From 9838020d168c0b01326ca1060f329fd8f098ca87 Mon Sep 17 00:00:00 2001
From: hwang <470981832@qq.com>
Date: Sun, 29 Sep 2024 14:22:28 +0000
Subject: [PATCH] working

---
 .gitignore    |  2 ++
 issue-root.sh | 42 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 44 insertions(+)
 create mode 100644 .gitignore
 create mode 100755 issue-root.sh

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..0d313d1
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+*.key
+*.crt
\ No newline at end of file
diff --git a/issue-root.sh b/issue-root.sh
new file mode 100755
index 0000000..4ef285a
--- /dev/null
+++ b/issue-root.sh
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+RSA_OPTS="-newkey rsa:2048 -sha256"
+ECDSA_OPTS="-newkey ec -pkeyopt ec_paramgen_curve:secp384r1 -sha384"
+ 
+while getopts ":h:t:n:d:s:" opt; do
+  case $opt in
+    h)
+      echo "Usage:  -t rsa|ec -n <name> -d <days>"
+      exit 0
+      ;;
+    t)
+      if [ "$OPTARG" = "rsa" ]; then
+        NEWKEY_OPT=$RSA_OPTS
+      elif [ "$OPTARG" = "ec" ]; then
+        NEWKEY_OPT=$ECDSA_OPTS
+      else 
+        echo "Invalid option: -t $OPTARG" >&2
+        exit 1
+      fi
+      ;;
+    n)
+      NAME_OPT=(-keyout "$OPTARG".key -out "$OPTARG".crt)
+      ;;
+    d)
+      DAYS_OPT="-days $OPTARG"
+      ;;
+    s)
+      SUBJECT_OPT=(-subj "/C=CN/CN=Root CA/O=$OPTARG")
+      ;;
+    \?)
+      echo "Invalid option: -$OPTARG" >&2
+      exit 1
+      ;;
+  esac
+done
+
+openssl req -x509 -batch $NEWKEY_OPT "${NAME_OPT[@]}" $DAYS_OPT "${SUBJECT_OPT[@]}" \
+    -addext "subjectKeyIdentifier=hash" \
+    -addext "authorityKeyIdentifier=keyid:always,issuer" \
+    -addext "basicConstraints=critical,CA:true" \
+    -addext "keyUsage=critical,keyCertSign,cRLSign" \
\ No newline at end of file