123456789101112131415161718192021222324252627282930313233343536373839404142 |
- #!/usr/bin/env bash
- generate() {
- # read in certificate and alter the last part of the signature
- num_lines=$(wc -l < $cert)
- i=1
- rm -f $pem_out
- touch $pem_out
- while IFS= read -r line
- do
- if [[ $((i+1)) -eq ${num_lines} ]]; then
- # last line before END tag. Alter the sig here
- idx=`expr ${#line} - 4`
- chr=${line:idx:1}
- if [ "$chr" == "x" ] || [ "$chr" == "X" ]; then
- echo "${line:0:${idx}}a${line:$((idx+1)):$((idx+4))}" >> $pem_out
- else
- echo "${line:0:${idx}}x${line:$((idx+1)):$((idx+4))}" >> $pem_out
- fi
- else
- echo "$line" >> $pem_out
- fi
- let i++
- done < "$cert"
- # output to DER format also
- openssl x509 -in $pem_out -out $der_out -outform DER
- }
- # create server RSA certificate with bad signature
- cert="../server-cert.pem"
- pem_out=server-cert-rsa-badsig.pem
- der_out=server-cert-rsa-badsig.der
- generate
- # create server ECC certificate with bad signature
- cert="../server-ecc.pem"
- pem_out=server-cert-ecc-badsig.pem
- der_out=server-cert-ecc-badsig.der
- generate
|