diff options
author | Jan-Simon Moeller <jsmoeller@linuxfoundation.org> | 2024-07-04 14:44:46 +0000 |
---|---|---|
committer | Jan-Simon Moeller <jsmoeller@linuxfoundation.org> | 2024-07-24 09:14:03 +0000 |
commit | 94a19893064724d89893252735883cdb0415835f (patch) | |
tree | 4bff24f56fd4b235870307e7834d67576038a9e5 /meta-agl-demo-control-panel/recipes-connectivity/kuksa-val | |
parent | ca836399d23e92f20d7ccc02122ab029e695cc6b (diff) |
Move agl-demo-control-panel into own layer and feature during qt6 migration
This creates a temporary sublayer for the demo control panel until
meta-agl-demo itself is migrated to qt6.
Bug-AGL: SPEC-5195
Change-Id: I07f97385600fb695e182b11c528225d5510185d9
Signed-off-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl-demo/+/30067
Diffstat (limited to 'meta-agl-demo-control-panel/recipes-connectivity/kuksa-val')
8 files changed, 258 insertions, 0 deletions
diff --git a/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl.bb b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl.bb new file mode 100644 index 000000000..0264ebbd7 --- /dev/null +++ b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl.bb @@ -0,0 +1,61 @@ +SUMMARY = "AGL certificates for KUKSA.val, the KUKSA Vehicle Abstraction Layer" +HOMEPAGE = "https://github.com/eclipse/kuksa.val" +BUGTRACKER = "https://github.com/eclipse/kuksa.val/issues" + +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" + +SRC_URI = "file://CA.pem \ + file://Client.key \ + file://Client.pem \ + file://Server.key \ + file://Server.pem \ + file://jwt.key.pub \ +" + +inherit allarch useradd + +USERADD_PACKAGES = "${PN}-server" +USERADDEXTENSION = "useradd-staticids" +GROUPADD_PARAM:${PN}-server = "-g 900 kuksa ;" + +do_install() { + # Install replacement CA certificate, server key + certificate, + # and client key + certificate. + # These are AGL specific versions generated using a tweaked + # genCerts.sh script to have different expiry dates than the + # upstream defaults, and use AGL as the organization. + install -d ${D}${sysconfdir}/kuksa-val/ + install -m 0644 ${WORKDIR}/CA.pem ${D}${sysconfdir}/kuksa-val/ + install -m 0640 -g 900 ${WORKDIR}/Server.key ${D}${sysconfdir}/kuksa-val/ + install -m 0640 -g 900 ${WORKDIR}/Server.pem ${D}${sysconfdir}/kuksa-val/ + install -m 0644 -g 900 ${WORKDIR}/jwt.key.pub ${D}${sysconfdir}/kuksa-val/ + install -m 0644 ${WORKDIR}/Client.key ${D}${sysconfdir}/kuksa-val/ + install -m 0644 ${WORKDIR}/Client.pem ${D}${sysconfdir}/kuksa-val/ +} + +PACKAGE_BEFORE_PN += "${PN}-ca ${PN}-server ${PN}-client" + +FILES:${PN}-ca = " \ + ${sysconfdir}/kuksa-val/CA.pem \ +" +RPROVIDES:${PN}-ca += "kuksa-val-certificates-ca" + +FILES:${PN}-server = " \ + ${sysconfdir}/kuksa-val/Server.key \ + ${sysconfdir}/kuksa-val/Server.pem \ + ${sysconfdir}/kuksa-val/jwt.key.pub \ +" +RPROVIDES:${PN}-server += "kuksa-val-certificates-server" +RDEPENDS:${PN}-server += "${PN}-ca" + +FILES:${PN}-client = " \ + ${sysconfdir}/kuksa-val/Client.key \ + ${sysconfdir}/kuksa-val/Client.pem \ +" +RPROVIDES:${PN}-client += "kuksa-val-certificates-client" +RDEPENDS:${PN}-client += "${PN}-ca" + +ALLOW_EMPTY:${PN} = "1" + +RDEPENDS:${PN} += "${PN}-ca ${PN}-server ${PN}-client" diff --git a/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/CA.pem b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/CA.pem new file mode 100644 index 000000000..b3fa17d69 --- /dev/null +++ b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/CA.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID3zCCAscCFDixxnLKOE9pr9sDQynjRqX7u+TlMA0GCSqGSIb3DQEBCwUAMIGr +MQswCQYDVQQGEwJVUzEWMBQGA1UECAwNU2FuIEZyYW5jaXNjbzETMBEGA1UEBwwK +Q2FsaWZvcm5pYTEcMBoGA1UECgwTYXV0b21vdGl2ZWxpbnV4Lm9yZzEVMBMGA1UE +AwwMbG9jYWxob3N0LWNhMTowOAYJKoZIhvcNAQkBFithZ2wtZGV2LWNvbW11bml0 +eUBsaXN0cy5hdXRvbW90aXZlbGludXgub3JnMB4XDTIzMDcyMDIwMzg1NVoXDTMz +MDcxNzIwMzg1NVowgasxCzAJBgNVBAYTAlVTMRYwFAYDVQQIDA1TYW4gRnJhbmNp +c2NvMRMwEQYDVQQHDApDYWxpZm9ybmlhMRwwGgYDVQQKDBNhdXRvbW90aXZlbGlu +dXgub3JnMRUwEwYDVQQDDAxsb2NhbGhvc3QtY2ExOjA4BgkqhkiG9w0BCQEWK2Fn +bC1kZXYtY29tbXVuaXR5QGxpc3RzLmF1dG9tb3RpdmVsaW51eC5vcmcwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDJZvopAg03G1TuyukI2QdVTzHQxnG +iPePMVIBAQ8M5tBWBOZxxkOgwRBTqZ1GJRvgPPediPHb3+/j+k5/+NE8TT2smDfk +4u9+NBNFXGhC9jqoEe0nkxca85RHP1Jx1iIp8SJ1TTtzEu4q/O/9bCnA+05NPLWQ +YbDZr++lR4Bwhpz0ZVD69uZE/7aXPKVoVQPyeiwNgP7sfn5XOx+THpYz2Lwl2ew/ +490Mm5Wrw5pQkq49s5On5tR7cdms3CWnVKe+qpeJo/ShZg8mJesMusZRLZ3slSPp +GMVBbdFPhIv0L4HFzoJcnEzo1j6+h7fhu4v5T2qNkCkBlxehqvsy3DwfAgMBAAEw +DQYJKoZIhvcNAQELBQADggEBALNHiz8a86sZv6Pii/rtrlctD2x1qIobOAjQID55 +/ylAVPc0JuzGEpc8Hcl9jQXBFz2ZBBYTEn0iAB+nn9BnxWYpF/G9LQsz61uzdJJs +0WlR3FyjN8PwCysMwzGEmG2BH43vfg9oltAKxY4rZ3l5c8eL/a9o2vDzNjKNibll +NdLB+8NkZz33pjyru1sG2lw6Y1gxhcOMSU7MuHgW1YI06slBu56e92OQt5atRc6l +rY9faELSJpLhtKYF9spsS/LsITJrKdVkMZRgqrhoWAIB9qyehtBGk+Agk8MvBba8 +nRAF332SyeLeN/ytJTbjOmcYVh9daGADdyRb5d+5ALBuutU= +-----END CERTIFICATE----- diff --git a/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Client.key b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Client.key new file mode 100644 index 000000000..73b67f5c4 --- /dev/null +++ b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Client.