unbound/dnscrypt/testdata/gencert.sh
2017-08-29 08:48:19 +00:00

39 lines
1022 B
Bash
Executable File

#!/bin/bash
CERT_EXPIRE_DAYS="$(( 365 * 15 ))"
DIR="$(dirname "$0")"
if [[ "$PWD" != *tdir ]]
then
echo "You should run this script with a .tdir directory"
exit 1
fi
for i in 1 2
do
# Ephemeral key
rm -f "${i}.key"
dnscrypt-wrapper --gen-crypt-keypair \
--crypt-secretkey-file="${i}.key" \
--provider-publickey-file="${DIR}/keys${i}/public.key" \
--provider-secretkey-file="${DIR}/keys${i}/secret.key"
# Cert file
for cipher in salsa chacha
do
rm -f "${i}_${cipher}.cert"
extraarg=""
if [ "${cipher}" == "chacha" ]
then
extraarg="-x"
fi
dnscrypt-wrapper ${extraarg} --gen-cert-file \
--provider-cert-file="${i}_${cipher}.cert" \
--crypt-secretkey-file="${i}.key" \
--provider-publickey-file="${DIR}/keys${i}/public.key" \
--provider-secretkey-file="${DIR}/keys${i}/secret.key" \
--cert-file-expire-days="${CERT_EXPIRE_DAYS}"
done
done