summaryrefslogtreecommitdiff
path: root/bitmask_android/openssl/android.testssl/testssl.sh
blob: cd5609285f5148741337e6a2d5d1be6c12b3c645 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
#!/bin/bash
#
# Copyright (C) 2010 The Android Open Source Project
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

#
# Android testssl.sh driver script for openssl's testssl
#
# based on openssl's test/testss script and test/Makefile's test_ssl target
#

set -e
trap "echo Exiting on unexpected error." ERR

device=/sdcard/android.testssl

digest='-sha1'
reqcmd="adb shell /system/bin/openssl req"
x509cmd="adb shell /system/bin/openssl x509 $digest"

CAkey="$device/keyCA.ss"
CAcert="$device/certCA.ss"
CAreq="$device/reqCA.ss"
CAconf="$device/CAss.cnf"

Uconf="$device/Uss.cnf"
Ureq="$device/reqU.ss"
Ukey="$device/keyU.ss"
Ucert="$device/certU.ss"

echo
echo "setting up"
adb remount
adb shell rm -r $device
adb shell mkdir $device

echo
echo "pushing test files to device"
adb push . $device

echo
echo "make a certificate request using 'req'"
adb shell "echo \"string to make the random number generator think it has entropy\" >> $device/.rnd"
req_new='-new'
$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new

echo
echo "convert the certificate request into a self signed certificate using 'x509'"
$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca

echo
echo "make a user certificate request using 'req'"
$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new

echo
echo "sign user certificate request with the just created CA via 'x509'"
$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee

echo
echo "running testssl"
./testssl $Ukey $Ucert $CAcert

echo
echo "cleaning up"
adb shell rm -r $device