-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathquicer_test_lib.erl
106 lines (94 loc) · 3.23 KB
/
quicer_test_lib.erl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
%%--------------------------------------------------------------------
%% Copyright (c) 2020-2021 EMQ Technologies Co., Ltd. All Rights Reserved.
%%
%% Licensed under the Apache License, Version 2.0 (the "License");
%% you may not use this file except in compliance with the License.
%% You may obtain a copy of the License at
%%
%% http://www.apache.org/licenses/LICENSE-2.0
%%
%% Unless required by applicable law or agreed to in writing, software
%% distributed under the License is distributed on an "AS IS" BASIS,
%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
%% See the License for the specific language governing permissions and
%% limitations under the License.
%%--------------------------------------------------------------------
-module(quicer_test_lib).
-include_lib("kernel/include/file.hrl").
-export([gen_ca/2,
gen_host_cert/3,
receive_all/0
]).
gen_ca(Path, Name) ->
%% Generate ca.pem and ca.key which will be used to generate certs
%% for hosts server and clients
ECKeyFile = filename(Path, "~s-ec.key", [Name]),
os:cmd("openssl ecparam -name secp256r1 > " ++ ECKeyFile),
Cmd = lists:flatten(
io_lib:format("openssl req -new -x509 -nodes "
"-newkey ec:~s "
"-keyout ~s -out ~s -days 3650 "
"-subj \"/C=SE/O=Internet Widgits Pty Ltd CA\"",
[ECKeyFile, ca_key_name(Path, Name),
ca_cert_name(Path, Name)])),
os:cmd(Cmd).
ca_cert_name(Path, Name) ->
filename(Path, "~s.pem", [Name]).
ca_key_name(Path, Name) ->
filename(Path, "~s.key", [Name]).
gen_host_cert(H, CaName, Path) ->
ECKeyFile = filename(Path, "~s-ec.key", [CaName]),
CN = str(H),
HKey = filename(Path, "~s.key", [H]),
HCSR = filename(Path, "~s.csr", [H]),
HPEM = filename(Path, "~s.pem", [H]),
HEXT = filename(Path, "~s.extfile", [H]),
CSR_Cmd =
lists:flatten(
io_lib:format(
"openssl req -new -nodes -newkey ec:~s "
"-keyout ~s -out ~s "
"-addext \"subjectAltName=DNS:~s\" "
"-addext keyUsage=digitalSignature,keyAgreement "
"-subj \"/C=SE/O=Internet Widgits Pty Ltd/CN=~s\"",
[ECKeyFile, HKey, HCSR, CN, CN])),
create_file(HEXT,
"keyUsage=digitalSignature,keyAgreement\n"
"subjectAltName=DNS:~s\n", [CN]),
CERT_Cmd =
lists:flatten(
io_lib:format(
"openssl x509 -req "
"-extfile ~s "
"-in ~s -CA ~s -CAkey ~s -CAcreateserial "
"-out ~s -days 500",
[HEXT, HCSR, ca_cert_name(Path, CaName), ca_key_name(Path, CaName),
HPEM])),
os:cmd(CSR_Cmd),
os:cmd(CERT_Cmd),
file:delete(HEXT).
filename(Path, F, A) ->
filename:join(Path, str(io_lib:format(F, A))).
str(Arg) ->
binary_to_list(iolist_to_binary(Arg)).
create_file(Filename, Fmt, Args) ->
{ok, F} = file:open(Filename, [write]),
try
io:format(F, Fmt, Args)
after
file:close(F)
end,
ok.
receive_all() ->
receive_all([]).
receive_all(Res)->
receive
X ->
receive_all([X|Res])
after 0 ->
lists:reverse(Res)
end.
%%%_* Emacs ====================================================================
%%% Local Variables:
%%% erlang-indent-level: 2
%%% End: