generate_SignedCA.sh 1.3 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344
  1. #!/bin/bash
  2. # example usage
  3. # ./generate_SignedCA.sh rsa_private.pem rsa_public.pem ../../../../../../../wolfssl/certs/ca-cert.der ../../../../../../../wolfssl
  4. # ./generate_SignedCA.sh rsa_private.pem rsa_public.pem ../../../../../../../wolfssl/certs/ca-ecc-cert.der ../../../../../../../wolfssl
  5. #
  6. SIGOPT=rsa_padding_mode:pss
  7. SIGOPT2=rsa_pss_saltlen:-1
  8. CURRENT=$(cd $(dirname $0);pwd)
  9. function usage() {
  10. cat <<- _EOT_
  11. Usage:
  12. $0 private-key public-key file-name wolfssl-dir
  13. Options:
  14. private-key : private key for sign/verify
  15. public-key : public key for verify
  16. file-name : file name to be signed
  17. wolfssl-dir : wolfssl folder path
  18. _EOT_
  19. exit 1
  20. }
  21. if [ $# -ne 4 ]; then
  22. usage
  23. fi
  24. # $1 private key for sign/verify
  25. # $2 public key for verify
  26. # $3 file for sign/verify
  27. signed_file=$(basename $3)
  28. wolf_dir=$4
  29. openssl dgst -sha256 -sign $1 -sigopt $SIGOPT -sigopt $SIGOPT2 -out ${CURRENT}/${signed_file}.sign $3
  30. echo Verify by private key
  31. openssl dgst -sha256 -prverify $1 -sigopt $SIGOPT -sigopt $SIGOPT2 -signature ${CURRENT}/${signed_file}.sign $3
  32. echo Verify by public key
  33. openssl dgst -sha256 -verify $2 -sigopt $SIGOPT -sigopt $SIGOPT2 -signature ${CURRENT}/${signed_file}.sign $3
  34. # Convert Signed CA to c source
  35. ${wolf_dir}/scripts/dertoc.pl ${CURRENT}/${signed_file}.sign XXXXXXX ${signed_file}.c