setup.sh: Drop generate_client_certs()

gowthamsk-arm · tgonzalezorlandoarm · commit a4eac019e61d · 2024-05-15T21:12:35.000+01:00
This function is not needed as only parsec keys are tested.

Signed-off-by: Gowtham Suresh Kumar &lt;gowtham.sureshkumar@arm.com&gt;
diff --git a/tests/setup_tls.sh b/tests/setup_tls.sh
@@ -85,53 +85,6 @@ generate_server_certs() {
     fi
 }
 
-# Use the openssl for key, CSR generation for sofware backed keys.
-# Generate the client key and certificate signed by CA
-# inputs: 
-#   client directory
-#   certificate directory
-generate_client_certs() {
-    CLIENT_DIRECTORY=$1
-    CLIENT_CERTIFICATE=${CLIENT_DIRECTORY}/client_cert.pem
-    CLIENT_CSR=${CLIENT_DIRECTORY}/client_cert.csr
-    CLIENT_PRIV_KEY=${CLIENT_DIRECTORY}/client_priv_key.pem
-
-    CA_DIRECTORY=$2
-    CA_CERTIFICATE=${CA_DIRECTORY}/ca_cert.pem
-    CA_PRIV_KEY=${CA_DIRECTORY}/ca_priv_key.pem
-
-    if [ ! -f "${CLIENT_CSR}" ]; then
-        mkdir -p "${CLIENT_DIRECTORY}" > /dev/null 2>&1
-        chmod 700 "${CLIENT_DIRECTORY}"
-
-        # Generate private key
-        openssl genrsa -out "${CLIENT_PRIV_KEY}" 2048 > /dev/null 2>&1
-        if [ $? -ne 0 ]; then
-            echo "FAILED TO GENERATE KEY"
-            exit 1
-        fi
-
-        # Generate certificate request via OpenSSL
-        openssl req -new \
-            -key "${CLIENT_PRIV_KEY}" \
-            -out "${CLIENT_CSR}" \
-            -subj "/C=UK/ST=Parsec /L=Parsec/O=Parsec/CN=parsec_client.com" > /dev/null 2>&1
-        if [ $? -ne 0 ]; then 
-            echo "FAILED TO GENERATE CERTIFICATE REQUEST"
-            exit 1
-        fi
-
-         # Generate certificate
-         openssl x509 -req -days 1000 -in "${CLIENT_CSR}" \
-             -CA "${CA_CERTIFICATE}" -CAkey "${CA_PRIV_KEY}" \
-            -CAcreateserial -out "${CLIENT_CERTIFICATE}" > /dev/null 2>&1
-
-        echo "SUCCESS"
-    else
-        echo "SKIPPED"
-    fi
-}
-
 # use the parsec-tool for key, CSR generation for hardware backed keys.
 # Generate the client key and certificate signed by CA
 # inputs:
@@ -143,7 +96,6 @@ generate_client_certs_parsec() {
     CLIENT_DIRECTORY=$1
     CLIENT_CERTIFICATE=${CLIENT_DIRECTORY}/$3.pem
     CLIENT_CSR=${CLIENT_DIRECTORY}/$3.csr
-    CLIENT_PRIV_KEY=${CLIENT_DIRECTORY}/client_priv_key.pem
 
     CA_DIRECTORY=$2
     CA_CERTIFICATE=${CA_DIRECTORY}/ca_cert.pem
@@ -153,23 +105,6 @@ generate_client_certs_parsec() {
         mkdir -p "${CLIENT_DIRECTORY}" > /dev/null 2>&1
         chmod 700 "${CLIENT_DIRECTORY}"
 
-        # Generate private key
-        openssl genrsa -out "${CLIENT_PRIV_KEY}" 2048 > /dev/null 2>&1
-        if [ $? -ne 0 ]; then
-            echo "FAILED TO GENERATE KEY"
-            exit 1
-        fi
-
-        # Generate certificate request
-        openssl req -new \
-            -key "${CLIENT_PRIV_KEY}" \
-            -out "${CLIENT_CSR}" \
-            -subj "/C=UK/ST=Parsec /L=Parsec/O=Parsec/CN=parsec_client.com" > /dev/null 2>&1
-        if [ $? -ne 0 ]; then 
-            echo "FAILED TO GENERATE CERTIFICATE REQUEST"
-            exit 1
-        fi
-
         # Generate certificate request via Parsec
         parsec-tool create-csr --cn parsec_client.com --l Parsec --c UK --st Parsec --o Parsec --key-name $4 > ${CLIENT_CSR}
 
@@ -198,9 +133,6 @@ echo -n "Generating client certificate: "
 generate_client_certs_parsec ./tls/client ./tls/ca parsec_rsa PARSEC_TEST_RSA_KEY
 generate_client_certs_parsec ./tls/client ./tls/ca parsec_ecdsa PARSEC_TEST_ECDSA_KEY
 
-echo -n "Generating openssl client private key and certificate: "
-generate_client_certs ./tls/client ./tls/ca
-
 echo -n "Generating fake certificate authority private key and certificate: "
 generate_ca_certs ./tls/fake_ca
 
