1#!/usr/bin/env python
2#
3# Copyright (c) ZeroC, Inc. All rights reserved.
4#
5
6import os, sys, socket, getopt
7
8try:
9    import IceCertUtils
10except Exception as ex:
11    print("couldn't load IceCertUtils, did you install the `zeroc-icecertutils'\n"
12          "package from the Python package repository?\nerror: " + str(ex))
13    sys.exit(1)
14
15def usage():
16    print("Usage: " + sys.argv[0] + " [options]")
17    print("")
18    print("Options:")
19    print("-h               Show this message.")
20    print("-d | --debug     Debugging output.")
21    print("--ip <ip>        The IP address for the server certificate.")
22    print("--dns <dns>      The DNS name for the server certificate.")
23    print("--use-dns        Use the DNS name for the server certificate common")
24    print("                 name (default is to use the IP address)." )
25    sys.exit(1)
26
27#
28# Check arguments
29#
30debug = False
31ip = None
32dns = None
33usedns = False
34impl = ""
35try:
36    opts, args = getopt.getopt(sys.argv[1:], "hd", ["help", "debug", "ip=", "dns=","use-dns","impl="])
37except getopt.GetoptError as e:
38    print("Error %s " % e)
39    usage()
40    sys.exit(1)
41
42for (o, a) in opts:
43    if o == "-h" or o == "--help":
44        usage()
45        sys.exit(0)
46    elif o == "-d" or o == "--debug":
47        debug = True
48    elif o == "--ip":
49        ip = a
50    elif o == "--dns":
51        dns = a
52    elif o == "--use-dns":
53        usedns = True
54    elif o == "--impl":
55        impl = a
56
57def request(question, newvalue, value):
58    while True:
59        sys.stdout.write(question)
60        sys.stdout.flush()
61        input = sys.stdin.readline().strip()
62        if input == 'n':
63            sys.stdout.write(newvalue)
64            sys.stdout.flush()
65            return sys.stdin.readline().strip()
66        else:
67            return value
68
69#
70# Change to the directory where the certs files are stored
71#
72os.chdir(os.path.dirname(os.path.abspath(__file__)))
73
74if not ip:
75    try:
76        ip = socket.gethostbyname(socket.gethostname())
77    except:
78        ip = "127.0.0.1"
79    ip = request("The IP address used for the server certificate will be: " + ip + "\n"
80                 "Do you want to keep this IP address? (y/n) [y]", "IP : ", ip)
81
82if not dns:
83    dns = "localhost"
84    dns = request("The DNS name used for the server certificate will be: " + dns + "\n"
85                  "Do you want to keep this DNS name? (y/n) [y]", "DNS : ", dns)
86
87CertificateFactory = vars(IceCertUtils)[impl + "CertificateFactory"]
88factory = CertificateFactory(debug=debug, cn="Ice Tests CA")
89
90#
91# CA certificate
92#
93factory.getCA().save("cacert.pem").save("cacert.der")
94
95#
96# Client certificate
97#
98client = factory.create("client")
99client.save("client.p12")
100
101#
102# Server certificate
103#
104# NOTE: server.pem is used by scripts/TestController.py
105#
106server = factory.create("server", cn = (dns if usedns else ip), ip=ip, dns=dns)
107server.save("server.p12").save("server.pem")
108
109try:
110    server.save("server.jks", caalias="cacert")
111    client.save("client.jks", caalias="cacert")
112
113    # Don't try to generate the BKS if the JKS generation fails
114    try:
115        server.save("server.bks", caalias="cacert")
116        client.save("client.bks", caalias="cacert")
117    except Exception as ex:
118        for f in ["server.bks", "client.bks"]:
119            if os.path.exists(f): os.remove(f)
120        print("warning: couldn't generate BKS certificates for Android applications:\n" + str(ex))
121        print("Please fix this issue if you want to run the Android tests.")
122
123except Exception as ex:
124    for f in ["server.jks", "client.jks"]:
125        if os.path.exists(f): os.remove(f)
126    print("warning: couldn't generate JKS certificates for Java applications:\n" + str(ex))
127    print("Please fix this issue if you want to run the Java tests.")
128
129factory.destroy()
130