testss.com 3.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123
  1. $! TESTSS.COM
  2. $
  3. $ __arch = "VAX"
  4. $ if f$getsyi("cpu") .ge. 128 then -
  5. __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
  6. $ if __arch .eqs. "" then __arch = "UNK"
  7. $!
  8. $ if (p1 .eqs. "64") then __arch = __arch+ "_64"
  9. $!
  10. $ exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
  11. $
  12. $ digest="-md5"
  13. $ reqcmd = "mcr ''exe_dir'openssl req"
  14. $ x509cmd = "mcr ''exe_dir'openssl x509 ''digest'"
  15. $ verifycmd = "mcr ''exe_dir'openssl verify"
  16. $ dummycnf = "sys$disk:[-.apps]openssl-vms.cnf"
  17. $
  18. $ CAkey="""keyCA.ss"""
  19. $ CAcert="""certCA.ss"""
  20. $ CAreq="""reqCA.ss"""
  21. $ CAconf="""CAss.cnf"""
  22. $ CAreq2="""req2CA.ss""" ! temp
  23. $
  24. $ Uconf="""Uss.cnf"""
  25. $ Ukey="""keyU.ss"""
  26. $ Ureq="""reqU.ss"""
  27. $ Ucert="""certU.ss"""
  28. $
  29. $ write sys$output ""
  30. $ write sys$output "make a certificate request using 'req'"
  31. $
  32. $ set noon
  33. $ define/user sys$output nla0:
  34. $ mcr 'exe_dir'openssl no-rsa
  35. $ save_severity=$SEVERITY
  36. $ set on
  37. $ if save_severity
  38. $ then
  39. $ req_new="-newkey dsa:[-.apps]dsa512.pem"
  40. $ else
  41. $ req_new="-new"
  42. $ endif
  43. $
  44. $ 'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss
  45. $ if $severity .ne. 1
  46. $ then
  47. $ write sys$output "error using 'req' to generate a certificate request"
  48. $ exit 3
  49. $ endif
  50. $ write sys$output ""
  51. $ write sys$output "convert the certificate request into a self signed certificate using 'x509'"
  52. $ define /user sys$output err.ss
  53. $ 'x509cmd' "-CAcreateserial" -in 'CAreq' -days 30 -req -out 'CAcert' -signkey 'CAkey'
  54. $ if $severity .ne. 1
  55. $ then
  56. $ write sys$output "error using 'x509' to self sign a certificate request"
  57. $ exit 3
  58. $ endif
  59. $
  60. $ write sys$output ""
  61. $ write sys$output "convert a certificate into a certificate request using 'x509'"
  62. $ define /user sys$output err.ss
  63. $ 'x509cmd' -in 'CAcert' -x509toreq -signkey 'CAkey' -out 'CAreq2'
  64. $ if $severity .ne. 1
  65. $ then
  66. $ write sys$output "error using 'x509' convert a certificate to a certificate request"
  67. $ exit 3
  68. $ endif
  69. $
  70. $ 'reqcmd' -config 'dummycnf' -verify -in 'CAreq' -noout
  71. $ if $severity .ne. 1
  72. $ then
  73. $ write sys$output "first generated request is invalid"
  74. $ exit 3
  75. $ endif
  76. $
  77. $ 'reqcmd' -config 'dummycnf' -verify -in 'CAreq2' -noout
  78. $ if $severity .ne. 1
  79. $ then
  80. $ write sys$output "second generated request is invalid"
  81. $ exit 3
  82. $ endif
  83. $
  84. $ 'verifycmd' "-CAfile" 'CAcert' 'CAcert'
  85. $ if $severity .ne. 1
  86. $ then
  87. $ write sys$output "first generated cert is invalid"
  88. $ exit 3
  89. $ endif
  90. $
  91. $ write sys$output ""
  92. $ write sys$output "make another certificate request using 'req'"
  93. $ define /user sys$output err.ss
  94. $ 'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new'
  95. $ if $severity .ne. 1
  96. $ then
  97. $ write sys$output "error using 'req' to generate a certificate request"
  98. $ exit 3
  99. $ endif
  100. $
  101. $ write sys$output ""
  102. $ write sys$output "sign certificate request with the just created CA via 'x509'"
  103. $ define /user sys$output err.ss
  104. $ 'x509cmd' "-CAcreateserial" -in 'Ureq' -days 30 -req -out 'Ucert' "-CA" 'CAcert' "-CAkey" 'CAkey'
  105. $ if $severity .ne. 1
  106. $ then
  107. $ write sys$output "error using 'x509' to sign a certificate request"
  108. $ exit 3
  109. $ endif
  110. $
  111. $ 'verifycmd' "-CAfile" 'CAcert' 'Ucert'
  112. $ write sys$output ""
  113. $ write sys$output "Certificate details"
  114. $ 'x509cmd' -subject -issuer -startdate -enddate -noout -in 'Ucert'
  115. $
  116. $ write sys$output ""
  117. $ write sys$output "The generated CA certificate is ",CAcert
  118. $ write sys$output "The generated CA private key is ",CAkey
  119. $
  120. $ write sys$output "The generated user certificate is ",Ucert
  121. $ write sys$output "The generated user private key is ",Ukey
  122. $
  123. $ if f$search("err.ss;*") .nes. "" then delete err.ss;*