aboutsummaryrefslogtreecommitdiffstats
path: root/development/ssl
diff options
context:
space:
mode:
authorJakub Dudycz <jakub.dudycz@nokia.com>2019-06-21 17:19:49 +0200
committerJakub Dudycz <jakub.dudycz@nokia.com>2019-07-03 11:49:14 +0200
commit83a1d39bca162e8fdabfb3ad9189c5e4f94a44df (patch)
treec0ee3c382cb9072c0fdd21f46649ada824852c5c /development/ssl
parent3449b38b23fe1952a534ab35c5a23105c13e8262 (diff)
Create script to run performance test locally
Change-Id: I6bbf0e9b029aef1558008286f0fbec83b76be44c Signed-off-by: Jakub Dudycz <jakub.dudycz@nokia.com> Issue-ID: DCAEGEN2-1641
Diffstat (limited to 'development/ssl')
-rw-r--r--development/ssl/.gitignore7
-rw-r--r--development/ssl/Makefile-openssl41
-rw-r--r--development/ssl/README.md54
-rwxr-xr-xdevelopment/ssl/gen-certs.sh78
4 files changed, 0 insertions, 180 deletions
diff --git a/development/ssl/.gitignore b/development/ssl/.gitignore
deleted file mode 100644
index 955c17d1..00000000
--- a/development/ssl/.gitignore
+++ /dev/null
@@ -1,7 +0,0 @@
-*.crt
-*.key
-*.srl
-*.csr
-*.pkcs12
-*.p12
-*.pass
diff --git a/development/ssl/Makefile-openssl b/development/ssl/Makefile-openssl
deleted file mode 100644
index 09802ce4..00000000
--- a/development/ssl/Makefile-openssl
+++ /dev/null
@@ -1,41 +0,0 @@
-FILE=sample
-PASSWD=onaponap
-CA_PASSWD=onaponap
-SUBJ=/C=PL/ST=DL/L=Wroclaw/O=Nokia/OU=MANO
-CA=trust
-
-sign: $(FILE).crt
-
-clean:
- rm -f *.crt *.key *.srl *.csr *.pkcs12
-
-generate-ca-certificate: $(CA).crt
-
-generate-private-key: $(FILE).key
-
-create-public-key: $(FILE).pub
-
-create-sign-request: $(FILE).csr
-
-create-key-store: $(FILE).ks.pkcs12
-
-create-trust-store: $(CA).crt
- openssl pkcs12 -export -in $(CA).crt -CAfile $(CA).crt -out $(CA).pkcs12 -nokeys -noiter -nomaciter -passout pass:$(PASSWD)
-
-$(CA).crt:
- openssl req -new -x509 -keyout $(CA).key -out $(CA).crt -days 365 -passout pass:$(CA_PASSWD) -subj "$(SUBJ)"
-
-$(FILE).key:
- openssl genpkey -algorithm RSA -out $(FILE).key -pkeyopt rsa_keygen_bits:2048
-
-$(FILE).pub: $(FILE).key
- openssl x509 -req -days 360 -in client.csr -CA $(CA).crt -CAkey $(CA).key -CAcreateserial -out client.crt
-
-$(FILE).csr: $(FILE).key
- openssl req -new -sha256 -key $(FILE).key -out $(FILE).csr -subj "$(SUBJ)"
-
-$(FILE).crt: $(CA).crt $(FILE).csr
- openssl x509 -req -days 360 -in $(FILE).csr -CA $(CA).crt -CAkey $(CA).key -out $(FILE).crt -CAcreateserial -passin pass:$(CA_PASSWD)
-
-$(FILE).ks.pkcs12: $(FILE).key $(FILE).crt $(CA).crt
- openssl pkcs12 -export -in $(FILE).crt -inkey $(FILE).key -CAfile $(CA).crt -out $(FILE).ks.pkcs12 -noiter -nomaciter -passout pass:$(PASSWD)
diff --git a/development/ssl/README.md b/development/ssl/README.md
deleted file mode 100644
index c2819d24..00000000
--- a/development/ssl/README.md
+++ /dev/null
@@ -1,54 +0,0 @@
-# Generating SSL certificates
-
-## Java keytool way (recommended)
-
-To generate:
-
-```shell
-./gen-certs.sh
-```
-
-To clean (remove generated files):
-
-```shell
-./gen-certs.sh clean
-```
-
-## OpenSSL way (currently might not work)
-
-> Add `-f Makefile-openssl` to each command
-
-Typical usage:
-
-```shell
-make FILE=client
-make FILE=server
-```
-
-or (to generate PKCS12 key and trust stores):
-
-```shell
-make create-key-store FILE=client
-make create-key-store FILE=server
-make create-trust-store
-```
-
-Will generate CA certificate and signed client and server certificates.
