shift +DOMAIN=$1 +shift + +mkdir -p $(dirname $OUT) +PREGEN_OUT=$(echo "$OUT" | sed "s#/gen/#/pregen/#") +if [ -e $PREGEN_OUT ] +then + cp $PREGEN_OUT $OUT + exit 0 +fi + +case "$COMMAND" in +chain) + cat $@ > $OUT + ;; +dhparam) + openssl dhparam \ + -out $OUT \ + $1 + ;; +gen-csr) + openssl req -new \ + -out $OUT \ + -config <(cat $1 | sed "s/__DOMAIN__/$DOMAIN/g") \ + -key $2 + ;; +gen-csr-no-subject) + openssl req -new \ + -subj / \ + -out $OUT \ + -config <(cat $1 | sed "s/__DOMAIN__/$DOMAIN/g") \ + -key $2 + ;; +gen-ca) + openssl req -new -x509 -days 7300 \ + -out $OUT \ + -config $1 \ + -key $2 + ;; +gen-key) + openssl genrsa \ + -out $OUT \ + $1 + ;; +gen-ecckey) + openssl ecparam \ + -out $OUT \ + -name $1 \ + -genkey + ;; +gen-pkcs12-p12) + openssl pkcs12 \ + -out $OUT \ + -export \ + -clcerts \ + -passout "pass:$DOMAIN" \ + -in $1 \ + -inkey $2 + ;; +pkcs12-convert-p12-pem) + openssl pkcs12 \ + -out $OUT \ + -clcerts \ + -passin "pass:$DOMAIN" \ + -passout "pass:$DOMAIN" \ + -in $1 + ;; +self-sign) + openssl x509 -req -CAcreateserial \ + -out $OUT \ + -days $1 \ + -$2 \ + -extensions $3 \ + -extfile <(cat $4 | sed "s/__DOMAIN__/$DOMAIN/g") \ + -in $5 \ + -signkey $6 + ;; +sign) + openssl x509 \ + -req \ + -CAcreateserial \ + -days $1 \ + -$2 \ + -out $OUT \ + -extensions $3 \ + -extfile <(cat $4 | sed "s/__DOMAIN__/$DOMAIN/g") \ + -in $5 \ + -CAkey $6 \ + -CA $7 + ;; +*) + echo "Unknown command." + exit 1 +esac |