script para firmar la cadena original y obtener el token

scripts/get-cert-rfc

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+if [[ -z $1 ]] ; then
+	echo "usage: $0 <file.crt>"
+	exit 1
+fi
+
+FILE=$1
+
+if [[ ! -f $FILE ]] ; then
+	echo "File $FILE does not exist"
+	exit 2
+fi
+
+openssl x509 -in $FILE -noout -text  | grep Subject | tr ',' "\n" | grep x500UniqueIdentifier | tr -d ' ' | cut -d '=' -f 2 -z
+
+exit
+\
+
+	| while read B ; do
+		#echo $B
+		printf "\x$B"
+	done
+echo

scripts/sign-token

@@ -0,0 +1,71 @@
+#!/bin/bash
+
+USAGE="usage: $0 <tokenUUID> <cert_file.crt> <key_file.key> "
+DIGEST=sha1
+
+if [[ -z $1 ]] ; then
+	echo $USAGE
+	exit 1
+fi
+if [[ -z $2 ]] ; then
+	echo $USAGE
+	exit 2
+fi
+if [[ -z $2 ]] ; then
+	echo $USAGE
+	exit 3
+fi
+
+TOKEN=$1
+CERT=$2
+KEY=$3
+
+if [[ ! -f $CERT ]] ; then
+	echo "Certificate file $CERT not found"
+	exit 4
+fi
+if [[ ! -f $KEY ]] ; then
+	echo "Key file $KEY not found"
+	exit 5
+fi
+
+SERIAL=`openssl x509 -in $CERT -noout -text \
+	| grep -A1 'Serial Number' \
+	| tail -1 \
+	| tr ':' "\n" \
+	| while read B ; do
+		printf "\x$B"
+	done
+	`
+
+RFC=`openssl x509 -in $CERT -noout -text \
+	| grep Subject \
+	| tr ',' "\n" \
+	| grep x500UniqueIdentifier \
+	| tr -d ' ' \
+	| cut -d '=' -f 2 
+	`
+CO="$TOKEN|$RFC|$SERIAL"
+#echo -n $CO > co.debug
+
+SIGNATURE=`echo -n $CO \
+	| openssl pkeyutl -sign -inkey $KEY -digest $DIGEST -rawin \
+	| base64 -w0
+	`
+#echo $SIGNATURE > firma.debug
+
+CO_BASE64=`echo -n $CO \
+	| base64 -w0`
+SIGNATURE_BASE64=`echo -n $SIGNATURE \
+	| base64 -w0`
+TOKEN="$CO_BASE64#$SIGNATURE_BASE64"
+echo
+echo "-----CADENA ORIGINAL-----"
+echo $CO
+#echo "-----CADENA ORIGINAL-----"
+#echo "===>$CO_BASE64<==="
+echo "----------FIRMA----------"
+echo $SIGNATURE
+echo "----------TOKEN----------"
+echo $TOKEN
+echo "-------------------------"