Return-Path: 
 <test-cvs-return-951-apmail-httpd-test-cvs-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-test-cvs-archive@httpd.apache.org
Received: (qmail 61262 invoked by uid 500); 8 Mar 2002 18:19:55 -0000
Mailing-List: contact test-cvs-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: test-dev@httpd.apache.org
list-help: <mailto:test-cvs-help@httpd.apache.org>
list-unsubscribe: <mailto:test-cvs-unsubscribe@httpd.apache.org>
list-post: <mailto:test-cvs@httpd.apache.org>
Delivered-To: mailing list test-cvs@httpd.apache.org
Received: (qmail 61251 invoked from network); 8 Mar 2002 18:19:55 -0000
Date: 8 Mar 2002 18:19:55 -0000
Message-ID: <20020308181955.10051.qmail@icarus.apache.org>
From: dougm@apache.org
To: httpd-test-cvs@apache.org
Subject: cvs commit: httpd-test/perl-framework/Apache-Test/lib/Apache
 TestSSLCA.pm
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

dougm       02/03/08 10:19:55

  Modified:    perl-framework/Apache-Test/lib/Apache TestSSLCA.pm
  Log:
  generate DSA versions of the server certs/keys
  
  Revision  Changes    Path
  1.10      +22 -2     httpd-test/perl-framework/Apache-Test/lib/Apache/TestSSLCA.pm
  
  Index: TestSSLCA.pm
  ===================================================================
  RCS file: /home/cvs/httpd-test/perl-framework/Apache-Test/lib/Apache/TestSSLCA.pm,v
  retrieving revision 1.9
  retrieving revision 1.10
  diff -u -r1.9 -r1.10
  --- TestSSLCA.pm	3 Mar 2002 01:10:53 -0000	1.9
  +++ TestSSLCA.pm	8 Mar 2002 18:19:55 -0000	1.10
  @@ -75,6 +75,14 @@
       },
   };
   
  +#generate DSA versions of the server certs/keys
  +while (my($key, $val) = each %$cert_dn) {
  +    next unless $key =~ /^server/;
  +    my $name = join '_', $key, 'dsa';
  +    $cert_dn->{$name} = { %$val }; #copy
  +    $cert_dn->{$name}->{OU} =~ s/rsa/dsa/;
  +}
  +
   sub ca_dn {
       $ca_dn = shift if @_;
       $ca_dn;
  @@ -248,7 +256,19 @@
   
       my $encrypt = @_ ? "@_ $passout" : "";
   
  -    openssl genrsa => "-out keys/$name.pem $encrypt 1024";
  +    my $out = "-out keys/$name.pem $encrypt";
  +
  +    if ($name =~ /dsa/) {
  +        #this takes a long time so just do it once
  +        #don't do this in real life
  +        unless (-e 'dsa-param') {
  +            openssl dsaparam => '-inform PEM -out dsa-param 1024';
  +        }
  +        openssl gendsa => "dsa-param $out";
  +    }
  +    else {
  +        openssl genrsa => "$out 1024";
  +    }
   }
   
   sub new_cert {
  @@ -317,7 +337,7 @@
   
       for my $name (@names) {
           my @key_args = ();
  -        if ($name =~ /_des3$/) {
  +        if ($name =~ /_des3/) {
               push @key_args, '-des3';
           }