X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=generateTime.sh;h=26f3cdf06abb611f63284f606d1f991d6fcd5296;hb=33ef004d3397046e13bc94533c81ccc3261d6a9c;hp=c7a98de61520eadf1ba4bb96ed0a0770e029e06d;hpb=69a024b8652e0f0c5203954f322b79a3f0096446;p=nre.git diff --git a/generateTime.sh b/generateTime.sh index c7a98de..26f3cdf 100755 --- a/generateTime.sh +++ b/generateTime.sh @@ -6,13 +6,27 @@ [ "$1" == "" ] && echo "Usage: $0 " && exit 1 year=$1 +cd generated + genTimeCA(){ #csr,ca to sign with,start,end + KNAME=$2 + . ../CAs/${KNAME} cat < timesubca.cnf -basicConstraints = CA:true +basicConstraints=critical,CA:true +keyUsage=critical,keyCertSign, cRLSign + subjectKeyIdentifier = hash -keyUsage = keyCertSign, cRLSign -crlDistributionPoints=URI:http://g2.crl.cacert.org/g2/$2.crl -authorityInfoAccess = OCSP;URI:http://g2.ocsp.cacert.org,caIssuers;URI:http://g2.crt.cacert.org/$2.crt +authorityKeyIdentifier = keyid:always + +crlDistributionPoints=URI:http://g2.crl.${DOMAIN}/g2/$2.crl +authorityInfoAccess = OCSP;URI:http://g2.ocsp.${DOMAIN},caIssuers;URI:http://g2.crt.${DOMAIN}/g2/$2.crt + +certificatePolicies=@polsect + +[polsect] +policyIdentifier = 1.3.6.1.4.1.18506.9.${CPSID} +CPS.1="http://g2.cps.${DOMAIN}/g2/${KNAME}.cps" + TESTCA caSign $1 $2 timesubca.cnf "$3" "$4" rm timesubca.cnf @@ -20,16 +34,24 @@ TESTCA mkdir -p $year/ca -STARTDATE="${year:2}0101000000Z" -ENDDATE="$((${year:2} + 2))0101000000Z" -. CAs/env -genca "/CN=$name ${year}-1" $year/ca/env_${year}_1 -genTimeCA $year/ca/env_${year}_1.ca/key env "$STARTDATE" "$ENDDATE" +for i in $TIME_IDX; do + point=${year}${points[${i}]} + nextp=${points[$((${i} + 1))]} + if [[ "$nextp" == "" ]]; then + epoint=$((${year} + 3 ))${epoints[${i}]} + else + epoint=$((${year} + 2 ))${epoints[${i}]} + fi -for ca in $STRUCT_CAS; do - [ "$ca" == "env" ] && continue - . CAs/$ca - genKey "/CN=$name ${year}-1" $year/ca/${ca}_${year}_1 - genTimeCA $year/ca/${ca}_${year}_1 $ca "$STARTDATE" "$ENDDATE" + . ../CAs/env + genca "/CN=$name ${year}-${i}" $year/ca/env_${year}_${i} + genTimeCA $year/ca/env_${year}_${i}.ca/key env "$point" "$epoint" + + for ca in $STRUCT_CAS; do + [ "$ca" == "env" ] && continue + . ../CAs/$ca + genKey "/CN=$name ${year}-${i}" $year/ca/${ca}_${year}_${i} + genTimeCA $year/ca/${ca}_${year}_${i} $ca "$point" "$epoint" + done done