testssce.bat 2.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104
  1. rem set ssleay=..\out\ssleay
  2. set ssleay=%1
  3. set reqcmd=%ssleay% req
  4. set x509cmd=%ssleay% x509
  5. set verifycmd=%ssleay% verify
  6. set CAkey=\OpenSSL\keyCA.ss
  7. set CAcert=\OpenSSL\certCA.ss
  8. set CAserial=\OpenSSL\certCA.srl
  9. set CAreq=\OpenSSL\reqCA.ss
  10. cecopy ..\test\CAss.cnf CE:\OpenSSL
  11. set CAconf=\OpenSSL\CAss.cnf
  12. set CAreq2=\OpenSSL\req2CA.ss
  13. cecopy ..\test\Uss.cnf CE:\OpenSSL
  14. set Uconf=\OpenSSL\Uss.cnf
  15. set Ukey=\OpenSSL\keyU.ss
  16. set Ureq=\OpenSSL\reqU.ss
  17. set Ucert=\OpenSSL\certU.ss
  18. echo make a certificate request using 'req'
  19. cerun CE:\OpenSSL\%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new
  20. if errorlevel 1 goto e_req
  21. echo convert the certificate request into a self signed certificate using 'x509'
  22. cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% "> \OpenSSL\err.ss"
  23. if errorlevel 1 goto e_x509
  24. echo --
  25. echo convert a certificate into a certificate request using 'x509'
  26. cerun CE:\OpenSSL\%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% "> \OpenSSL\err.ss"
  27. if errorlevel 1 goto e_x509_2
  28. cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq% -noout
  29. if errorlevel 1 goto e_vrfy_1
  30. cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq2% -noout
  31. if errorlevel 1 goto e_vrfy_2
  32. cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %CAcert%
  33. if errorlevel 1 goto e_vrfy_3
  34. echo --
  35. echo make another certificate request using 'req'
  36. cerun CE:\OpenSSL\%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new "> \OpenSSL\err.ss"
  37. if errorlevel 1 goto e_req_gen
  38. echo --
  39. echo sign certificate request with the just created CA via 'x509'
  40. cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%
  41. if errorlevel 1 goto e_x_sign
  42. cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %Ucert%
  43. echo --
  44. echo Certificate details
  45. cerun CE:\OpenSSL\%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%
  46. cecopy CE:%CAcert% .
  47. cecopy CE:%CAkey% .
  48. cecopy CE:%CAserial% .
  49. cecopy CE:%Ucert% .
  50. cecopy CE:%Ukey% .
  51. echo Everything appeared to work
  52. echo --
  53. echo The generated CA certificate is %CAcert%
  54. echo The generated CA private key is %CAkey%
  55. echo The current CA signing serial number is in %CAserial%
  56. echo The generated user certificate is %Ucert%
  57. echo The generated user private key is %Ukey%
  58. echo --
  59. cedel CE:\OpenSSL\err.ss
  60. goto end
  61. :e_req
  62. echo error using 'req' to generate a certificate request
  63. goto end
  64. :e_x509
  65. echo error using 'x509' to self sign a certificate request
  66. goto end
  67. :e_x509_2
  68. echo error using 'x509' convert a certificate to a certificate request
  69. goto end
  70. :e_vrfy_1
  71. echo first generated request is invalid
  72. goto end
  73. :e_vrfy_2
  74. echo second generated request is invalid
  75. goto end
  76. :e_vrfy_3
  77. echo first generated cert is invalid
  78. goto end
  79. :e_req_gen
  80. echo error using 'req' to generate a certificate request
  81. goto end
  82. :e_x_sign
  83. echo error using 'x509' to sign a certificate request
  84. goto end
  85. :end