#!/bin/bash # # Copyright (C) 2010 The Android Open Source Project # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # # Android testssl.sh driver script for openssl's testssl # # based on openssl's test/testss script and test/Makefile's test_ssl target # set -e trap "echo Exiting on unexpected error." ERR device=/sdcard/android.testssl digest='-sha1' reqcmd="adb shell /system/bin/openssl req" x509cmd="adb shell /system/bin/openssl x509 $digest" CAkey="$device/keyCA.ss" CAcert="$device/certCA.ss" CAreq="$device/reqCA.ss" CAconf="$device/CAss.cnf" Uconf="$device/Uss.cnf" Ureq="$device/reqU.ss" Ukey="$device/keyU.ss" Ucert="$device/certU.ss" echo echo "setting up" adb remount adb shell rm -r $device adb shell mkdir $device echo echo "pushing test files to device" adb push . $device echo echo "make a certificate request using 'req'" adb shell "echo \"string to make the random number generator think it has entropy\" >> $device/.rnd" req_new='-new' $reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new echo echo "convert the certificate request into a self signed certificate using 'x509'" $x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca echo echo "make a user certificate request using 'req'" $reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new echo echo "sign user certificate request with the just created CA via 'x509'" $x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee echo echo "running testssl" ./testssl $Ukey $Ucert $CAcert echo echo "cleaning up" adb shell rm -r $device