adding unpack offline, fixing pkcs12 (which requires libfaketime)

diff --git a/all.sh b/all.sh
index d59999ef35d5e9d7506315b7c01598417fc54672..9e91e2deb00ba6994fce57a75ed5f80954d7a194 100755 (executable)
--- a/all.sh
+++ b/all.sh
@@ -18,7 +18,7 @@ echo "========== Verifying Year 2015 ======="
 
 
 echo "========== Collection things ======="
-collectCRLs.sh
-collectGigiConfig.sh
-collectOffline.sh
-collectSignerConfig.sh
+./collectCRLs.sh 2015
+./collectGigiConfig.sh 2015
+./collectOffline.sh 2015
+./collectSignerConfig.sh 2015

diff --git a/generateInfra.sh b/generateInfra.sh
index 012e6b70feb8e63c87c0f5d2d96bdf78351e3815..c95ed6e5de6ee69f62994fc623296fdeb7611d8d 100755 (executable)
--- a/generateInfra.sh
+++ b/generateInfra.sh
@@ -49,7 +49,7 @@ genserver(){ #key, subject, config
     openssl req -new -key $1.key -out $1.csr -subj "$2"
     caSign $1 $year/ca/env_${year}_1 "$3" "${year}${points[1]}" "$((${year} + 2))${points[1]}"
     
-    openssl pkcs12 -inkey $1.key -in $1.crt -CAfile env.chain.crt -chain -name $1 -export -passout pass:changeit -out $1.pkcs12
+    TZ=UTC LD_PRELOAD=/usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1 FAKETIME="${year}-01-01 00:00:00" openssl pkcs12 -inkey $1.key -in $1.crt -CAfile env.chain.crt -chain -name $1 -export -passout pass:changeit -out $1.pkcs12
     
 }
 

diff --git a/unpackOffline.sh b/unpackOffline.sh
new file mode 100755 (executable)
index 0000000..743b9cb
--- /dev/null
+++ b/unpackOffline.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+mkdir -p generated
+cd generated
+
+openssl enc -d -kfile <(echo 1234) -md sha256 -aes-256-cbc | tar xz