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAyISsHMGwy8dvhx+tPQOGtgtb9YDWS0kRMPcOou3QlUjAcXmz +vT2dLIwOnnRYBS9nENDqI4x52yECUBwVNIvoeiZlQqjKhSr2BOpwJIgJgqeKr4he +sU9M9s3ODqR2sdUhv7e54sRYSFv5Hs35Horr3guSRh12FtWh+iLT2PI75jbi3KjP +mK4yZGJmoSQWh+q/vhB5CQtdAcA/08aoZnhyMOGqBMzmhr1PDm7UbzZIcp2Lxs3x +q3PBJq5eMF6N3S8ssETz7WOqX0vnBdgl4DhMYCVgrjppXzmcYYbkm4uluKVf8sR7 +cAbSaoUUft2G4mLXNBE1RJVpYrzHIQW7OphjqQIDAQABAoIBAGfnl+gu1hZCeiBi +4bpEIYIj0Lsez+yjKC1fWE5FPVieIlqq3eCqFNAIo2qojxPgxF+KYkmZeWt7Z19r +rfFUrlrdmos4O/lVkbZqZUII3CS//LWIzMjEdvVNIAGmZ3svHhXidohzheu4/RZh +VT3mbuLYzCtZCOA8Q3sCoRRCMZfQ3jrTEvak4xrgotihL3bEUOIrA8Tyv8AaAhmP +nIKV+0pS/d8xCkpIBmkNxVtNRAGvsQK5i7DsQYFEDKzbFjhXz7jRapfesAQACEgJ +0yLYKSoiHktuyHIPspj37BdTZva6vNkabJVcDKXMIuRd5xnypiygv7vo+onHJ5Rw +T9TzryECgYEA6oe9qYdiXsKygUji9W6rqYGPAl6o56nyAX6QrKnKhCQBmyVYgBB5 +YmehULzjK1Xvno5ophiBkojnCE8y99liEWZWnE9p2pr8O028ZfQficfbjWgkqmL5 +awmUTON40wK7QkpWj81YwbARYAQuC611R4MfzLWlnxxHacvBZc8x2j8CgYEA2t/a +s6dW2XuqfEgfS/oKI/9i1/CXnPFVAueAPCCl/Ee/QAGJMdmSf4yonnbnOycGMdSh +QGYUHb/PT7i04U+92T+rniprXn3QFz6iwF6X6nCkdlw9RxcWAOmg5l0yIoo9bp7J +LmVnbn2Y2TOy8/Djq47gypTH8H0VSVg5BjKgOBcCgYAG3giosSUpPyw46uhyZVYz +dW65lAoAFpLWhl04IRSj/+XoJBTOUy0qu3wWwCEqwK5uhx77VhZdMxMIxEDqzvu3 +JLb+hrjDxOwD1IfiuF5AC5EbN+Ry9Mj24GXuRm7gRuEy1LhqJ4okycIIfLbYcrDP +ckB5HwyFdy+EIoo8L+/2wwKBgQDallPJteaTvuCtzC2NaEK2XritZjdUYuR+yQqV +ghmjEVhcKOyGX37iaWyBDciyl6+lFnCQayHN8CCvwozKtCOrEt5nUH/4V3f5rvFF +Y3MejK6DEm2UUOcFtE2foxWNzze5AVV0Q4t/mmmLCgm/fCUz0baIOvxPHeyjWjth +CDBgswKBgQDj5QlFkdlgJvdJweHUSWm0vssFCgCucWEPgy5iOo4MDxEHq0r1AZWU +K5j1xabtD73K6JmO3ElvSELGAd1MlvRzeZMsSP8goCk3e8a85js2sRPwDxGHa0Dd +Ef7DoyFp6UIDOUAX6R2ylPyZYqM7bowoLdGIwh9jo8fZnvHn/UCw0w== +-----END RSA PRIVATE KEY----- diff --git a/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Client.pem b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Client.pem new file mode 100644 index 000000000..fcd92b6e5 --- /dev/null +++ b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Client.pem @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIEBjCCAu6gAwIBAgIUeUuog3JmZGhkE0nRcATDuclsVvkwDQYJKoZIhvcNAQEL +BQAwgasxCzAJBgNVBAYTAlVTMRYwFAYDVQQIDA1TYW4gRnJhbmNpc2NvMRMwEQYD +VQQHDApDYWxpZm9ybmlhMRwwGgYDVQQKDBNhdXRvbW90aXZlbGludXgub3JnMRUw +EwYDVQQDDAxsb2NhbGhvc3QtY2ExOjA4BgkqhkiG9w0BCQEWK2FnbC1kZXYtY29t +bXVuaXR5QGxpc3RzLmF1dG9tb3RpdmVsaW51eC5vcmcwHhcNMjMwNzIwMjAzODU1 +WhcNMjcwNzE5MjAzODU1WjCBpTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBG +cmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExHDAaBgNVBAoME2F1dG9tb3Rp +dmVsaW51eC5vcmcxDzANBgNVBAMMBkNsaWVudDE6MDgGCSqGSIb3DQEJARYrYWds +LWRldi1jb21tdW5pdHlAbGlzdHMuYXV0b21vdGl2ZWxpbnV4Lm9yZzCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMiErBzBsMvHb4cfrT0DhrYLW/WA1ktJ +ETD3DqLt0JVIwHF5s709nSyMDp50WAUvZxDQ6iOMedshAlAcFTSL6HomZUKoyoUq +9gTqcCSICYKniq+IXrFPTPbNzg6kdrHVIb+3ueLEWEhb+R7N+R6K694LkkYddhbV +ofoi09jyO+Y24tyoz5iuMmRiZqEkFofqv74QeQkLXQHAP9PGqGZ4cjDhqgTM5oa9 +Tw5u1G82SHKdi8bN8atzwSauXjBejd0vLLBE8+1jql9L5wXYJeA4TGAlYK46aV85 +nGGG5JuLpbilX/LEe3AG0mqFFH7dhuJi1zQRNUSVaWK8xyEFuzqYY6kCAwEAAaMm +MCQwIgYDVR0RBBswGYIGQ2xpZW50gglsb2NhbGhvc3SHBH8AAAEwDQYJKoZIhvcN +AQELBQADggEBAGtM7LGk4PhEgrjLXr7tdRn/VSwUv+HLDmtgkMFsAqYolTwtK7eK +1XgNF2j6Yo4ma/efd8Td9wjKkrfkxQRCpM5gjNLhiZsBRO/HW4GiC3GKz0ELijE2 +7JU7xikawSE6Zvvj1t33KJ5uGDowv2tvDbCB76ecGohTb5O7mpe+fxMlt+d4vPku +uTfAaNfl8+oSo7suy3842ANpxteoxfVHZgG0FjdMKjSKxCyxI3buLltlQ7G+39QS +/cwuRTOp0UNPpiHWDKVOXL8qW/ZHpocGFlErstEQjUz+3/WglMlTK07ocRVQjQc6 +mAo4aKRaaHi5Khn+KPrRDnS+Rl8xEzSsBeo= +-----END CERTIFICATE----- diff --git a/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Server.key b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Server.key new file mode 100644 index 000000000..8b9c6ac66 --- /dev/null +++ b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Server.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAzGvmH7adlcMVdfblKg56EkgiSkR45IrRaIMH/AKUcK/4EJdk +Jx3NoHuYuiTTreiovt9b5FjqV8txuJ579e4O9GyDELN1r9stR5y8zEbFQuf8afxK +Bl0JPnhXOxi7nUq92rn0H7jpm0a9WQvmbdRsFVfafNoeC4Dz1PeGMN4tHYtHHCnq +Ye5Sr7yT/eZ8RMUoXB560akRctA/pQWEwYbNps02HJs+jeNsJuXTgXpsirTy2RR5 +TKLmZjQMovxW85zYpSS9fRprwpzqeHhWbJBWWNeP8Y20nkRbAaAktc8IrlmhFMLh +4n0L1B0s0+Xn/9kt98pNSDCJPzH6Ar4LoDPDfwIDAQABAoIBAAyG0CNBXYa/3aDM +8F4TZQeZxAApEf9vQkXVQbf/sHj3T4w0ur5q5R7gdAt0FkSh7TVFGqxzhmi63s0h +aRc471GrFJ0BYkTUeYHZ6PfbnlrrPFyCSUb6jIZ3eWD1swmAewHcQ0luW2JYg2Hh +iM1SJw1nxMvB0fWCgW6bfG2iL8GPmyrVyhyrfebZdEaUUnjvfqLWroIoBZ2B0roa +dZ/VDlXzN8wspyziCqlumiq+R3b9+abBtHLyG13DQAhVYGksbX+5W4s1Yy6nwG0S +yyRh2cK5c2MPrjqHmJr1GqlXItmEnqkjiVlg/qZDEyalWHcKFNGNaURSz7RWNwo2 +cWZv8AECgYEA/h76+2yjvYfDeZRiKRfN9imfT9F6T4VoGgfoZODIe6uLsOQOeiKR +lqjj6bdIP8CDsfcHhb38FblYsgm6GFZiROQafRjVfj2yWiasQszFTOzLDRqR8LNs +nZSUv7zlPziJ28VBs1DF5lZSNbzFXEKxAWdGAINC1POdKZOi2UCUwYECgYEAze7X +7ML1QV+ZipnszLiRvccQ7kMUw51g/hi0Fw//tkCC8FnsbR489GDb8l+V/IR9tNov +7y5cd/NRziGVUhXH67ZnXa2k5yRYxhFWQxpgEEUWUhsfYVqppMj7vMjcxVa85A0R +2hzI/kWWWWcowwuHSmuoU8xRZlNdA2cbefeBBP8CgYEArm8hpRhLxTu+CGS8hKyc +ak7j1mxaYt+WN9gZw7UwqQN2HfRNo7S67wn7eGChLXG+dJi3By0ELv1NTtiybyZM +yjExpZE4azF6jbtiH3BkNouMTfBhITJoajqlaIAHdMAgkUTz9lyJm7TBNbXgW5ZD +3ky/lnaDl52p0fJPpIVaFwECgYEAyhsRYTUJPGqVpxhf9Z9isY0wCZZeR4kqStZ1 +0HiMLxLrLvYh+gmGKxTwZ9P1wIlLUfYcuzGV4Mc1TwdYo+HqfmRa1+52e78JPQKA +1YSKKQ2U1Wn3BzXSbn4tyd6cBTSWV36YOaasgBhNcVqz/5BN6/Tyk6Nfc/x2ucM0 +jSQiRIMCgYADss1PeYdANwbw8n29mXEGkk6qfVh54MU/AoS2v6kk6fqAHNFsb9vJ +m3JkRYSh3kSKwKgD97oGMpbxLr0wVj69s4s8wPjhNo4RZALCB/sj9hra7rsoRzmQ +apSPbfLaWVZEqg3fj0gCamSq8PGjY4fA9RNHOB751M2oszpQb8bdpA== +-----END RSA PRIVATE KEY----- diff --git a/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Server.pem b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Server.pem new file mode 100644 index 000000000..4b181e9a3 --- /dev/null +++ b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/Server.pem @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIEBjCCAu6gAwIBAgIUeUuog3JmZGhkE0nRcATDuclsVvgwDQYJKoZIhvcNAQEL +BQAwgasxCzAJBgNVBAYTAlVTMRYwFAYDVQQIDA1TYW4gRnJhbmNpc2NvMRMwEQYD +VQQHDApDYWxpZm9ybmlhMRwwGgYDVQQKDBNhdXRvbW90aXZlbGludXgub3JnMRUw +EwYDVQQDDAxsb2NhbGhvc3QtY2ExOjA4BgkqhkiG9w0BCQEWK2FnbC1kZXYtY29t +bXVuaXR5QGxpc3RzLmF1dG9tb3RpdmVsaW51eC5vcmcwHhcNMjMwNzIwMjAzODU1 +WhcNMjcwNzE5MjAzODU1WjCBpTELMAkGA1UEBhMCVVMxFjAUBgNVBAgMDVNhbiBG +cmFuY2lzY28xEzARBgNVBAcMCkNhbGlmb3JuaWExHDAaBgNVBAoME2F1dG9tb3Rp +dmVsaW51eC5vcmcxDzANBgNVBAMMBlNlcnZlcjE6MDgGCSqGSIb3DQEJARYrYWds +LWRldi1jb21tdW5pdHlAbGlzdHMuYXV0b21vdGl2ZWxpbnV4Lm9yZzCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMxr5h+2nZXDFXX25SoOehJIIkpEeOSK +0WiDB/wClHCv+BCXZCcdzaB7mLok063oqL7fW+RY6lfLcbiee/XuDvRsgxCzda/b +LUecvMxGxULn/Gn8SgZdCT54VzsYu51Kvdq59B+46ZtGvVkL5m3UbBVX2nzaHguA +89T3hjDeLR2LRxwp6mHuUq+8k/3mfETFKFweetGpEXLQP6UFhMGGzabNNhybPo3j +bCbl04F6bIq08tkUeUyi5mY0DKL8VvOc2KUkvX0aa8Kc6nh4VmyQVljXj/GNtJ5E +WwGgJLXPCK5ZoRTC4eJ9C9QdLNPl5//ZLffKTUgwiT8x+gK+C6Azw38CAwEAAaMm +MCQwIgYDVR0RBBswGYIGU2VydmVygglsb2NhbGhvc3SHBH8AAAEwDQYJKoZIhvcN +AQELBQADggEBAKLnUuIYKU7kX6hw2kWziAzvucZCwkKDnMK1/xqakcgfnFw+z8nu +XSqNsXX0KNBfy0xhZ66Uc9rL37RG+smidxJxy+QmDi3c/Ooqj7DxbZwVXzstnbBp ++iqgfqjadC8Glfci7cfCnl7X4O3oQqo99BJDo7JH3S39fe98mG4mXa1WblKiWnkc +yDtUnf7eFbFeNbVkL94HGzOtghShHokGyt9vZKyGf+szCPPWiIDldLq/CUpPFEnD +AqUhTYBXbHZNZJHAEJ0waJqLxmytt19mAv03aaIMYUpBR0CMvjfDNn5x2Bp86v3A +YW544bNsyHfbvK0ZqwvOaV3sIKG7Bzm2pOA= +-----END CERTIFICATE----- diff --git a/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/genCertsAGL.sh b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/genCertsAGL.sh new file mode 100755 index 000000000..b078fd1b2 --- /dev/null +++ b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/genCertsAGL.sh @@ -0,0 +1,58 @@ +#!