198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#!/bin/bash
298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#
398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom# Copyright (C) 2010 The Android Open Source Project
498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#
598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom# Licensed under the Apache License, Version 2.0 (the "License");
698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom# you may not use this file except in compliance with the License.
798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom# You may obtain a copy of the License at
898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#
998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#      http://www.apache.org/licenses/LICENSE-2.0
1098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#
1198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom# Unless required by applicable law or agreed to in writing, software
1298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom# distributed under the License is distributed on an "AS IS" BASIS,
1398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom# See the License for the specific language governing permissions and
1598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom# limitations under the License.
1698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#
1798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom
1898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#
1998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom# Android testssl.sh driver script for openssl's testssl
2098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#
2198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom# based on openssl's test/testss script and test/Makefile's test_ssl target
2298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom#
2398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom
2498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromset -e
2598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromtrap "echo Exiting on unexpected error." ERR
2698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom
2799ed67e397c4f2d3e0e65fa714a416bb73a0d108Brian Carlstromdevice=/sdcard/android.testssl
2898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom
2998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromdigest='-sha1'
3098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromreqcmd="adb shell /system/bin/openssl req"
3198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromx509cmd="adb shell /system/bin/openssl x509 $digest"
3298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom
3398d58bb80c64b02a33662f0ea80351d4a1535267Brian CarlstromCAkey="$device/keyCA.ss"
3498d58bb80c64b02a33662f0ea80351d4a1535267Brian CarlstromCAcert="$device/certCA.ss"
3598d58bb80c64b02a33662f0ea80351d4a1535267Brian CarlstromCAreq="$device/reqCA.ss"
3698d58bb80c64b02a33662f0ea80351d4a1535267Brian CarlstromCAconf="$device/CAss.cnf"
3798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom
3898d58bb80c64b02a33662f0ea80351d4a1535267Brian CarlstromUconf="$device/Uss.cnf"
3998d58bb80c64b02a33662f0ea80351d4a1535267Brian CarlstromUreq="$device/reqU.ss"
4098d58bb80c64b02a33662f0ea80351d4a1535267Brian CarlstromUkey="$device/keyU.ss"
4198d58bb80c64b02a33662f0ea80351d4a1535267Brian CarlstromUcert="$device/certU.ss"
4298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom
4398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho
4498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho "setting up"
4599ed67e397c4f2d3e0e65fa714a416bb73a0d108Brian Carlstromadb remount
4698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromadb shell rm -r $device
4798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromadb shell mkdir $device
4898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom
4998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho
5098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho "pushing test files to device"
5198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromadb push . $device
5298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom
5398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho
5498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho "make a certificate request using 'req'"
5598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromadb shell "echo \"string to make the random number generator think it has entropy\" >> $device/.rnd"
5698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromreq_new='-new'
5798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new
5898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom
5998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho
6098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho "convert the certificate request into a self signed certificate using 'x509'"
6198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca
6298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom
6398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho
6498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho "make a user certificate request using 'req'"
6598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new
6698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom
6798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho
6898d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho "sign user certificate request with the just created CA via 'x509'"
6998d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee
7098d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom
7198d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho
7298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho "running testssl"
7398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom./testssl $Ukey $Ucert $CAcert
7498d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom
7598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho
7698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromecho "cleaning up"
7798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstromadb shell rm -r $device
78