-
Notifications
You must be signed in to change notification settings - Fork 26
/
Copy pathfakekey
executable file
·42 lines (28 loc) · 1.16 KB
/
fakekey
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#!/usr/bin/env bash
# Requires:
# * der2ascii/ascii2der tools by David Benjamin:
# https://github.com/google/der-ascii
# * OpenSSL
set -eu -o pipefail
type der2ascii &>/dev/null || echo "Need der2ascii/ascii2der tools from https://github.com/google/der-ascii"
if [[ ${#} -ne 1 ]] && [[ ${#} -ne 2 ]]; then
echo "Usage:"
echo " fakekey [certificate] [output]"
echo ""
echo "If [output] isn't given we'll write to fake.key."
exit 1
fi
TMP="$(mktemp -d)"
[[ "${#}" -eq 2 ]] && out="${2}" || out="fake.key"
openssl x509 -noout -pubkey -in "${1}" | openssl pkey -outform der -pubin >"${TMP}/cert.der"
openssl genrsa 2048 | openssl pkey -outform der -out "${TMP}/newkey.der"
der2ascii -i "${TMP}/cert.der" -o "${TMP}/cert.ascii"
der2ascii -i "${TMP}/newkey.der" -o "${TMP}/newkey.ascii"
head -n 2 "${TMP}/newkey.ascii" >"${TMP}/fake.ascii"
grep INTEGER "${TMP}/cert.ascii" >>"${TMP}/fake.ascii"
tail -n +5 "${TMP}/newkey.ascii" >>"${TMP}/fake.ascii"
ascii2der -i "${TMP}/fake.ascii" -o "${TMP}/fake.der"
openssl pkey -inform der -in "${TMP}/fake.der" -out "${out}"
echo "checking ${out} (errors are to be expected!)"
openssl rsa -in "${out}" -check -noout
rm -rf "${TMP}"