./collectGigiConfig.sh 2015
./collectOffline.sh 2015
./collectSignerConfig.sh 2015
+
+./summary.sh 2015
cyear=$2
month=$3
timeIdx=$4
- cp $year/ca/env_${year}_${timeIdx}.ca/${cyear}_${month}.crl crls-${year}/$year-$month/${year}/env_${year}_${timeIdx}.crl
+ cp -v $year/ca/env_${year}_${timeIdx}.ca/${cyear}_${month}.crl crls-${year}/$cyear-$month/${year}/env_${year}_${timeIdx}.crl
# no "for ca in $STRUCT_CAs" because that's cassiopeias work.
}
+rm -Rf crls-${year}
mkdir -p crls-${year}
for month in {01..12}; do
BASE=crls-${year}/$year-$month
done
pushd crls-${year}
+rm -f crl-passwords1.txt crl-passwords2.txt
for i in *; do
- tar czf $i.tgz -C $i .
+ PASSW1=`head -c15 /dev/urandom | base64`
+ PASSW2=`head -c15 /dev/urandom | base64`
+ echo "Crypting CRL $i"
+ echo "$i: $PASSW1" >> crl-passwords1.txt
+ echo "$i: $PASSW2" >> crl-passwords2.txt
+ tar c -C $i . | openssl enc -e -kfile <(echo -n "$PASSW1$PASSW2") -md sha256 -aes-256-cbc > $i.tar.aes-256-cbc
+ PASSW1=
+ PASSW2=
+
done
popd
cd generated
-tar cz *.ca | openssl enc -e -kfile <(echo 1234) -md sha256 -aes-256-cbc > offline.tar.gz.aes-256-cbc
+PASSW=`head -c15 /dev/random | base64`
+echo $PASSW > offlinePassword.txt
+tar c *.ca | openssl enc -e -kfile <(echo -n "$PASSW") -md sha256 -aes-256-cbc > offline.tar.aes-256-cbc
+PASSW=
--- /dev/null
+#!/bin/bash
+
+set -e
+
+[ "$1" == "" ] && echo "Usage: $0 <year>" && exit 1
+year=$1
+
+. structure
+. commonFunctions
+cd generated
+
+
+echo "Data for escrow{1,2}"
+ls -als offline.tar.aes-256-cbc
+#openssl enc -d -in offline.tar.aes-256-cbc -kfile <(cat offlinePassword.txt) -md sha256 -aes-256-cbc | tar t
+
+echo "Data for offlinePassword"
+ls -als offlinePassword.txt
+
+echo "Data for crlPassword1-{1,2}"
+ls -als crls-$year/crl-passwords1.txt
+
+echo "Data for crlPassword2-{1,2}"
+ls -als crls-$year/crl-passwords2.txt
+
+echo "Data for operative"
+ls -als crls-$year/*.tar.aes-256-cbc gigi-$year.tar.gz signer-client-$year.tar.gz signer-server-$year.tar.gz