Fixing times, doing full times where possible

diff --git a/generateInfra.sh b/generateInfra.sh
index c6cc9e860986254ad3e5c730e33c643a94791637..bd1b872483998c36c2f40e1e560fea9135ed2a3c 100755 (executable)
--- a/generateInfra.sh
+++ b/generateInfra.sh
@@ -42,7 +42,7 @@ TESTCA
 genserver(){ #key, subject, config
     openssl genrsa -out $1.key ${KEYSIZE}
     openssl req -new -key $1.key -out $1.csr -subj "$2"
-    caSign $1 $year/ca/env_${year}_1 "$3"
+    caSign $1 $year/ca/env_${year}_1 "$3" "${year}${points[1]}" "$((${year} + 2))${points[1]}"
     
     openssl pkcs12 -inkey $1.key -in $1.crt -CAfile env.chain.crt -chain -name $1 -export -passout pass:changeit -out $1.pkcs12
     

diff --git a/generateTime.sh b/generateTime.sh
index 572d27dba70878c72ff8a293c367313c50ceae91..71aa918f08ca896f6c46d9bb5e05c6ece7b223d4 100755 (executable)
--- a/generateTime.sh
+++ b/generateTime.sh
@@ -21,8 +21,8 @@ TESTCA
 mkdir -p $year/ca
 
 
-STARTDATE="${year:2}"
-ENDDATE="$((${year:2} + 2))"
+STARTDATE="${year}"
+ENDDATE="$((${year} + 2))"
 
 for i in $TIME_IDX; do
     point=${points[${i}]}

diff --git a/structure b/structure
index 9bf7bcc839c214235f6a3522c12e12c8d28dedc1..27927c249a4593d4ba694f66a480f2c41fe20c15 100755 (executable)
--- a/structure
+++ b/structure
@@ -11,4 +11,4 @@ TIME_IDX="1 2"
 points[1]="0101000000Z"
 points[2]="0601000000Z"
 
-ROOT_VALIDITY="-startdate 150101000000Z -enddate 300101000000Z"
+ROOT_VALIDITY="-startdate 20150101000000Z -enddate 20300101000000Z"

diff --git a/verify.sh b/verify.sh
index 6423eb93bacff0949c579fe66465de6524fd7d30..9d4527a8203bc703b773d5c66e5f644bc73015f5 100755 (executable)
--- a/verify.sh
+++ b/verify.sh
@@ -33,8 +33,8 @@ for ca in ${STRUCT_CAS}; do
        else
            CA_FILE=$year/ca/${ca}_${year}_${i}.crt
        fi
-       time=${year:2}${points[${i}]}
-       timestamp=$(date --date="${time:2:2}/${time:4:2}/${time:0:2} 03:00:00 UTC" +"%s")
+       time=${points[${i}]}
+       timestamp=$(date --date="${time:0:2}/${time:2:2}/${year} 03:00:00 UTC" +"%s")
        verify "$CA_FILE" "$ca.ca/key.crt" "-attime ${timestamp}"
        openssl x509 -in "$CA_FILE" -noout -text | grep "CA Issuers" | grep "/$ca.crt" > /dev/null || error "CA Issuers field is wrong for $ca"
        openssl x509 -in "$CA_FILE" -noout -text | grep "Subject: " | grep "CN=$name" > /dev/null || error "Subject field did not verify"