github/self
1
1
Fork 0
mirror of https://github.com/selfxyz/self.git synced 2026-01-10 15:18:18 -05:00
Code Issues Packages Projects Releases Wiki Activity

chroe: add extensions while generating mock certificates

Browse Source
This commit is contained in:
ayman
2025-03-11 14:17:03 +05:30
parent ac80cb29d2
commit c91bcc832b
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
common/src/scripts/extensions.cnf Normal file
View File

@@ -0,0 +1,2 @@
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer

4
common/src/scripts/generateCertificates.sh
View File

@@ -190,6 +190,7 @@ generate_certificate() {
# For RSAPSS, we need to specify the PSS padding mode during signing
openssl x509 -req -in "$csr_file" \
-CA "$csca_crt" -CAkey "$csca_key" -CAcreateserial \
-extfile src/scripts/extensions.cnf \
-days 3650 -sha${hash#sha} \
-sigopt rsa_padding_mode:pss \
-sigopt rsa_pss_saltlen:"$salt" \
@@ -198,6 +199,7 @@ generate_certificate() {
# For standard RSA or ECDSA
openssl x509 -req -in "$csr_file" \
-CA "$csca_crt" -CAkey "$csca_key" -CAcreateserial \
-extfile src/scripts/extensions.cnf \
-days 3650 -sha${hash#sha} \
-out "$dir_name/$crt_file"
fi
@@ -239,7 +241,7 @@ generate_certificate() {
# ------------------------------------------------------------------------------
# RSA certificates
generate_certificate csca sha1 rsa 65537 4096
generate_certificate dsc sha1 rsa 65537 2048 --signer sha1_rsa_65537_4096
generate_certificate dsc sha1 rsa 65537 2048 --signer sha1_rsa_65537_4096 --force
generate_certificate dsc sha1 rsa 65537 4096 --signer sha1_rsa_65537_4096
generate_certificate csca sha256 rsa 65537 4096
generate_certificate dsc sha256 rsa 65537 2048 --signer sha256_rsa_65537_4096