#!/usr/bin/evn python
import re,sys,os,pexpect
from pexpect import *
#coding=utf-8
#create environment
if os.path.exists('./demoCA'):
        os.system('rm -rf ./demoCA')
os.system("mkdir ./demoCA")
os.system("mkdir ./demoCA/newcerts  ./demoCA/private")
os.system('chmod g-rwx,o-rwx ./demoCA/private')
os.system('echo "01" > ./demoCA/serial')
os.system('touch ./demoCA/index.txt')
#create root ca
child0=pexpect.spawn('openssl req -new -x509 -keyout ca0.key -out ca0.crt -config openssl.cnf')
child0.expect('phrase:')
child0.sendline('ding123')
child0.expect('phrase:')
child0.sendline('ding123')
#input root certificate information
child0.expect('Country Name *')
child0.sendline('cn')
child0.expect('Province')
child0.sendline('beijing')
child0.expect('City')
child0.sendline('haidian')
child0.expect('Company')
child0.sendline('test')
child0.expect('Organizational')
child0.sendline('test')
child0.expect('hostname')
child0.sendline('www.test.com')
child0.expect('Email')
child0.sendline('[email protected]')
#create root.pfx
child1=pexpect.spawn('openssl pkcs12 -export -inkey ca0.key -in ca0.crt -out ca0.pfx')
child1.expect('phrase')
child1.sendline('ding123')
child1.expect('Password')
child1.sendline('')
child1.expect('Password')
child1.sendline('')
#os.system('openssl pkcs12 -export -inkey ca0.key -in ca0.crt -out ca0.pfx')
print("creat root ca sucess")
#start sycle
for i in range(1,10):
        a='ca'
# Create key file
        cmd2='openssl genrsa -des3 -out '+a+str(i)+'.key' + ' 2048'
        child2=pexpect.spawn(cmd2)
        child2.expect('phrase')
        child2.sendline('ding123')
        child2.expect('Verifying')
        child2.sendline('ding123')
        print("create %s sucess") %(a+str(i)+'.key')
# Certificate Signing Request
        cmd3='openssl req -new -key '+ a+str(i)+'.key' + ' -out '+a+str(i)+'.csr' +' -config openssl.cnf' 
        child3=pexpect.spawn(cmd3)
        child3.expect('phrase')
        child3.sendline('ding123')
        child3.expect('Country')
        child3.sendline('cn')
        child3.expect('Province')
        child3.sendline('beijing')
        child3.expect('City')
        child3.sendline('haidian')
        child3.expect('Company')
        child3.sendline('test')
        child3.expect('Unit Name')
        Uname='test'+str(i)
        child3.sendline(Uname)
        child3.expect('hostname')
        hname='www.test'+str(i)+'.com'
        child3.sendline(hname)
        child3.expect('Email')
        email='test'+str(i)+'@test'+str(i)+'.com'
        child3.sendline(email)
        child3.expect('password')
        child3.sendline('')
        child3.expect('company')
        child3.sendline('')
        print("create %s sucess") %(a+str(i)+'.csr')
#Signature
        cmd4='openssl ca -in ' + a+str(i)+'.csr'+' -out '+a+str(i)+'.crt'+' -cert '+ a+str(i-1)+'.crt' +' -keyfile ' + a+str(i-1)+'.key'+ ' -config openssl.cnf'
        child4=pexpect.spawn(cmd4)
        child4.expect('phrase')
        child4.sendline('ding123')
        child4.expect('y/n')
        child4.sendline('y')
        child4.expect('y/n')
        child4.sendline('y')
        print('create %s sucess') %(a+str(i)+'.crt')
#create pfx file
        cmd5='openssl pkcs12 -export -inkey ' + a+str(i)+'.key' + ' -in ' + a+str(i)+'.crt' + ' -out ' +a+str(i)+'.pfx'
        child5=pexpect.spawn(cmd5)
        child5.expect('phrase')
        child5.sendline('ding123')
        child5.expect('Password')
        child5.sendline('')
        child5.expect('Password')
        child5.sendline('')
        print('create %s sucess') %(a+str(i)+'.pfx')