#!/bin/bash# 检查输出目录参数if [ "$#" -ne 1 ]; then echo "Usage: $0 <output_directory>" exit 1fioutput_dir=$1# 获取当前时间并格式化为 YYYYMMDDHHMMSStimestamp=$(date "+%Y%m%d%H%M%S")# 创建输出目录(如果不存在)mkdir -p "$output_dir"# 生成 SM2 私钥,并包括时间戳在文件名中openssl ecparam -genkey -name SM2 -out "${output_dir}/sm2PrivateKey_${timestamp}.pem"# 提取公钥,并包括时间戳在文件名中openssl ec -in "${output_dir}/sm2PrivateKey_${timestamp}.pem" -pubout -out "${output_dir}/sm2PublicKey_${timestamp}.pem"# 将私钥从 PEM 转换为 DER 格式,并包括时间戳在文件名中openssl pkcs8 -topk8 -inform PEM -outform DER -in "${output_dir}/sm2PrivateKey_${timestamp}.pem" -out "${output_dir}/sm2PrivateKey_${timestamp}.der" -nocryptecho "SM2 Public and Private keys have been generated in $output_dir with timestamp $timestamp"echo "Private key has also been converted to DER format with timestamp."
bash generate_sm2_keys.sh 公私钥生成路径
3. 生成自签名证书
#!/bin/bash# 检查输入参数if [ "$#" -ne 2 ]; then echo "Usage: $0 <private_key_path> <output_directory>" exit 1fiprivate_key_path=$1output_dir=$2# 获取当前时间并格式化为 YYYYMMDDHHMMSStimestamp=$(date "+%Y%m%d%H%M%S")# 创建输出目录(如果不存在)mkdir -p "$output_dir"# 创建 CSR,并包括时间戳在文件名中openssl req -new -key "$private_key_path" -out "$output_dir/sm2CertReq_${timestamp}.csr" \ -subj "/CN=name/O=CXHELLO Ltd./L=Beijing/ST=Beijing/C=CN"# 生成自签名证书,并包括时间戳在文件名中openssl x509 -req -in "$output_dir/sm2CertReq_${timestamp}.csr" -signkey "$private_key_path" -out "$output_dir/sm2Certificate_${timestamp}.pem" \ -days 365# 将生成的 PEM 格式证书转换为 DER 格式的 CRT 文件,并包括时间戳在文件名中openssl x509 -in "$output_dir/sm2Certificate_${timestamp}.pem" -outform DER -out "$output_dir/sm2Certificate_${timestamp}.crt"echo "SM2 Certificate has been generated in $output_dir with timestamp $timestamp"echo "The certificate has also been converted to DER format and saved as sm2Certificate_${timestamp}.crt in $output_dir"