generateTime.sh

   1 #!/bin/bash
   2
   3 . structure
   4 . commonFunctions
   5
   6 [ "$1" == "" ] && echo "Usage: $0 <year>" && exit 1
   7 year=$1
   8
   9 cd generated
  10
  11 genTimeCA(){ #csr,ca to sign with,start,end
  12     cat <<TESTCA > timesubca.cnf
  13 basicConstraints = CA:true
  14 keyUsage = keyCertSign, cRLSign
  15
  16 subjectKeyIdentifier = hash
  17 authorityKeyIdentifier = keyid:always
  18
  19 crlDistributionPoints=URI:http://g2.crl.${DOMAIN}/g2/$2.crl
  20 authorityInfoAccess = OCSP;URI:http://g2.ocsp.${DOMAIN},caIssuers;URI:http://g2.crt.${DOMAIN}/g2/$2.crt
  21 TESTCA
  22     caSign $1 $2 timesubca.cnf "$3" "$4"
  23     rm timesubca.cnf
  24 }
  25
  26 mkdir -p $year/ca
  27
  28
  29 for i in $TIME_IDX; do
  30     point=${year}${points[${i}]}
  31     nextp=${points[$((${i} + 1))]}
  32     if [[ "$nextp" == "" ]]; then
  33         epoint=$((${year} + 3 ))${epoints[${i}]}
  34     else
  35         epoint=$((${year} + 2 ))${epoints[${i}]}
  36     fi
  37
  38     . ../CAs/env
  39     genca "/CN=$name ${year}-${i}" $year/ca/env_${year}_${i}
  40     genTimeCA $year/ca/env_${year}_${i}.ca/key env "$point" "$epoint"
  41
  42     for ca in $STRUCT_CAS; do
  43         [ "$ca" == "env" ] && continue
  44         . ../CAs/$ca
  45         genKey "/CN=$name ${year}-${i}" $year/ca/${ca}_${year}_${i}
  46         genTimeCA $year/ca/${ca}_${year}_${i} $ca "$point" "$epoint"
  47     done
  48 done