/[gentoo-x86]/eclass/ssl-cert.eclass
Gentoo

Diff of /eclass/ssl-cert.eclass

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.23 Revision 1.24
1# Copyright 1999-2014 Gentoo Foundation 1# Copyright 1999-2014 Gentoo Foundation
2# Distributed under the terms of the GNU General Public License v2 2# Distributed under the terms of the GNU General Public License v2
3# $Header: /var/cvsroot/gentoo-x86/eclass/ssl-cert.eclass,v 1.23 2014/03/20 19:32:09 vapier Exp $ 3# $Header: /var/cvsroot/gentoo-x86/eclass/ssl-cert.eclass,v 1.24 2014/03/20 19:33:13 vapier Exp $
4 4
5# @ECLASS: ssl-cert.eclass 5# @ECLASS: ssl-cert.eclass
6# @MAINTAINER: 6# @MAINTAINER:
7# @AUTHOR: 7# @AUTHOR:
8# Max Kalika <max@gentoo.org> 8# Max Kalika <max@gentoo.org>
102# @DESCRIPTION: 102# @DESCRIPTION:
103# Generates an RSA key 103# Generates an RSA key
104# 104#
105# Access: private 105# Access: private
106gen_key() { 106gen_key() {
107 local base=`get_base $1` 107 local base=$(get_base "$1")
108 ebegin "Generating ${SSL_BITS} bit RSA key${1:+ for CA}" 108 ebegin "Generating ${SSL_BITS} bit RSA key${1:+ for CA}"
109 openssl genrsa -rand "${SSL_RANDOM}" \ 109 openssl genrsa -rand "${SSL_RANDOM}" \
110 -out "${base}.key" "${SSL_BITS}" &> /dev/null 110 -out "${base}.key" "${SSL_BITS}" &> /dev/null
111 eend $? 111 eend $?
112 112
119# Generates a certificate signing request using 119# Generates a certificate signing request using
120# the key made by gen_key() 120# the key made by gen_key()
121# 121#
122# Access: private 122# Access: private
123gen_csr() { 123gen_csr() {
124 local base=`get_base $1` 124 local base=$(get_base "$1")
125 ebegin "Generating Certificate Signing Request${1:+ for CA}" 125 ebegin "Generating Certificate Signing Request${1:+ for CA}"
126 openssl req -config "${SSL_CONF}" -new \ 126 openssl req -config "${SSL_CONF}" -new \
127 -key "${base}.key" -out "${base}.csr" &>/dev/null 127 -key "${base}.key" -out "${base}.csr" &>/dev/null
128 eend $? 128 eend $?
129 129
138# a signed server certificate using the CA cert previously 138# a signed server certificate using the CA cert previously
139# created by gen_crt() 139# created by gen_crt()
140# 140#
141# Access: private 141# Access: private
142gen_crt() { 142gen_crt() {
143 local base=`get_base $1` 143 local base=$(get_base "$1")
144 if [ "${1}" ] ; then 144 if [ "${1}" ] ; then
145 ebegin "Generating self-signed X.509 Certificate for CA" 145 ebegin "Generating self-signed X.509 Certificate for CA"
146 openssl x509 -extfile "${SSL_CONF}" \ 146 openssl x509 -extfile "${SSL_CONF}" \
147 -days ${SSL_DAYS} -req -signkey "${base}.key" \ 147 -days ${SSL_DAYS} -req -signkey "${base}.key" \
148 -in "${base}.csr" -out "${base}.crt" &>/dev/null 148 -in "${base}.csr" -out "${base}.crt" &>/dev/null
149 else 149 else
150 local ca=`get_base 1` 150 local ca=$(get_base 1)
151 ebegin "Generating authority-signed X.509 Certificate" 151 ebegin "Generating authority-signed X.509 Certificate"
152 openssl x509 -extfile "${SSL_CONF}" \ 152 openssl x509 -extfile "${SSL_CONF}" \
153 -days ${SSL_DAYS} -req -CAserial "${SSL_SERIAL}" \ 153 -days ${SSL_DAYS} -req -CAserial "${SSL_SERIAL}" \
154 -CAkey "${ca}.key" -CA "${ca}.crt" \ 154 -CAkey "${ca}.key" -CA "${ca}.crt" \
155 -in "${base}.csr" -out "${base}.crt" &>/dev/null 155 -in "${base}.csr" -out "${base}.crt" &>/dev/null
165# Generates a PEM file by concatinating the key 165# Generates a PEM file by concatinating the key
166# and cert file created by gen_key() and gen_cert() 166# and cert file created by gen_key() and gen_cert()
167# 167#
168# Access: private 168# Access: private
169gen_pem() { 169gen_pem() {
170 local base=`get_base $1` 170 local base=$(get_base "$1")
171 ebegin "Generating PEM Certificate" 171 ebegin "Generating PEM Certificate"
172 (cat "${base}.key"; echo; cat "${base}.crt") > "${base}.pem" 172 (cat "${base}.key"; echo; cat "${base}.crt") > "${base}.pem"
173 eend $? 173 eend $?
174 174
175 return $? 175 return $?

Legend:
Removed from v.1.23  
changed lines
  Added in v.1.24

  ViewVC Help
Powered by ViewVC 1.1.20