-
-More "low-level" usage:
-
-```shell
-make generate-ca-certificate
-make generate-private-key FILE=client
-make sign FILE=client
-```
-
-# Connecting to a server
-
-First generate *client* and *server* certificates. Then start a server with it's cert and make ca.crt a trusted certification authority.
-
-After that you can:
-
-```shell
-./connect.sh client localhost:8600 < file_with_a_data_to_be_sent.dat
-```
diff --git a/development/ssl/gen-certs.sh b/development/ssl/gen-certs.sh
deleted file mode 100755
index bf28ca02..00000000
--- a/development/ssl/gen-certs.sh
+++ /dev/null
@@ -1,78 +0,0 @@
-#!/usr/bin/env bash
-# ============LICENSE_START=======================================================
-# csit-dcaegen2-collectors-hv-ves
-# ================================================================================
-# Copyright (C) 2018-2019 NOKIA
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-set -eu -o pipefail -o xtrace
-
-STORE_PASS=onaponap
-CN_PREFIX=dcaegen2-hvves
-DNAME_PREFIX="C=PL,ST=DL,L=Wroclaw,O=Nokia,OU=MANO,CN=${CN_PREFIX}"
-TRUST=trust
-
-store_opts="-storetype PKCS12 -storepass ${STORE_PASS} -noprompt"
-
-function gen_key() {
- local key_name="$1"
- local ca="$2"
- local keystore="-keystore ${key_name}.p12 ${store_opts}"
- keytool -genkey -alias ${key_name} \
- ${keystore} \
- -keyalg RSA \
- -validity 730 \
- -keysize 2048 \
- -dname "${DNAME_PREFIX}-${key_name}"
- keytool -import -trustcacerts -alias ${ca} -file ${ca}.crt ${keystore}
-
- keytool -certreq -alias ${key_name} -keyalg RSA ${keystore} | \
- keytool -alias ${ca} -gencert -ext "san=dns:${CN_PREFIX}-${ca}" ${store_opts} -keystore ${ca}.p12 | \
- keytool -alias ${key_name} -importcert ${keystore}
-
- printf ${STORE_PASS} > ${key_name}.pass
-}
-
-
-function gen_ca() {
- local ca="$1"
- keytool -genkeypair ${store_opts} -alias ${ca} -dname "${DNAME_PREFIX}-${ca}" -keystore ${ca}.p12
- keytool -export -alias ${ca} -file ${ca}.crt ${store_opts} -keystore ${ca}.p12
-}
-
-function gen_truststore() {
- local trusted_ca="$1"
- keytool -import -trustcacerts -alias ca -file ${trusted_ca}.crt ${store_opts} -keystore ${TRUST}.p12
- printf ${STORE_PASS} > ${TRUST}.pass
-}
-
-function clean() {
- rm -f *.crt *.p12 *.pass
-}
-
-if [[ $# -eq 0 ]]; then
- gen_ca ca
- gen_ca untrustedca
- gen_truststore ca
- gen_key client ca
- gen_key server ca
- gen_key untrustedclient untrustedca
-elif [[ $1 == "clean" ]]; then
- clean
-else
- echo "usage: $0 [clean]"
- exit 1
-fi
-