#!/bin/sh


export OPENSSL_CONF="./CAtsa.cnf"

cd `dirname $0`

error () {

    echo "TSA test failed!" >&2
    exit 1
}


create_ca () {

    echo "Creating a new CA for the TSA tests..."
    TSDNSECT=ts_ca_dn
    export TSDNSECT   
    openssl req -new -x509 -nodes \
        -out tsaca.pem -keyout tsacakey.pem
    test $? != 0 && error
}

create_tsa_cert () {

    INDEX=$1
    export INDEX
    EXT=$2
    TSDNSECT=ts_cert_dn
    export TSDNSECT   

    openssl req -new \
        -out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem
    test $? != 0 && error
echo Using extension $EXT
    openssl x509 -req \
        -in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \
        -CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \
        -extfile $OPENSSL_CONF -extensions $EXT
    test $? != 0 && error
}

echo "Creating CA for TSA tests..."
create_ca

echo "Creating tsa_cert1.pem TSA server cert..."
create_tsa_cert 1 tsa_cert

echo "Creating tsa_cert2.pem non-TSA server cert..."
create_tsa_cert 2 non_tsa_cert