collectCRLs

   1 #!/bin/bash
   2
   3 set -e
   4
   5 [ "$1" == "" ] && echo "Usage: $0 <year>" && exit 1
   6 year=$1
   7
   8 . structure.bash
   9 . commonFunctions.bash
  10 cd generated
  11
  12 fetchCRLS(){ #year, cyear month timeIdx
  13     year=$1
  14     cyear=$2
  15     month=$3
  16     timeIdx=$4
  17     # no "for ca in $STRUCT_CAs" because that's cassiopeias work.
  18 }
  19
  20 rm -Rf crls-${year}
  21 mkdir -p crls-${year}
  22 for month in {01..12}; do
  23     BASE=crls-${year}/$year-$month
  24     mkdir -p $BASE
  25     cp root.ca/${year}_${month}.crl $BASE/root.crl
  26     for ca in $STRUCT_CAS; do
  27         cp $ca.ca/${year}_${month}.crl $BASE/$ca.crl
  28     done
  29 done
  30
  31 cyear=$year
  32 for month in {01..12}; do
  33     BASE=crls-${year}/$cyear-$month
  34     mkdir -p $BASE/$year
  35
  36     fetchCRLS $year $cyear $month 1
  37     [ "$month" -gt "6" ] && fetchCRLS $year $cyear $month 2
  38 done
  39
  40 cyear=$((year+1))
  41 for month in {01..12}; do
  42     BASE=crls-${year}/$cyear-$month
  43     mkdir -p $BASE/$year
  44
  45     fetchCRLS $year $cyear $month 1
  46     fetchCRLS $year $cyear $month 2
  47 done
  48
  49 cyear=$((year+2))
  50 for month in {01..06}; do
  51     BASE=crls-${year}/$cyear-$month
  52     mkdir -p $BASE/$year
  53
  54     fetchCRLS $year $cyear $month 2
  55 done
  56
  57 pushd crls-${year}
  58 rm -f crl-passwords1.txt crl-passwords2.txt
  59 for i in *; do
  60     PASSW1=`head -c15 /dev/urandom | base64`
  61     PASSW2=`head -c15 /dev/urandom | base64`
  62     echo "Crypting CRL $i"
  63     echo "$i: $PASSW1" >> crl-passwords1.txt
  64     echo "$i: $PASSW2" >> crl-passwords2.txt
  65     tar c -C $i . | openssl enc -e -kfile <(echo -n "$PASSW1$PASSW2") -md sha256 -aes-256-cbc > $i.tar.aes-256-cbc
  66     PASSW1=
  67     PASSW2=
  68
  69 done
  70 popd