aboutsummaryrefslogtreecommitdiffstats
path: root/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl
diff options
context:
space:
mode:
authorGary Wu <gary.i.wu@huawei.com>2018-09-27 10:29:30 -0700
committerGary Wu <gary.i.wu@huawei.com>2018-09-27 12:50:28 -0700
commit2d3d8dcf6ef1bd2a161c69d561c629c5ec3f59c4 (patch)
tree652fd47a183c291e96c6721f550a5f63464f6e66 /test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl
parente161173e279a73134dda4c2f429605d6c9ee1fe7 (diff)
Move CSIT to integration/csit repo
To facilite branching of CSIT tests, all CSIT test code and scripts are relocated to the integration/csit repo. Change-Id: I6777cd414e43dbf2bfa6215f7e50849e1a6a2e59 Issue-ID: INT-671 Signed-off-by: Gary Wu <gary.i.wu@huawei.com>
Diffstat (limited to 'test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl')
-rw-r--r--test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/.gitignore6
-rw-r--r--test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl41
-rw-r--r--test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/README.md54
-rwxr-xr-xtest/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh59
4 files changed, 0 insertions, 160 deletions
diff --git a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/.gitignore b/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/.gitignore
deleted file mode 100644
index 0729569ce..000000000
--- a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/.gitignore
+++ /dev/null
@@ -1,6 +0,0 @@
-*.crt
-*.key
-*.srl
-*.csr
-*.pkcs12
-*.p12
diff --git a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl b/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl
deleted file mode 100644
index a32d30dd0..000000000
--- a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl
+++ /dev/null
@@ -1,41 +0,0 @@
-FILE=sample
-PASSWD=onaponap
-CA_PASSWD=onaponap
-SUBJ=/C=PL/ST=DL/L=Wroclaw/O=Nokia/OU=MANO
-CA=trust
-
-sign: $(FILE).crt
-
-clean:
- rm -f *.crt *.key *.srl *.csr *.pkcs12
-
-generate-ca-certificate: $(CA).crt
-
-generate-private-key: $(FILE).key
-
-create-public-key: $(FILE).pub
-
-create-sign-request: $(FILE).csr
-
-create-key-store: $(FILE).ks.pkcs12
-
-create-trust-store: $(CA).crt
- openssl pkcs12 -export -in $(CA).crt -CAfile $(CA).crt -out $(CA).pkcs12 -nokeys -noiter -nomaciter -passout pass:$(PASSWD)
-
-$(CA).crt:
- openssl req -new -x509 -keyout $(CA).key -out $(CA).crt -days 365 -passout pass:$(CA_PASSWD) -subj "$(SUBJ)"
-
-$(FILE).key:
- openssl genpkey -algorithm RSA -out $(FILE).key -pkeyopt rsa_keygen_bits:2048
-
-$(FILE).pub: $(FILE).key
- openssl x509 -req -days 360 -in client.csr -CA $(CA).crt -CAkey $(CA).key -CAcreateserial -out client.crt
-
-$(FILE).csr: $(FILE).key
- openssl req -new -sha256 -key $(FILE).key -out $(FILE).csr -subj "$(SUBJ)"
-
-$(FILE).crt: $(CA).crt $(FILE).csr
- openssl x509 -req -days 360 -in $(FILE).csr -CA $(CA).crt -CAkey $(CA).key -out $(FILE).crt -CAcreateserial -passin pass:$(CA_PASSWD)
-
-$(FILE).ks.pkcs12: $(FILE).key $(FILE).crt $(CA).crt
- openssl pkcs12 -export -in $(FILE).crt -inkey $(FILE).key -CAfile $(CA).crt -out $(FILE).ks.pkcs12 -noiter -nomaciter -passout pass:$(PASSWD)
diff --git a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/README.md b/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/README.md
deleted file mode 100644
index c2819d249..000000000
--- a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/README.md
+++ /dev/null
@@ -1,54 +0,0 @@
-# Generating SSL certificates
-
-## Java keytool way (recommended)
-
-To generate:
-
-```shell
-./gen-certs.sh
-```
-
-To clean (remove generated files):
-
-```shell
-./gen-certs.sh clean
-```
-
-## OpenSSL way (currently might not work)
-
-> Add `-f Makefile-openssl` to each command
-
-Typical usage:
-
-```shell
-make FILE=client
-make FILE=server
-```
-
-or (to generate PKCS12 key and trust stores):
-
-```shell
-make create-key-store FILE=client
-make create-key-store FILE=server
-make create-trust-store
-```
-
-Will generate CA certificate and signed client and server certificates.
-
-More "low-level" usage:
-
-```shell
-make generate-ca-certificate
-make generate-private-key FILE=client
-make sign FILE=client
-```
-
-# Connecting to a server
-
-First generate *client* and *server* certificates. Then start a server with it's cert and make ca.crt a trusted certification authority.
-
-After that you can:
-
-```shell
-./connect.sh client localhost:8600 < file_with_a_data_to_be_sent.dat
-```
diff --git a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh b/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh
deleted file mode 100755
index 34572f7a7..000000000
--- a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh
+++ /dev/null
@@ -1,59 +0,0 @@
-#!/usr/bin/env bash
-
-set -eu -o pipefail -o xtrace
-
-STORE_PASS=onaponap
-CN_PREFIX=dcaegen2-hvves
-DNAME_PREFIX="C=PL,ST=DL,L=Wroclaw,O=Nokia,OU=MANO,CN=${CN_PREFIX}"
-
-store_opts="-storetype PKCS12 -storepass ${STORE_PASS} -noprompt"
-
-function gen_key() {
- local key_name="$1"
- local ca="$2"
- local keystore="-keystore ${key_name}.p12 ${store_opts}"
- keytool -genkey -alias ${key_name} \
- ${keystore} \
- -keyalg RSA \
- -validity 730 \
- -keysize 2048 \
- -dname "${DNAME_PREFIX}-${key_name}"
- keytool -import -trustcacerts -alias ${ca} -file ${ca}.crt ${keystore}
-
- keytool -certreq -alias ${key_name} -keyalg RSA ${keystore} | \
- keytool -alias ${ca} -gencert -ext "san=dns:${CN_PREFIX}-${ca}" ${store_opts} -keystore ${ca}.p12 | \
- keytool -alias ${key_name} -importcert ${keystore}
-}
-
-
-function gen_ca() {
- local ca="$1"
- keytool -genkeypair ${store_opts} -alias ${ca} -dname "${DNAME_PREFIX}-${ca}" -keystore ${ca}.p12
- keytool -export -alias ${ca} -file ${ca}.crt ${store_opts} -keystore ${ca}.p12
-}
-
-function gen_truststore() {
- local name="$1"
- local trusted_ca="$2"
- keytool -import -trustcacerts -alias ca -file ${trusted_ca}.crt ${store_opts} -keystore ${name}.p12
-}
-
-function clean() {
- rm -f *.crt *.p12
-}
-
-if [[ $# -eq 0 ]]; then
- gen_ca ca
- gen_ca untrustedca
- gen_truststore trust ca
- gen_truststore untrustedtrust untrustedca
- gen_key client ca
- gen_key server ca
- gen_key untrustedclient untrustedca
-elif [[ $1 == "clean" ]]; then
- clean
-else
- echo "usage: $0 [clean]"
- exit 1
-fi
-