Just in case we ever want to use spaces in any of those places.
BASE=crls-${year}/$year-$month
mkdir -p $BASE
cp root.ca/${year}_${month}.crl $BASE/root.crl
- for ca in $STRUCT_CAS; do
+ for ca in "${STRUCT_CAS[@]}"; do
cp $ca.ca/${year}_${month}.crl $BASE/$ca.crl
done
done
mkdir -p gigi-config/config/ca
cp root.ca/key.crt gigi-config/config/ca/root.crt
-for ca in $STRUCT_CAS; do
+for ca in "${STRUCT_CAS[@]}"; do
cp ${ca}.ca/key.crt gigi-config/config/ca/${ca}.crt
- for i in $TIME_IDX; do
+ for i in "${TIME_IDX[@]}"; do
cp ${year}/ca/${ca}_${year}_${i}.crt gigi-config/config/ca/${ca}_${year}_${i}.crt
done
done
cd generated
mkdir -p signer-config
-for ca in $STRUCT_CAS; do
- for i in $TIME_IDX; do
+for ca in "${STRUCT_CAS[@]}"; do
+ for i in "${TIME_IDX[@]}"; do
mkdir -p signer-config/ca/${ca}_${year}_${i}
cp ${year}/ca/${ca}_${year}_${i}.crt signer-config/ca/${ca}_${year}_${i}/ca.crt
done
# Updating for server
-for ca in $STRUCT_CAS; do
- for i in $TIME_IDX; do
+for ca in "${STRUCT_CAS[@]}"; do
+ for i in "${TIME_IDX[@]}"; do
cp ${year}/ca/${ca}_${year}_${i}.key signer-config/ca/${ca}_${year}_${i}/ca.key
done
done
done
}
generateCRLs root
-for ca in $STRUCT_CAS; do
+for ca in "${STRUCT_CAS[@]}"; do
generateCRLs $ca
done
mkdir -p htdocs/crt/g2/$year
-for ca in root $STRUCT_CAS; do
+for ca in root "${STRUCT_CAS[@]}"; do
cp $ca.ca/key.crt htdocs/crt/g2/$ca.crt
done
-for ca in $STRUCT_CAS; do
- for i in $TIME_IDX; do
+for ca in "${STRUCT_CAS[@]}"; do
+ for i in "${TIME_IDX[@]}"; do
cp $year/ca/${ca}_${year}_${i}.crt htdocs/crt/g2/$year/${ca}-${i}.crt
done
done
rootSign root
# generate the various sub-CAs
-for ca in $STRUCT_CAS; do
+for ca in "${STRUCT_CAS[@]}"; do
. ../CAs/$ca
genca "/CN=$name" $ca
rootSign $ca
mkdir -p $year/ca
-for i in $TIME_IDX; do
+for i in "${TIME_IDX[@]}"; do
point=${year}${points[${i}]}
nextp=${points[$((${i} + 1))]}
if [[ "$nextp" == "" ]]; then
epoint=$((${year} + 2 ))${epoints[${i}]}
fi
- for ca in $STRUCT_CAS; do
+ for ca in "${STRUCT_CAS[@]}"; do
. ../CAs/$ca
genKey "/CN=$name ${year}-${i}" $year/ca/${ca}_${year}_${i}
genTimeCA $year/ca/${ca}_${year}_${i} $ca "$point" "$epoint"
[ -f config ] && . ./config
-STRUCT_CAS="env unassured assured codesign orga orgaSign"
-SERVER_KEYS="api secure www static signer_server signer_client mail"
-TIME_IDX="1 2"
+STRUCT_CAS=(env unassured assured codesign orga orgaSign)
+SERVER_KEYS=(api secure www static signer_server signer_client mail)
+TIME_IDX=(1 2)
points[1]="0101000000Z"
points[2]="0601000000Z"
verifyExtlist "$(openssl x509 -in "root.ca/key.crt" -noout -text)" root
# Verify level-1 structure
-for ca in $STRUCT_CAS; do
+for ca in "${STRUCT_CAS[@]}"; do
verify $ca.ca/key.crt
verifyExtlist "$(openssl x509 -in "$ca.ca/key.crt" -noout -text)" "$ca"
done
# Verify level-2 (time) structure
-for ca in ${STRUCT_CAS}; do
- for i in $TIME_IDX; do
+for ca in "${STRUCT_CAS[@]}"; do
+ for i in "${TIME_IDX[@]}"; do
. ../CAs/$ca
CA_FILE=$year/ca/${ca}_${year}_${i}.crt
time=${points[${i}]}