diff options
author | Gary Wu <gary.i.wu@huawei.com> | 2018-09-27 10:29:30 -0700 |
---|---|---|
committer | Gary Wu <gary.i.wu@huawei.com> | 2018-09-27 12:50:28 -0700 |
commit | 2d3d8dcf6ef1bd2a161c69d561c629c5ec3f59c4 (patch) | |
tree | 652fd47a183c291e96c6721f550a5f63464f6e66 /test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl | |
parent | e161173e279a73134dda4c2f429605d6c9ee1fe7 (diff) |
Move CSIT to integration/csit repo
To facilite branching of CSIT tests, all CSIT test
code and scripts are relocated to the integration/csit
repo.
Change-Id: I6777cd414e43dbf2bfa6215f7e50849e1a6a2e59
Issue-ID: INT-671
Signed-off-by: Gary Wu <gary.i.wu@huawei.com>
Diffstat (limited to 'test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl')
4 files changed, 0 insertions, 160 deletions
diff --git a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/.gitignore b/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/.gitignore deleted file mode 100644 index 0729569ce..000000000 --- a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/.gitignore +++ /dev/null @@ -1,6 +0,0 @@ -*.crt -*.key -*.srl -*.csr -*.pkcs12 -*.p12 diff --git a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl b/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl deleted file mode 100644 index a32d30dd0..000000000 --- a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl +++ /dev/null @@ -1,41 +0,0 @@ -FILE=sample -PASSWD=onaponap -CA_PASSWD=onaponap -SUBJ=/C=PL/ST=DL/L=Wroclaw/O=Nokia/OU=MANO -CA=trust - -sign: $(FILE).crt - -clean: - rm -f *.crt *.key *.srl *.csr *.pkcs12 - -generate-ca-certificate: $(CA).crt - -generate-private-key: $(FILE).key - -create-public-key: $(FILE).pub - -create-sign-request: $(FILE).csr - -create-key-store: $(FILE).ks.pkcs12 - -create-trust-store: $(CA).crt - openssl pkcs12 -export -in $(CA).crt -CAfile $(CA).crt -out $(CA).pkcs12 -nokeys -noiter -nomaciter -passout pass:$(PASSWD) - -$(CA).crt: - openssl req -new -x509 -keyout $(CA).key -out $(CA).crt -days 365 -passout pass:$(CA_PASSWD) -subj "$(SUBJ)" - -$(FILE).key: - openssl genpkey -algorithm RSA -out $(FILE).key -pkeyopt rsa_keygen_bits:2048 - -$(FILE).pub: $(FILE).key - openssl x509 -req -days 360 -in client.csr -CA $(CA).crt -CAkey $(CA).key -CAcreateserial -out client.crt - -$(FILE).csr: $(FILE).key - openssl req -new -sha256 -key $(FILE).key -out $(FILE).csr -subj "$(SUBJ)" - -$(FILE).crt: $(CA).crt $(FILE).csr - openssl x509 -req -days 360 -in $(FILE).csr -CA $(CA).crt -CAkey $(CA).key -out $(FILE).crt -CAcreateserial -passin pass:$(CA_PASSWD) - -$(FILE).ks.pkcs12: $(FILE).key $(FILE).crt $(CA).crt - openssl pkcs12 -export -in $(FILE).crt -inkey $(FILE).key -CAfile $(CA).crt -out $(FILE).ks.pkcs12 -noiter -nomaciter -passout pass:$(PASSWD) diff --git a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/README.md b/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/README.md deleted file mode 100644 index c2819d249..000000000 --- a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/README.md +++ /dev/null @@ -1,54 +0,0 @@ -# Generating SSL certificates - -## Java keytool way (recommended) - -To generate: - -```shell -./gen-certs.sh -``` - -To clean (remove generated files): - -```shell -./gen-certs.sh clean -``` - -## OpenSSL way (currently might not work) - -> Add `-f Makefile-openssl` to each command - -Typical usage: - -```shell -make FILE=client -make FILE=server -``` - -or (to generate PKCS12 key and trust stores): - -```shell -make create-key-store FILE=client -make create-key-store FILE=server -make create-trust-store -``` - -Will generate CA certificate and signed client and server certificates. - -More "low-level" usage: - -```shell -make generate-ca-certificate -make generate-private-key FILE=client -make sign FILE=client -``` - -# Connecting to a server - -First generate *client* and *server* certificates. Then start a server with it's cert and make ca.crt a trusted certification authority. - -After that you can: - -```shell -./connect.sh client localhost:8600 < file_with_a_data_to_be_sent.dat -``` diff --git a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh b/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh deleted file mode 100755 index 34572f7a7..000000000 --- a/test/csit/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/usr/bin/env bash - -set -eu -o pipefail -o xtrace - -STORE_PASS=onaponap -CN_PREFIX=dcaegen2-hvves -DNAME_PREFIX="C=PL,ST=DL,L=Wroclaw,O=Nokia,OU=MANO,CN=${CN_PREFIX}" - -store_opts="-storetype PKCS12 -storepass ${STORE_PASS} -noprompt" - -function gen_key() { - local key_name="$1" - local ca="$2" - local keystore="-keystore ${key_name}.p12 ${store_opts}" - keytool -genkey -alias ${key_name} \ - ${keystore} \ - -keyalg RSA \ - -validity 730 \ - -keysize 2048 \ - -dname "${DNAME_PREFIX}-${key_name}" - keytool -import -trustcacerts -alias ${ca} -file ${ca}.crt ${keystore} - - keytool -certreq -alias ${key_name} -keyalg RSA ${keystore} | \ - keytool -alias ${ca} -gencert -ext "san=dns:${CN_PREFIX}-${ca}" ${store_opts} -keystore ${ca}.p12 | \ - keytool -alias ${key_name} -importcert ${keystore} -} - - -function gen_ca() { - local ca="$1" - keytool -genkeypair ${store_opts} -alias ${ca} -dname "${DNAME_PREFIX}-${ca}" -keystore ${ca}.p12 - keytool -export -alias ${ca} -file ${ca}.crt ${store_opts} -keystore ${ca}.p12 -} - -function gen_truststore() { - local name="$1" - local trusted_ca="$2" - keytool -import -trustcacerts -alias ca -file ${trusted_ca}.crt ${store_opts} -keystore ${name}.p12 -} - -function clean() { - rm -f *.crt *.p12 -} - -if [[ $# -eq 0 ]]; then - gen_ca ca - gen_ca untrustedca - gen_truststore trust ca - gen_truststore untrustedtrust untrustedca - gen_key client ca - gen_key server ca - gen_key untrustedclient untrustedca -elif [[ $1 == "clean" ]]; then - clean -else - echo "usage: $0 [clean]" - exit 1 -fi - |