collectCRLs

   1 #!/bin/bash
   2
   3 set -e
   4
   5 [ "$1" == "" ] && echo "Usage: $0 <year>" && exit 1
   6 year=$1
   7
   8 . structure.bash
   9 . commonFunctions.bash
  10 cd generated
  11
  12 rm -Rf crls-${year}
  13 mkdir -p crls-${year}
  14 for month in {01..12}; do
  15     BASE=crls-${year}/$year-$month
  16     mkdir -p $BASE
  17     cp root.ca/${year}_${month}.crl $BASE/root.crl
  18     for ca in "${STRUCT_CAS[@]}"; do
  19         cp $ca.ca/${year}_${month}.crl $BASE/$ca.crl
  20     done
  21 done
  22
  23 pushd crls-${year}
  24 rm -f crl-passwords1.txt crl-passwords2.txt
  25 for i in *; do
  26     PASSW1=`head -c15 /dev/urandom | base64`
  27     PASSW2=`head -c15 /dev/urandom | base64`
  28     echo "Crypting CRL $i"
  29     echo "$i: $PASSW1" >> crl-passwords1.txt
  30     echo "$i: $PASSW2" >> crl-passwords2.txt
  31     tar c -C $i . | openssl enc -e -kfile <(echo -n "$PASSW1$PASSW2") -md sha256 -aes-256-cbc > $i.tar.aes-256-cbc
  32     PASSW1=
  33     PASSW2=
  34
  35 done
  36 popd