1#!/bin/bash
2#
3# Copyright (C) 2010 The Android Open Source Project
4#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9#      http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16#
17
18#
19# Android testssl.sh driver script for openssl's testssl
20#
21# based on openssl's test/testss script and test/Makefile's test_ssl target
22#
23
24set -e
25trap "echo Exiting on unexpected error." ERR
26
27device=/sdcard/android.testssl
28
29digest='-sha1'
30reqcmd="adb shell /system/bin/openssl req"
31x509cmd="adb shell /system/bin/openssl x509 $digest"
32
33CAkey="$device/keyCA.ss"
34CAcert="$device/certCA.ss"
35CAreq="$device/reqCA.ss"
36CAconf="$device/CAss.cnf"
37
38Uconf="$device/Uss.cnf"
39Ureq="$device/reqU.ss"
40Ukey="$device/keyU.ss"
41Ucert="$device/certU.ss"
42
43echo
44echo "setting up"
45adb remount
46adb shell rm -r $device
47adb shell mkdir $device
48
49echo
50echo "pushing test files to device"
51adb push . $device
52
53echo
54echo "make a certificate request using 'req'"
55adb shell "echo \"string to make the random number generator think it has entropy\" >> $device/.rnd"
56req_new='-new'
57$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new
58
59echo
60echo "convert the certificate request into a self signed certificate using 'x509'"
61$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca
62
63echo
64echo "make a user certificate request using 'req'"
65$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new
66
67echo
68echo "sign user certificate request with the just created CA via 'x509'"
69$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee
70
71echo
72echo "running testssl"
73./testssl $Ukey $Ucert $CAcert
74
75echo
76echo "cleaning up"
77adb shell rm -r $device
78