OpenCores
URL https://opencores.org/ocsvn/openrisc/openrisc/trunk

Subversion Repositories openrisc

[/] [openrisc/] [trunk/] [gnu-dev/] [or1k-gcc/] [libjava/] [contrib/] [generate-cacerts.pl.in] - Blame information for rev 867

Go to most recent revision | Details | Compare with Previous | View Log

Line No. Rev Author Line
1 754 jeremybenn
#!/usr/bin/perl
2
 
3
# Copyright (C) 2007, 2009 Free Software Foundation
4
#
5
# This program is free software; you can redistribute it and/or modify
6
# it under the terms of the GNU General Public License as published by
7
# the Free Software Foundation; either version 2 of the License, or
8
# (at your option) any later version.
9
#
10
# This program is distributed in the hope that it will be useful,
11
# but WITHOUT ANY WARRANTY; without even the implied warranty of
12
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13
# GNU General Public License for more details.
14
 
15
# generate-cacerts.pl generates a gkeytool keystore named 'cacerts'
16
# from OpenSSL's certificate bundle.
17
 
18
# First extract each of OpenSSL's bundled certificates into its own
19
# aliased filename.
20
chomp($file=@ARGV[0]);
21
$file = "/etc/pki/tls/cert.pem" unless $file ne "";
22
open(CERTS, $file);
23
@certs = ;
24
close(CERTS);
25
 
26
$pem_file_number = 0;
27
$writing_cert = 0;
28
foreach $cert (@certs)
29
{
30
         if ($cert eq "-----BEGIN CERTIFICATE-----\n")
31
         {
32
                  if ($writing_cert != 0)
33
                  {
34
                                die "$file is malformed.";
35
                  }
36
                  $pem_file_number++;
37
                  # Numbering each file guarantees that cert aliases will be
38
                  # unique.
39
                  $pem_file_name = "$pem_file_number$cert_alias.pem";
40
                  $writing_cert = 1;
41
                  open(PEM, ">$pem_file_name");
42
                  print PEM $cert;
43
         }
44
         elsif ($cert eq "-----END CERTIFICATE-----\n")
45
         {
46
                  $writing_cert = 0;
47
                  print PEM $cert;
48
                  close(PEM);
49
         }
50
         elsif ($cert =~ /Issuer: /)
51
         {
52
                  # Generate an alias using the OU and CN attributes of the
53
                  # Issuer field if both are present, otherwise use only the CN
54
                  # attribute.  The Issuer field must have either the OU or the
55
                  # CN attribute.
56
                  $_ = $cert;
57
                  if ($cert =~ /OU=/)
58
                  {
59
                                s/Issuer:.*?OU=//;
60
                                # Remove other occurrences of OU=.
61
                                s/OU=.*CN=//;
62
                                # Remove CN= if there were not other occurrences of OU=.
63
                                s/CN=//;
64
                  }
65
                  elsif ($cert =~ /CN=/)
66
                  {
67
                                s/Issuer:.*CN=//;
68
                  }
69
                  s/\W//g;
70
                  tr/A-Z/a-z/;
71
                  $cert_alias = $_
72
         }
73
         else
74
         {
75
                  if ($writing_cert == 1)
76
                  {
77
                                print PEM $cert;
78
                  }
79
         }
80
}
81
 
82
# Check that the correct number of .pem files were produced.
83
@pem_files = <*.pem>;
84
if (@pem_files != $pem_file_number)
85
{
86
         die "Number of .pem files produced does not match".
87
                  " number of certs read from $file.";
88
}
89
 
90
# Now store each cert in the 'cacerts' file using gkeytool.
91
$certs_written_count = 0;
92
foreach $pem_file (@pem_files)
93
{
94
         system "yes | gkeytool@gcc_suffix@ -import -alias `basename $pem_file .pem`".
95
                  " -keystore cacerts -storepass '' -file $pem_file".
96
                  " 2>&1 >/dev/null";
97
         unlink($pem_file);
98
         $certs_written_count++;
99
}
100
 
101
# Check that the correct number of certs were added to the keystore.
102
if ($certs_written_count != $pem_file_number)
103
{
104
         die "Number of certs added to keystore does not match".
105
                  " number of certs read from $file.";
106
}

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.