(List (= scope= flags=0 words=[] bindings=[('key_types', {[DQ [LIT_CHARS "768-rsa 1024-rsa 2048-rsa prime256v1-ecdsa"]]})]) (FunctionDef try [] (List (Com {[LIT_CHARS echo]} {[DQ [VarSub @]]}) (AndOr OP_OR_IF (Com {[DQ [VarSub @]]}) (Com {[LIT_CHARS exit]} {[LIT_CHARS 1]}) ) ) ) (FunctionDef generate_key_command [] (Case to_match={[DQ [VarSub 1]]}, pat_word_list=[[{[LIT_CHARS dsa]}], [{[LIT_CHARS ecdsa]}], [{[LIT_CHARS rsa]}], [{[LIT_OTHER "*"]}]] (Com {[LIT_CHARS echo]} {[DQ [LIT_CHARS "dsaparam -genkey"]]}) (Com {[LIT_CHARS echo]} {[DQ [LIT_CHARS "ecparam -genkey"]]}) (Com {[LIT_CHARS echo]} {[LIT_CHARS genrsa]}) (Com {[LIT_CHARS exit]} {[LIT_CHARS 1]}) ) ) (Com {[LIT_CHARS try]} {[LIT_CHARS rm]} {[LIT_CHARS -rf]} {[LIT_CHARS out]}) (Com {[LIT_CHARS try]} {[LIT_CHARS mkdir]} {[LIT_CHARS out]}) (Com {[LIT_CHARS try]} {[LIT_CHARS /bin/sh]} {[LIT_CHARS -c]} {[DQ [LIT_CHARS "echo 01 > out/2048-rsa-root-serial"]]}) (For key_type [{[VarSub key_types]}]) (Com {[LIT_CHARS try]} {[LIT_CHARS /bin/sh]} {[LIT_CHARS -c]} {[DQ [LIT_CHARS "echo 01 > out/"][VarSub key_type][LIT_CHARS -intermediate-serial]]}) ) (Com {[LIT_CHARS try]} {[LIT_CHARS openssl]} {[LIT_CHARS genrsa]} {[LIT_CHARS -out]} {[LIT_CHARS out/2048-rsa-root.key]} {[LIT_CHARS 2048]}) (Com {[LIT_CHARS try]} {[LIT_CHARS openssl]} {[LIT_CHARS req]} {[LIT_CHARS -new]} {[LIT_CHARS -key]} {[LIT_CHARS out/2048-rsa-root.key]} {[LIT_CHARS -extensions]} {[LIT_CHARS ca_cert]} {[LIT_CHARS -out]} {[LIT_CHARS out/2048-rsa-root.csr]} {[LIT_CHARS -config]} {[LIT_CHARS ca.cnf]} more_env=[('CA_COMMON_NAME', {[DQ [LIT_CHARS "2048 RSA Test Root CA"]]}), ('CA_DIR', {[LIT_CHARS out]}), ('CA_NAME', {[LIT_CHARS req_env_dn]}), ('KEY_SIZE', {[LIT_CHARS 2048]}), ('ALGO', {[LIT_CHARS rsa]}), ('CERT_TYPE', {[LIT_CHARS root]})] ) (Com {[LIT_CHARS try]} {[LIT_CHARS openssl]} {[LIT_CHARS x509]} {[LIT_CHARS -req]} {[LIT_CHARS -days]} {[LIT_CHARS 3650]} {[LIT_CHARS -in]} {[LIT_CHARS out/2048-rsa-root.csr]} {[LIT_CHARS -extensions]} {[LIT_CHARS ca_cert]} {[LIT_CHARS -extfile]} {[LIT_CHARS ca.cnf]} {[LIT_CHARS -signkey]} {[LIT_CHARS out/2048-rsa-root.key]} {[LIT_CHARS -out]} {[LIT_CHARS out/2048-rsa-root.pem]} {[LIT_CHARS -text]} more_env=[('CA_COMMON_NAME', {[DQ [LIT_CHARS "2048 RSA Test Root CA"]]}), ('CA_DIR', {[LIT_CHARS out]}), ('CA_NAME', {[LIT_CHARS req_env_dn]})] ) (For key_type [{[VarSub key_types]}]) (List (= scope= flags=0 words=[] bindings=[('key_size', {[ComSub (Pipeline (Com {[LIT_CHARS echo]} {[DQ [VarSub key_type]]}) (Com {[LIT_CHARS sed]} {[LIT_CHARS -E]} {[SQ ]}) )]})]) (= scope= flags=0 words=[] bindings=[('algo', {[ComSub (Pipeline (Com {[LIT_CHARS echo]} {[DQ [VarSub key_type]]}) (Com {[LIT_CHARS sed]} {[LIT_CHARS -E]} {[SQ ]}) )]})]) (If (Com {[LIT_OTHER "["]} {[LIT_CHARS ecdsa]} {[LIT_OTHER "="]} {[VarSub algo]} {[LIT_OTHER "]"]}) (= scope= flags=0 words=[] bindings=[('key_size', {[DQ [LIT_CHARS "-name "][VarSub key_size]]})]) ) (Com {[LIT_CHARS try]} {[LIT_CHARS openssl]} {[ComSub (Com {[LIT_CHARS generate_key_command]} {[VarSub algo]})]} {[LIT_CHARS -out]} {[LIT_CHARS out/] [VarSub key_type] [LIT_CHARS -intermediate.key]} {[VarSub key_size]}) ) ) (For key_type [{[VarSub key_types]}]) (List (= scope= flags=0 words=[] bindings=[('key_size', {[ComSub (Pipeline (Com {[LIT_CHARS echo]} {[DQ [VarSub key_type]]}) (Com {[LIT_CHARS sed]} {[LIT_CHARS -E]} {[SQ ]}) )]})]) (= scope= flags=0 words=[] bindings=[('algo', {[ComSub (Pipeline (Com {[LIT_CHARS echo]} {[DQ [VarSub key_type]]}) (Com {[LIT_CHARS sed]} {[LIT_CHARS -E]} {[SQ ]}) )]})]) (If (Com {[LIT_OTHER "["]} {[LIT_CHARS ecdsa]} {[LIT_OTHER "="]} {[VarSub algo]} {[LIT_OTHER "]"]}) (= scope= flags=0 words=[] bindings=[('key_size', {[DQ [LIT_CHARS "-name "][VarSub key_size]]})]) ) (For signer_key_type [{[VarSub key_types]}]) (Com {[LIT_CHARS try]} {[LIT_CHARS openssl]} {[ComSub (Com {[LIT_CHARS generate_key_command]} {[VarSub algo]})]} {[LIT_CHARS -out]} {[LIT_CHARS out/] [VarSub key_type] [LIT_CHARS -ee-by-] [VarSub signer_key_type] [LIT_CHARS -intermediate.key]} {[VarSub key_size]}) ) ) ) (For key_type [{[VarSub key_types]}]) (List (= scope= flags=0 words=[] bindings=[('key_size', {[ComSub (Pipeline (Com {[LIT_CHARS echo]} {[DQ [VarSub key_type]]}) (Com {[LIT_CHARS sed]} {[LIT_CHARS -E]} {[SQ ]}) )]})]) (= scope= flags=0 words=[] bindings=[('algo', {[ComSub (Pipeline (Com {[LIT_CHARS echo]} {[DQ [VarSub key_type]]}) (Com {[LIT_CHARS sed]} {[LIT_CHARS -E]} {[SQ ]}) )]})]) (Com {[LIT_CHARS try]} {[LIT_CHARS openssl]} {[LIT_CHARS req]} {[LIT_CHARS -new]} {[LIT_CHARS -key]} {[LIT_CHARS out/] [VarSub key_type] [LIT_CHARS -intermediate.key]} {[LIT_CHARS -out]} {[LIT_CHARS out/] [VarSub key_type] [LIT_CHARS -intermediate.csr]} {[LIT_CHARS -config]} {[LIT_CHARS ca.cnf]} more_env=[('CA_COMMON_NAME', {[DQ [VarSub key_size][LIT_CHARS " "][VarSub algo][LIT_CHARS " Test intermediate CA"]]}), ('CA_DIR', {[LIT_CHARS out]}), ('CA_NAME', {[LIT_CHARS req_env_dn]}), ('KEY_SIZE', {[VarSub key_size]}), ('ALGO', {[VarSub algo]}), ('CERT_TYPE', {[LIT_CHARS intermediate]})] ) (Com {[LIT_CHARS touch]} {[LIT_CHARS out/2048-rsa-root-index.txt]}) (Com {[LIT_CHARS try]} {[LIT_CHARS openssl]} {[LIT_CHARS ca]} {[LIT_CHARS -batch]} {[LIT_CHARS -extensions]} {[LIT_CHARS ca_cert]} {[LIT_CHARS -in]} {[LIT_CHARS out/] [VarSub key_type] [LIT_CHARS -intermediate.csr]} {[LIT_CHARS -out]} {[LIT_CHARS out/] [VarSub key_type] [LIT_CHARS -intermediate.pem]} {[LIT_CHARS -config]} {[LIT_CHARS ca.cnf]} more_env=[('CA_COMMON_NAME', {[DQ [LIT_CHARS "2048 RSA Test Root CA"]]}), ('CA_DIR', {[LIT_CHARS out]}), ('CA_NAME', {[LIT_CHARS req_env_dn]}), ('KEY_SIZE', {[LIT_CHARS 2048]}), ('ALGO', {[LIT_CHARS rsa]}), ('CERT_TYPE', {[LIT_CHARS root]})] ) ) ) (For key_type [{[VarSub key_types]}]) (For signer_key_type [{[VarSub key_types]}]) (List (= scope= flags=0 words=[] bindings=[('key_size', {[ComSub (Pipeline (Com {[LIT_CHARS echo]} {[DQ [VarSub key_type]]}) (Com {[LIT_CHARS sed]} {[LIT_CHARS -E]} {[SQ ]}) )]})]) (= scope= flags=0 words=[] bindings=[('algo', {[ComSub (Pipeline (Com {[LIT_CHARS echo]} {[DQ [VarSub key_type]]}) (Com {[LIT_CHARS sed]} {[LIT_CHARS -E]} {[SQ ]}) )]})]) (= scope= flags=0 words=[] bindings=[('signer_key_size', {[ComSub (Pipeline (Com {[LIT_CHARS echo]} {[DQ [VarSub signer_key_type]]}) (Com {[LIT_CHARS sed]} {[LIT_CHARS -E]} {[SQ ]}) )]})]) (= scope= flags=0 words=[] bindings=[('signer_algo', {[ComSub (Pipeline (Com {[LIT_CHARS echo]} {[DQ [VarSub signer_key_type]]}) (Com {[LIT_CHARS sed]} {[LIT_CHARS -E]} {[SQ ]}) )]})]) (Com {[LIT_CHARS touch]} {[LIT_CHARS out/] [VarSub signer_key_type] [LIT_CHARS -intermediate-index.txt]}) (Com {[LIT_CHARS try]} {[LIT_CHARS openssl]} {[LIT_CHARS req]} {[LIT_CHARS -new]} {[LIT_CHARS -key]} {[LIT_CHARS out/] [VarSub key_type] [LIT_CHARS -ee-by-] [VarSub signer_key_type] [LIT_CHARS -intermediate.key]} {[LIT_CHARS -out]} {[LIT_CHARS out/] [VarSub key_type] [LIT_CHARS -ee-by-] [VarSub signer_key_type] [LIT_CHARS -intermediate.csr]} {[LIT_CHARS -config]} {[LIT_CHARS ee.cnf]} more_env=[('KEY_SIZE', {[VarSub key_size]})] ) (Com {[LIT_CHARS try]} {[LIT_CHARS openssl]} {[LIT_CHARS ca]} {[LIT_CHARS -batch]} {[LIT_CHARS -in]} {[LIT_CHARS out/] [VarSub key_type] [LIT_CHARS -ee-by-] [VarSub signer_key_type] [LIT_CHARS -intermediate.csr]} {[LIT_CHARS -out]} {[LIT_CHARS out/] [VarSub key_type] [LIT_CHARS -ee-by-] [VarSub signer_key_type] [LIT_CHARS -intermediate.pem]} {[LIT_CHARS -config]} {[LIT_CHARS ca.cnf]} more_env=[('CA_COMMON_NAME', {[DQ [VarSub signer_key_size][LIT_CHARS " "][VarSub algo][LIT_CHARS " Test intermediate CA"]]}), ('CA_DIR', {[LIT_CHARS out]}), ('CA_NAME', {[LIT_CHARS req_env_dn]}), ('KEY_SIZE', {[VarSub signer_key_size]}), ('ALGO', {[VarSub signer_algo]}), ('CERT_TYPE', {[LIT_CHARS intermediate]})] ) ) ) ) (Com {[LIT_CHARS try]} {[LIT_CHARS cp]} {[LIT_CHARS out/] [LIT_OTHER "*"] [LIT_CHARS root] [LIT_OTHER "*"] [LIT_CHARS pem]} {[LIT_CHARS out/] [LIT_OTHER "*"] [LIT_CHARS intermediate] [LIT_OTHER "*"] [LIT_CHARS pem]} {[LIT_CHARS ../certificates]}) )