From b28354e41ccabae21278c3ed1f74b0d2b94e5ee7 Mon Sep 17 00:00:00 2001 From: Slawomir Koszewski Date: Sun, 10 May 2026 18:39:34 +0200 Subject: [PATCH] feat: Update tests and further streamline Bash version with Pyton and Go. --- run-tests.sh | 12 ++++++------ simple-ca.sh | 28 +++++++++++++++------------- 2 files changed, 21 insertions(+), 19 deletions(-) diff --git a/run-tests.sh b/run-tests.sh index 7724c90..657b167 100755 --- a/run-tests.sh +++ b/run-tests.sh @@ -73,21 +73,21 @@ run_flow() { echo echo "--- [$NAME] Standalone CA ---" clean_up_test_dir - $MAKE_CA_CMD "$CA_DIR" "Test CA" + $MAKE_CA_CMD --ca-dir "$CA_DIR" "Test CA" display_certificate "$CA_DIR/ca_cert.pem" - $MAKE_CERT_CMD --ca-dir "$CA_DIR" "$CERT_DIR" "test" "test.example.com" "127.0.0.1" + $MAKE_CERT_CMD --ca-dir "$CA_DIR" --cert-dir "$CERT_DIR" "test" "test.example.com" "127.0.0.1" display_certificate "$CERT_DIR/test_cert.pem" echo echo "--- [$NAME] Two-level CA ---" clean_up_test_dir - $MAKE_CA_CMD "$CA_DIR" "Test Two Level CA" + $MAKE_CA_CMD --ca-dir "$CA_DIR" "Test Two Level CA" display_certificate "$CA_DIR/ca_cert.pem" - $MAKE_CA_CMD --issuing-ca "issuing_ca" "$CA_DIR" "Issuing CA" + $MAKE_CA_CMD --ca-dir "$CA_DIR" --issuing-ca "issuing_ca" "Issuing CA" display_certificate "$CA_DIR/issuing_ca_cert.pem" - $MAKE_CERT_CMD --ca-dir "$CA_DIR" --issuing-ca "issuing_ca" "$CERT_DIR" "test" "test.example.com" "127.0.0.1" + $MAKE_CERT_CMD --ca-dir "$CA_DIR" --cert-dir "$CERT_DIR" --issuing-ca "issuing_ca" "test" "test.example.com" "127.0.0.1" display_certificate "$CERT_DIR/test_cert.pem" - $MAKE_PFX_CMD --ca-dir "$CA_DIR" --issuing-ca "issuing_ca" --path "$CERT_DIR/test_cert.pem" --password "s3cr3t" + $MAKE_PFX_CMD --ca-dir "$CA_DIR" --issuing-ca "issuing_ca" --password "s3cr3t" "$CERT_DIR/test_cert.pem" echo -e "\nVerifying contents of generated PKCS#12 (PFX) file ($CERT_DIR/test.pfx):" openssl pkcs12 -in "$CERT_DIR/test.pfx" -noout -info -password pass:"s3cr3t" diff --git a/simple-ca.sh b/simple-ca.sh index fdd63e3..6eb25b0 100755 --- a/simple-ca.sh +++ b/simple-ca.sh @@ -199,7 +199,8 @@ function _is_dns() { function make_cert() { local CA_FILE_PREFIX="ca" # Default to CA if no issuing CA is used local CERT_DAYS=365 # Default validity period for leaf certificates - local CA_DIR="" # The CA directory will default to certificate directory if not specified with --ca-dir + local CA_DIR="" + local CERT_DIR="" while [[ $# -gt 0 ]]; do case "$1" in @@ -211,6 +212,14 @@ function make_cert() { CA_DIR="$2" shift 2 ;; + --cert-dir) + if [[ -z "$2" ]]; then + echo "ERROR: Missing value for --cert-dir." >&2 + return 1 + fi + CERT_DIR="$2" + shift 2 + ;; --issuing-ca) if [[ -z "$2" ]]; then echo "ERROR: Missing value for --issuing-ca." >&2 @@ -235,9 +244,8 @@ function make_cert() { esac done - local CERT_DIR="$1" - local CERT_SUBJECT_NAME="$2" - shift 2 + local CERT_SUBJECT_NAME="$1" + shift 1 CA_DIR="${CA_DIR:-${SIMPLE_CA_DIR:-$(pwd)}}" @@ -334,7 +342,6 @@ function make_cert() { function make_pfx() { local CA_DIR="" local CA_FILE_PREFIX="" - local CERT_PATH="" local PFX_PASSWORD="" while [[ $# -gt 0 ]]; do @@ -359,14 +366,6 @@ function make_pfx() { CA_FILE_PREFIX="$2" shift 2 ;; - --path) - if [[ -z "$2" ]]; then - echo "ERROR: Missing value for certificate path." >&2 - return 1 - fi - CERT_PATH="$2" - shift 2 - ;; --password) if [[ -z "$2" ]]; then echo "ERROR: Missing value for --password." >&2 @@ -379,6 +378,9 @@ function make_pfx() { esac done + local CERT_PATH="$1" + shift 1 + CA_DIR="${CA_DIR:-${SIMPLE_CA_DIR:-$(pwd)}}" local ROOT_CA_CERT="ca_cert.pem" local ROOT_CA_KEY="ca_key.pem"