Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
tlshelpers/fakekey
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
executable file
42 lines (28 sloc)
1.18 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Requires: | |
| # * der2ascii/ascii2der tools by David Benjamin: | |
| # https://github.com/google/der-ascii | |
| # * OpenSSL | |
| set -eu -o pipefail | |
| type der2ascii &>/dev/null || echo "Need der2ascii/ascii2der tools from https://github.com/google/der-ascii" | |
| if [[ ${#} -ne 1 ]] && [[ ${#} -ne 2 ]]; then | |
| echo "Usage:" | |
| echo " fakekey [certificate] [output]" | |
| echo "" | |
| echo "If [output] isn't given we'll write to fake.key." | |
| exit 1 | |
| fi | |
| TMP="$(mktemp -d)" | |
| [[ "${#}" -eq 2 ]] && out="${2}" || out="fake.key" | |
| openssl x509 -noout -pubkey -in "${1}" | openssl pkey -outform der -pubin > "${TMP}/cert.der" | |
| openssl genrsa 2048 | openssl pkey -outform der -out "${TMP}/newkey.der" | |
| der2ascii -i "${TMP}/cert.der" -o "${TMP}/cert.ascii" | |
| der2ascii -i "${TMP}/newkey.der" -o "${TMP}/newkey.ascii" | |
| head -n 2 "${TMP}/newkey.ascii" > "${TMP}/fake.ascii" | |
| grep INTEGER "${TMP}/cert.ascii" >> "${TMP}/fake.ascii" | |
| tail -n +5 "${TMP}/newkey.ascii" >> "${TMP}/fake.ascii" | |
| ascii2der -i "${TMP}/fake.ascii" -o "${TMP}/fake.der" | |
| openssl pkey -inform der -in "${TMP}/fake.der" -out "${out}" | |
| echo "checking ${out} (errors are to be expected!)" | |
| openssl rsa -in "${out}" -check -noout | |
| rm -rf "${TMP}" |