Skip to content

Commit 0f7bb60

Browse files
tgonzalezorlandoarmtgonzalezorlandoarm
committed
setup_tls.sh: Generate Client CSR through parsec-tool
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
1 parent d479b92 commit 0f7bb60

File tree

2 files changed

+6
-19
lines changed

2 files changed

+6
-19
lines changed

tests/docker_image/parsec-openssl-provider-test.Dockerfile

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,5 +36,7 @@ RUN git clone https://github.com/parallaxsecond/parsec.git --branch 1.3.0 \
3636

3737
RUN git clone https://github.com/parallaxsecond/parsec-tool.git --branch main \
3838
&& cd parsec-tool \
39+
&& cargo install patch-crate \
40+
&& cargo patch-crate \
3941
&& cargo build \
4042
&& cp target/debug/parsec-tool /opt/rust/bin/parsec-tool

tests/setup_tls.sh

Lines changed: 4 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -94,8 +94,7 @@ generate_server_certs() {
9494
generate_client_certs() {
9595
CLIENT_DIRECTORY=$1
9696
CLIENT_CERTIFICATE=${CLIENT_DIRECTORY}/client_cert.pem
97-
CLIENT_CSR=${CLIENT_DIRECTORY}/client_cert.csr
98-
CLIENT_PRIV_KEY=${CLIENT_DIRECTORY}/client_priv_key.pem
97+
CLIENT_CSR=${CLIENT_DIRECTORY}/parsec_cert.csr
9998

10099
CA_DIRECTORY=$2
101100
CA_CERTIFICATE=${CA_DIRECTORY}/ca_cert.pem
@@ -105,24 +104,9 @@ generate_client_certs() {
105104
mkdir -p "${CLIENT_DIRECTORY}" > /dev/null 2>&1
106105
chmod 700 "${CLIENT_DIRECTORY}"
107106

108-
# Generate private key
109-
openssl genrsa -out "${CLIENT_PRIV_KEY}" 2048 > /dev/null 2>&1
110-
if [ $? -ne 0 ]; then
111-
echo "FAILED TO GENERATE KEY"
112-
exit 1
113-
fi
114-
115107
# Generate certificate request
116-
openssl req -new \
117-
-key "${CLIENT_PRIV_KEY}" \
118-
-out "${CLIENT_CSR}" \
119-
-subj "/C=UK/ST=Parsec /L=Parsec/O=Parsec/CN=parsec_client.com" > /dev/null 2>&1
120-
if [ $? -ne 0 ]; then
121-
echo "FAILED TO GENERATE CERTIFICATE REQUEST"
122-
exit 1
123-
fi
108+
parsec-tool create-csr --cn parsec_client.com --l Parsec --c UK --st Parsec --o Parsec --key-name $3 > parsec_cert.pem
124109

125-
# Generate certificate
126110
openssl x509 -req -days 1000 -in "${CLIENT_CSR}" \
127111
-CA "${CA_CERTIFICATE}" -CAkey "${CA_PRIV_KEY}" \
128112
-CAcreateserial -out "${CLIENT_CERTIFICATE}" > /dev/null 2>&1
@@ -144,7 +128,8 @@ echo -n "Generating server private key and certificate: "
144128
generate_server_certs ./tls/server ./tls/ca
145129

146130
echo -n "Generating client private key and certificate: "
147-
generate_client_certs ./tls/client ./tls/ca
131+
generate_client_certs ./tls/client ./tls/ca PARSEC_TEST_RSA_KEY
132+
generate_client_certs ./tls/client ./tls/ca PARSEC_TEST_ECDSA_KEY
148133

149134
echo -n "Generating fake certificate authority private key and certificate: "
150135
generate_ca_certs ./tls/fake_ca

0 commit comments

Comments
 (0)