#!/bin/bash
#
# Copyright (C) 2010 The Android Open Source Project
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
#
# Android testssl.sh driver script for openssl's testssl
#
# based on openssl's test/testss script and test/Makefile's test_ssl target
#
set -e
trap "echo Exiting on unexpected error." ERR
device=/sdcard/android.testssl
digest='-sha1'
reqcmd="adb shell /system/bin/openssl req"
x509cmd="adb shell /system/bin/openssl x509 $digest"
CAkey="$device/keyCA.ss"
CAcert="$device/certCA.ss"
CAreq="$device/reqCA.ss"
CAconf="$device/CAss.cnf"
Uconf="$device/Uss.cnf"
Ureq="$device/reqU.ss"
Ukey="$device/keyU.ss"
Ucert="$device/certU.ss"
echo
echo "setting up"
adb remount
adb shell rm -r $device
adb shell mkdir $device
echo
echo "pushing test files to device"
adb push . $device
echo
echo "make a certificate request using 'req'"
adb shell "echo \"string to make the random number generator think it has entropy\" >> $device/.rnd"
req_new='-new'
$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new
echo
echo "convert the certificate request into a self signed certificate using 'x509'"
$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca
echo
echo "make a user certificate request using 'req'"
$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new
echo
echo "sign user certificate request with the just created CA via 'x509'"
$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee
echo
echo "running testssl"
./testssl $Ukey $Ucert $CAcert
echo
echo "cleaning up"
adb shell rm -r $device