From d94247cb9f7746f75b176cbed0a32e9e902e7e7d Mon Sep 17 00:00:00 2001
From: Magnus Ahltorp <map@kth.se>
Date: Fri, 20 Jan 2017 00:32:45 +0100
Subject: API keys are now provided in the config file.

Also added CA cert verification for internal TLS connections.
---
 test/scripts/light-system-test-prepare.sh | 29 ++++++++++++++++++-----------
 1 file changed, 18 insertions(+), 11 deletions(-)

(limited to 'test/scripts')

diff --git a/test/scripts/light-system-test-prepare.sh b/test/scripts/light-system-test-prepare.sh
index 6f6dd07..df45d25 100755
--- a/test/scripts/light-system-test-prepare.sh
+++ b/test/scripts/light-system-test-prepare.sh
@@ -38,6 +38,7 @@ createcert () {
 
 createca
 createcert
+cafingerprint=$(openssl x509 -in httpsca/demoCA/cacert.pem -noout -sha256 -fingerprint | sed -e 's/.*=//' -e 's/://g')
 mkdir keys
 (cd keys ; ${top_srcdir}/tools/create-key.sh logkey)
 openssl pkcs8 -topk8 -nocrypt -in keys/logkey-private.pem -out keys/logkey-private.pkcs8
@@ -48,6 +49,23 @@ touch mergedb-secondary/logorder
 printf 0 > mergedb-secondary/verifiedsize
 mkdir known_roots
 cp ${top_srcdir}/tools/testcerts/roots/* known_roots
+mkdir privatekeys
+mkdir publickeys
+echo "apikeys:" > api-keys.cfg
+for node in ${NODES}; do \
+    (cd privatekeys ; ${top_srcdir}/tools/create-key.sh ${node})
+    apipk=$(grep -v '^-----' privatekeys/${node}.pem | tr '\n' ' ')
+    mkdir -p nodes/${node}/log
+    echo "        - nodename: ${node}" >> api-keys.cfg
+    echo "          publickey: ${apipk}" >> api-keys.cfg
+done
+
+logpk=$(grep -v '^-----' keys/logkey.pem | tr '\n' ' ')
+echo "logpublickey: ${logpk}" >> api-keys.cfg
+echo "cafingerprint: ${cafingerprint}" >> api-keys.cfg
+
+
+cat ${top_srcdir}/test/catlfish-test.cfg.in api-keys.cfg > ${top_srcdir}/test/catlfish-test.cfg
 for machine in ${MACHINES}; do \
     ${top_srcdir}/tools/compileconfig.py --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-${machine}.cfg
     mkdir -p machine/machine-${machine}/db
@@ -55,16 +73,5 @@ for machine in ${MACHINES}; do \
 done
 ${top_srcdir}/tools/compileconfig.py --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-merge-2.cfg
 ${top_srcdir}/tools/compileconfig.py --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-signing.cfg
-mkdir privatekeys
-mkdir publickeys
-for node in ${NODES}; do \
-    (cd privatekeys ; ${top_srcdir}/tools/create-key.sh ${node}) ; \
-    mv privatekeys/${node}.pem publickeys/ ; \
-    mkdir -p nodes/${node}/log
-done
-(cd privatekeys ; ${top_srcdir}/tools/create-key.sh merge-1)
-mv privatekeys/merge-1.pem publickeys/
-(cd privatekeys ; ${top_srcdir}/tools/create-key.sh merge-2)
-mv privatekeys/merge-2.pem publickeys/
 test -x ${SOFTHSM} && ${SOFTHSM} --init-token --slot=0 --label=mylabel --so-pin=ffff --pin=ffff || true
 test -x ${SOFTHSM} && ${SOFTHSM} --import keys/logkey-private.pkcs8 --slot 0 --label mylabel --pin ffff --id 00 || true
-- 
cgit v1.1