testss.com 3.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118
  1. $! TESTSS.COM
  2. $
  3. $ __arch := VAX
  4. $ if f$getsyi("cpu") .ge. 128 then __arch := AXP
  5. $ exe_dir := sys$disk:[-.'__arch'.exe.apps]
  6. $
  7. $ digest="-md5"
  8. $ reqcmd := mcr 'exe_dir'openssl req
  9. $ x509cmd := mcr 'exe_dir'openssl x509 'digest'
  10. $ verifycmd := mcr 'exe_dir'openssl verify
  11. $ dummycnf := sys$disk:[-.apps]openssl-vms.cnf
  12. $
  13. $ CAkey="""keyCA.ss"""
  14. $ CAcert="""certCA.ss"""
  15. $ CAreq="""reqCA.ss"""
  16. $ CAconf="""CAss.cnf"""
  17. $ CAreq2="""req2CA.ss""" ! temp
  18. $
  19. $ Uconf="""Uss.cnf"""
  20. $ Ukey="""keyU.ss"""
  21. $ Ureq="""reqU.ss"""
  22. $ Ucert="""certU.ss"""
  23. $
  24. $ write sys$output ""
  25. $ write sys$output "make a certificate request using 'req'"
  26. $
  27. $ set noon
  28. $ define/user sys$output nla0:
  29. $ mcr 'exe_dir'openssl no-rsa
  30. $ save_severity=$SEVERITY
  31. $ set on
  32. $ if save_severity
  33. $ then
  34. $ req_new="-newkey dsa:[-.apps]dsa512.pem"
  35. $ else
  36. $ req_new="-new"
  37. $ endif
  38. $
  39. $ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss
  40. $ if $severity .ne. 1
  41. $ then
  42. $ write sys$output "error using 'req' to generate a certificate request"
  43. $ exit 3
  44. $ endif
  45. $ write sys$output ""
  46. $ write sys$output "convert the certificate request into a self signed certificate using 'x509'"
  47. $ define /user sys$output err.ss
  48. $ 'x509cmd' "-CAcreateserial" -in 'CAreq' -days 30 -req -out 'CAcert' -signkey 'CAkey'
  49. $ if $severity .ne. 1
  50. $ then
  51. $ write sys$output "error using 'x509' to self sign a certificate request"
  52. $ exit 3
  53. $ endif
  54. $
  55. $ write sys$output ""
  56. $ write sys$output "convert a certificate into a certificate request using 'x509'"
  57. $ define /user sys$output err.ss
  58. $ 'x509cmd' -in 'CAcert' -x509toreq -signkey 'CAkey' -out 'CAreq2'
  59. $ if $severity .ne. 1
  60. $ then
  61. $ write sys$output "error using 'x509' convert a certificate to a certificate request"
  62. $ exit 3
  63. $ endif
  64. $
  65. $ 'reqcmd' -config 'dummycnf' -verify -in 'CAreq' -noout
  66. $ if $severity .ne. 1
  67. $ then
  68. $ write sys$output "first generated request is invalid"
  69. $ exit 3
  70. $ endif
  71. $
  72. $ 'reqcmd' -config 'dummycnf' -verify -in 'CAreq2' -noout
  73. $ if $severity .ne. 1
  74. $ then
  75. $ write sys$output "second generated request is invalid"
  76. $ exit 3
  77. $ endif
  78. $
  79. $ 'verifycmd' "-CAfile" 'CAcert' 'CAcert'
  80. $ if $severity .ne. 1
  81. $ then
  82. $ write sys$output "first generated cert is invalid"
  83. $ exit 3
  84. $ endif
  85. $
  86. $ write sys$output ""
  87. $ write sys$output "make another certificate request using 'req'"
  88. $ define /user sys$output err.ss
  89. $ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new'
  90. $ if $severity .ne. 1
  91. $ then
  92. $ write sys$output "error using 'req' to generate a certificate request"
  93. $ exit 3
  94. $ endif
  95. $
  96. $ write sys$output ""
  97. $ write sys$output "sign certificate request with the just created CA via 'x509'"
  98. $ define /user sys$output err.ss
  99. $ 'x509cmd' "-CAcreateserial" -in 'Ureq' -days 30 -req -out 'Ucert' "-CA" 'CAcert' "-CAkey" 'CAkey'
  100. $ if $severity .ne. 1
  101. $ then
  102. $ write sys$output "error using 'x509' to sign a certificate request"
  103. $ exit 3
  104. $ endif
  105. $
  106. $ 'verifycmd' "-CAfile" 'CAcert' 'Ucert'
  107. $ write sys$output ""
  108. $ write sys$output "Certificate details"
  109. $ 'x509cmd' -subject -issuer -startdate -enddate -noout -in 'Ucert'
  110. $
  111. $ write sys$output ""
  112. $ write sys$output "The generated CA certificate is ",CAcert
  113. $ write sys$output "The generated CA private key is ",CAkey
  114. $
  115. $ write sys$output "The generated user certificate is ",Ucert
  116. $ write sys$output "The generated user private key is ",Ukey
  117. $
  118. $ if f$search("err.ss;*") .nes. "" then delete err.ss;*