summaryrefslogtreecommitdiff
path: root/xmlsecurity/qa/create-certs/create-certs.sh
AgeCommit message (Collapse)Author
2024-11-06cool#9992 lok doc sign, create-certs.sh password-less mode: still create a .p12Miklos Vajna
I have a case where LOK convert-to with ODT->PDF and SignCertificateCaPem/SignCertificateCertPem/SignCertificateKeyPem set creates a corrupted PDF signature, while more or less the same on the desktop works. The PDF signature is a hex dump, and once converted to binary, one can analyze the content using 'openssl asn1parse -inform der -in ... -i'. Still, the LOK and the desktop case differs, because this script generates random certificates and then the binary output in the two cases differs, so hard to see the actual difference. Fix the problem by still generating .p12 output (needed for the desktop case) in the no-password case, so a single run can emit ca/cert/key PEM files and a .p12 archive, so exactly the same input can be used for desktop and LOK signing. It turns out the actual problem I looked at was some setup problem, because now that the same input can be used in the two cases, the LOK signing during PDF export works fine. Change-Id: Ifc5ff73cd6fbbc057af536c84e4367ce1d489931 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/176081 Reviewed-by: Miklos Vajna <vmiklos@collabora.com> Tested-by: Jenkins
2024-09-19cool#9992 lok doc sign: add password-less mode to create-certs.shMiklos Vajna
Now one can use './create-certs.sh RSA NOPASS' to create signing certs without encrypting them with a password. This is meant to be useful for the case when these certs have to be imported using the LOK API, and not interactively in Firefox, where one could ask for a password. Change-Id: I4cfc49ac8ff8c2420baa943b553a7a180a71e3bc Reviewed-on: https://gerrit.libreoffice.org/c/core/+/173651 Reviewed-by: Miklos Vajna <vmiklos@collabora.com> Tested-by: Jenkins
2021-08-20Make some scripts more portableIlmari Lauhakangas
Change-Id: Ia89059eea51ca396a7c74143625ac9a6706de198 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/120773 Tested-by: Jenkins Reviewed-by: Ilmari Lauhakangas <ilmari.lauhakangas@libreoffice.org>
2018-06-20xmlsec: update to 1.2.26Miklos Vajna
Allows dropping the xmlsec1-ecdsa-assert.patch.1 backport. Also fix the generated test certs + generator script to avoid expired certs for a while (.db files generated with Firefox 57.0). Change-Id: I8cba9a01633a3952c845e15e23b18d44544cdb59 Reviewed-on: https://gerrit.libreoffice.org/56123 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2018-06-01xmlsecurity: add ecdsa option to certificate generator scriptMiklos Vajna
Change-Id: I8bb48c46aaea9ef4ce4bc4ab58ea8b88fe0e48a2 Reviewed-on: https://gerrit.libreoffice.org/55159 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2016-03-11xmlsecurity: add missing CSP switch to certificate generator scriptMiklos Vajna
Without this the generated .p12 test file can't be used for SHA2 signing on Windows, as xmlsec.git's README points out. Change-Id: Ib97a337eca3b92dde5e0ccadee7420c492a8971c
2016-01-05xmlsecurity: add script to create test certificatesMiklos Vajna
Change-Id: I9280cec602e15e3ae478911360ff7ce68d460474
generated by cgit (git 2.34.1) at 2025-02-14 20:14:51 +0000