mirror of
https://github.com/nodemcu/nodemcu-firmware.git
synced 2025-01-16 20:52:57 +08:00
501bd1fb9a
Squashed commit of the following: commit 4439b8c45192f6dee1222df78bbb59f74509e0ee Author: philip <philip@gladstonefamily.net> Date: Sun Mar 6 20:23:21 2016 -0500 Fix the ignore commit a07ee5acdf91286607c3e2dce128c9b8bfd7bd80 Author: philip <philip@gladstonefamily.net> Date: Sun Mar 6 20:20:41 2016 -0500 Remove uneeded stuff commit b3604ace92fc13b30161d385c354b0f1c5fe4046 Author: philip <philip@gladstonefamily.net> Date: Sun Mar 6 20:15:26 2016 -0500 Remove client cert auth commit 6e48c633569630736a986cd07a59a12de954391e Author: philip <philip@gladstonefamily.net> Date: Sun Mar 6 20:11:42 2016 -0500 More cleanup commit d40eade405ef071d0d1b60d038566b5b8f2cafa3 Author: philip <philip@gladstonefamily.net> Date: Sat Mar 5 10:56:56 2016 -0500 Move to almost working version commit 1860a2d90afa94461c53bd41251d4870d6527f9d Author: philip <philip@gladstonefamily.net> Date: Fri Mar 4 08:04:09 2016 -0500 Changed the naem to server-ca.crt commit e7a315660843273fe62943b7fe8ee6c0541dada2 Author: philip <philip@gladstonefamily.net> Date: Thu Mar 3 21:16:26 2016 -0500 Update gitignores commit 2b037d185c396209b64381399c40821c15e1840e Author: philip <philip@gladstonefamily.net> Date: Thu Mar 3 08:56:17 2016 -0500 Getting better commit 763255cffba8e279158cd7f43391a3573efdeca8 Author: philip <philip@gladstonefamily.net> Date: Wed Mar 2 22:28:21 2016 -0500 Works a bit better commit a38325d1a47dbad255cb3e681da8415e8cf699ea Author: philip <philip@gladstonefamily.net> Date: Wed Mar 2 09:11:04 2016 -0500 First building version commit 4aef13da33470ed954f2eaf5f7ac0ac3dcdf3774 Merge: 180e147 ebb0c33 Author: philip <philip@gladstonefamily.net> Date: Tue Mar 1 22:03:06 2016 -0500 Merge remote-tracking branch 'upstream/dev' into ssl-client commit 180e147c1abdcf4046ad9be9b3c1a48f4a875312 Author: philip <philip@gladstonefamily.net> Date: Sun Feb 28 21:34:21 2016 -0500 Missing files from espressif Try to imporve layout Align the file names with the contents Missing file Review comments More review coments
93 lines
3.2 KiB
Bash
93 lines
3.2 KiB
Bash
# * Redistributions in binary form must reproduce the above copyright
|
|
# notice, this list of conditions and the following disclaimer in the
|
|
# documentation and/or other materials provided with the distribution.
|
|
# * Neither the name of the axTLS project nor the names of its
|
|
# contributors may be used to endorse or promote products derived
|
|
# from this software without specific prior written permission.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
|
# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
|
|
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
|
|
# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
|
|
# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
|
# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
#
|
|
|
|
#
|
|
# Generate the certificates and keys for testing.
|
|
#
|
|
|
|
PROJECT_NAME="Nodemcu Project"
|
|
|
|
# Generate the openssl configuration files.
|
|
cat > ca_cert.conf << EOF
|
|
[ req ]
|
|
distinguished_name = req_distinguished_name
|
|
prompt = no
|
|
|
|
[ req_distinguished_name ]
|
|
O = $PROJECT_NAME Dodgy Certificate Authority
|
|
EOF
|
|
|
|
cat > certs.conf << EOF
|
|
[ req ]
|
|
distinguished_name = req_distinguished_name
|
|
prompt = no
|
|
|
|
[ req_distinguished_name ]
|
|
O = $PROJECT_NAME
|
|
CN = Nodemcu Client cert
|
|
EOF
|
|
|
|
cat > device_cert.conf << EOF
|
|
[ req ]
|
|
distinguished_name = req_distinguished_name
|
|
prompt = no
|
|
|
|
[ req_distinguished_name ]
|
|
O = $PROJECT_NAME Device Certificate
|
|
EOF
|
|
|
|
# private key generation
|
|
openssl genrsa -out TLS.ca_key.pem 2048
|
|
openssl genrsa -out TLS.key_2048.pem 2048
|
|
|
|
# convert private keys into DER format
|
|
openssl rsa -in TLS.key_2048.pem -out TLS.key_2048 -outform DER
|
|
|
|
# cert requests
|
|
openssl req -out TLS.ca_x509.req -sha256 -key TLS.ca_key.pem -new \
|
|
-config ./ca_cert.conf
|
|
openssl req -out TLS.x509_2048.req -sha256 -key TLS.key_2048.pem -new \
|
|
-config ./certs.conf
|
|
|
|
# generate the actual certs.
|
|
openssl x509 -req -in TLS.ca_x509.req -sha256 -out TLS.ca_x509.pem \
|
|
-sha1 -days 5000 -signkey TLS.ca_key.pem
|
|
openssl x509 -req -in TLS.x509_2048.req -sha256 -out TLS.x509_2048.pem \
|
|
-sha1 -CAcreateserial -days 5000 \
|
|
-CA TLS.ca_x509.pem -CAkey TLS.ca_key.pem
|
|
|
|
# some cleanup
|
|
rm TLS*.req
|
|
rm *.conf
|
|
|
|
openssl x509 -in TLS.ca_x509.pem -outform DER -out TLS.ca_x509.cer
|
|
openssl x509 -in TLS.x509_2048.pem -outform DER -out TLS.x509_2048.cer
|
|
|
|
#
|
|
# Generate the certificates and keys for encrypt.
|
|
#
|
|
|
|
# set default cert for use in the client
|
|
xxd -i TLS.x509_2048.cer | sed -e \
|
|
"s/TLS_x509_2048_cer/default_certificate/" > cert.h
|
|
# set default key for use in the server
|
|
xxd -i TLS.key_2048 | sed -e \
|
|
"s/TLS_key_2048/default_private_key/" > private_key.h
|