[or-cvs] r16313: Add a first version of the keystore creation shellscript. (puppetor/branches/gsoc2008/tools)

sebastian at seul.org sebastian at seul.org
Thu Jul 31 23:34:11 UTC 2008 

Author: sebastian
Date: 2008-07-31 19:34:10 -0400 (Thu, 31 Jul 2008)
New Revision: 16313

Added:
   puppetor/branches/gsoc2008/tools/create_keystores.sh
Log:
Add a first version of the keystore creation shellscript.

Added: puppetor/branches/gsoc2008/tools/create_keystores.sh
===================================================================
--- puppetor/branches/gsoc2008/tools/create_keystores.sh	                        (rev 0)
+++ puppetor/branches/gsoc2008/tools/create_keystores.sh	2008-07-31 23:34:10 UTC (rev 16313)
@@ -0,0 +1,64 @@
+#!/bin/bash
+
+# The number of slaves you want to use
+NUM_SLAVES=3
+
+# How many days do you want the created certificates to be valid?
+DAYS_OF_VALIDITY=1000
+
+# The filename prefix for your keystores
+KEYSTORE_PREFIX=keystore
+
+# The filename prefix for your truststores
+TRUSTSTORE_PREFIX=truststore
+
+# The password you want to use. XXX Having only one password for everything is
+# VERY bad -SH
+PASSWORD=password
+
+#### The following options provide defaults that should be reasonable in most
+#### cases.
+
+# The distinguished name string for the certificate. Escape commas with \
+DNAME="CN=PuppeTor"
+
+# A prefix by which your key will be internally identified
+ALIAS_PREFIX=alias
+
+# Key algorithm to be used
+KEY_ALG=RSA
+
+
+### Don’t change anything below
+
+
+# Set up the master’s keystore  
+keytool -genkey -alias ${ALIAS_PREFIX}_master -keyalg $KEY_ALG -keystore ${KEYSTORE_PREFIX}_master -validity $DAYS_OF_VALIDITY -keypass $PASSWORD -storepass $PASSWORD -dname $DNAME
+
+# Export the master’s key to add it to the slaves’ truststore.
+keytool -export -alias ${ALIAS_PREFIX}_master -keystore ${KEYSTORE_PREFIX}_master -rfc -file tmpMasterCertificateFile.cer -storepass $PASSWORD
+
+# Import the master’s key into the truststore of every slave.
+for ((i=1; $i <= $NUM_SLAVES;i=$i+1)); do
+ keytool -import -alias ${ALIAS_PREFIX}_slave_$i -file tmpMasterCertificateFile.cer -keystore ${TRUSTSTORE_PREFIX}_slave_$i -storepass $PASSWORD -noprompt
+done
+
+# Remove the temporary file that holds the master’s key
+rm tmpMasterCertificateFile.cer
+
+# Set up a keystore for each slave, and import the slaves’ keys into the
+# master’s truststore
+
+for ((i=1; $i <= $NUM_SLAVES;i=$i+1)); do
+  # Set up the slave’s keystore  
+  keytool -genkey -alias ${ALIAS_PREFIX}_slave_$i -keyalg $KEY_ALG -keystore ${KEYSTORE_PREFIX}_slave_$i -validity $DAYS_OF_VALIDITY -keypass $PASSWORD -storepass $PASSWORD -dname $DNAME
+  
+  # Export the slave’s key to add it to the master’s truststore.
+  keytool -export -alias ${ALIAS_PREFIX}_slave_$i -keystore ${KEYSTORE_PREFIX}_slave_$i -rfc -file tmpSlave${i}CertificateFile.cer -storepass $PASSWORD
+  
+  # Import this slave’s key into the truststore of the master.
+  keytool -import -alias ${ALIAS_PREFIX}_slave$i -file tmpSlave${i}CertificateFile.cer -keystore ${TRUSTSTORE_PREFIX}_master -storepass $PASSWORD -noprompt
+
+ rm tmpSlave${i}CertificateFile.cer
+
+done
\ No newline at end of file


Property changes on: puppetor/branches/gsoc2008/tools/create_keystores.sh
___________________________________________________________________
Name: svn:executable
   + *

More information about the tor-commits mailing list