/bin/bash + + +genCAKey() { + openssl genrsa -out CA.key 2048 +} + + +genCACert() { + openssl req -key CA.key -new -out CA.csr -subj "/C=US/ST=San Francisco/L=California/O=automotivelinux.org/CN=localhost-ca/emailAddress=agl-dev-community@lists.automotivelinux.org" + openssl x509 -signkey CA.key -in CA.csr -req -days 3650 -out CA.pem +} + +genKey() { + openssl genrsa -out $1.key 2048 +} + +genCert() { + openssl req -new -key $1.key -out $1.csr -passin pass:"temp" -subj "/C=US/ST=San Francisco/L=California/O=automotivelinux.org/CN=$1/emailAddress=agl-dev-community@lists.automotivelinux.org" + openssl x509 -req -in $1.csr -extfile <(printf "subjectAltName=DNS:$1,DNS:localhost,IP:127.0.0.1") -CA CA.pem -CAkey CA.key -CAcreateserial -days 1460 -out $1.pem + openssl verify -CAfile CA.pem $1.pem +} + +set -e +# Check if the CA is available, else make CA certificates +if [ -f "CA.key" ]; then + echo "Existing CA.key will be used" +else + echo "No CA.key found, will generate new key" + genCAKey + rm -f CA.pem + echo "" +fi + +# Check if the CA.pem is available, else generate a new CA.pem +if [ -f "CA.pem" ]; then + echo "CA.pem will not be regenerated" +else + echo "No CA.pem found, will generate new CA.pem" + genCACert + echo "" +fi + + +for i in Server Client; +do + if [ -f $i.key ]; then + echo "Existing $i.key will be used" + else + echo "No $i.key found, will generate new key" + genKey $i + fi + echo "" + echo "Generating $i.pem" + genCert $i + echo "" +done + diff --git a/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/jwt.key.pub b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/jwt.key.pub new file mode 100644 index 000000000..d9f785341 --- /dev/null +++ b/meta-agl-demo-control-panel/recipes-connectivity/kuksa-val/kuksa-certificates-agl/jwt.key.pub @@ -0,0 +1,14 @@ +-----BEGIN PUBLIC KEY----- +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6ScE9EKXEWVyYhzfhfvg ++LC8NseiuEjfrdFx3HKkb31bRw/SeS0Rye0KDP7uzffwreKf6wWYGxVUPYmyKC7j +Pji5MpDBGM9r3pIZSvPUFdpTE5TiRHFBxWbqPSYt954BTLq4rMu/W+oq5Pdfnugb +voYpLf0dclBl1g9KyszkDnItz3TYbWhGMbsUSfyeSPzH0IADzLoifxbc5mgiR73N +CA/4yNSpfLoqWgQ2vdTM1182sMSmxfqSgMzIMUX/tiaXGdkoKITF1sULlLyWfTo9 +79XRZ0hmUwvfzr3OjMZNoClpYSVbKY+vtxHyux9KOOtv9lPMsgYIaPXvisrsneDZ +fCS0afOfjgR96uHIe2UPSGAXru3yGziqEfpRZoxsgXaOe905ordLD5bSX14xkN7N +Cz7rxDLlxPQyxp4Vhog7p/QeUyydBpZjq2bAE5GAJtiu+XGvG8RypzJFKFQwMNsw +g1BoZVD0mb0MtU8KQmHcZIfY0FVer/CR0mUjfl1rHbtoJB+RY03lQvYNAD04ibAG +NI1RhlTziu35Xo6NDEgs9hVs9k3WrtF+ZUxhivWmP2VXhWruRakVkC1NzKGh54e5 +/KlluFbBNpWgvWZqzWo9Jr7/fzHtR0Q0IZwkxh+Vd/bUZya1uLKqP+sTcc+aTHbn +AEiqOjPq0D6X45wCzIwjILUCAwEAAQ== +-----END PUBLIC KEY----- |