diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2015-12-20 14:36:42 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2015-12-20 14:36:42 +0100 |
| commit | 57b6f18675da62363c4c35a5d62f3a4e4a2cc69a (patch) | |
| tree | 303223429d1e7147e220f62af1f2ce7675b6b351 | |
| parent | da2572ddb144086034eba1989ae909763e95c680 (diff) | |
Improve gencert.sh
| -rwxr-xr-x | certs/gencerts.sh | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/certs/gencerts.sh b/certs/gencerts.sh index 047bba1..8164945 100755 --- a/certs/gencerts.sh +++ b/certs/gencerts.sh @@ -5,45 +5,45 @@ PATH=/usr/bin:/bin if [ -n "${GNUPGBIN:-}" ]; then GPG="$GNUPGBIN" elif [ -x /usr/bin/gpg2 ]; then GPG=/usr/bin/gpg2 else GPG=gpg fi GPG_OPTS='--no-auto-check-trustdb --batch --no-verbose --yes' usage() { echo "Usage: $0 /path/to/certs.asc" >&2 exit 1 } x509fpr() { local msg="$1" host cert h spki host="${msg%%,*}"; host="${msg%% *}" cert="$DIR/${host%%:*}.pem" spki=$(openssl x509 -noout -pubkey<"$cert" | openssl pkey -pubin -outform DER | openssl dgst -sha1 | sed -nr 's/^[^=]+=\s*//p') - [ "$typ" = mdwn ] && { echo; echo " $msg"; echo; } || echo " $msg" - echo "${indent}X.509: https://crt.sh/?spkisha1=${spki}&iCAID=7395" - echo "${indent}SPKI:" + [ "$typ" = mdwn ] && printf '\n [[%s|https://crt.sh/?spkisha1=%s&iCAID=7395]]\n\n' "$msg" "$spki" \ + || printf ' %s\n X.509: https://crt.sh/?spkisha1=%s&iCAID=7395\n SPKI:\n' "$msg" "$spki" for h in sha1 sha256; do - echo -n " $h" | tr '[a-z]' '[A-Z]' + [ "$typ" = mdwn ] || echo -n ' ' + echo -n "$h" | tr '[a-z]' '[A-Z]' for i in $(seq 1 $((7 - ${#h}))); do echo -n ' '; done openssl x509 -noout -pubkey<"$cert" | openssl pkey -pubin -outform DER | openssl dgst -"$h" -c | sed -nr 's/^[^=]+=\s*//p' done | sed -r "s/(\S+)(.*)/$indent\1\U\2/" } sshfpr() { local msg="$1" host t h fpr host="${msg%%,*}"; host="${msg%% *}"; host="${host#*@}" [ "$typ" = mdwn ] && { echo; echo " $msg"; echo; } || echo " $msg" [ "${host#*:}" != 22 ] || host="${host%%:*}" for h in MD5 SHA256; do ssh-keygen -E "$h" -f "$DIR/../ssh_known_hosts" -lF "${host#*@}" done | sed -nr 's/^[^ #]+\s+//p' | sed -r 's/^(\S+)\s+(MD5|SHA256):/\1 \2 /' | while read t h fpr; do echo -n "$indent$t" for i in $(seq 1 $((7 - ${#h}))); do echo -n ' '; done echo "$h:$fpr" done } |