85 lines
1.5 KiB
Bash
Executable file
85 lines
1.5 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
USAGE="usage: $0 <tokenUUID> <cert_file.crt> <key_file.key> "
|
|
DIGEST=sha1
|
|
|
|
if [[ -z $1 ]] ; then
|
|
echo $USAGE
|
|
exit 1
|
|
fi
|
|
if [[ -z $2 ]] ; then
|
|
echo $USAGE
|
|
exit 2
|
|
fi
|
|
if [[ -z $2 ]] ; then
|
|
echo $USAGE
|
|
exit 3
|
|
fi
|
|
|
|
TOKEN=$1
|
|
CERT=$2
|
|
KEY=$3
|
|
|
|
if [[ ! -f $CERT ]] ; then
|
|
echo "Certificate file $CERT not found"
|
|
exit 4
|
|
fi
|
|
if [[ ! -f $KEY ]] ; then
|
|
echo "Key file $KEY not found"
|
|
exit 5
|
|
fi
|
|
|
|
SERIAL=`openssl x509 -in $CERT -noout -text \
|
|
| grep -A1 'Serial Number' \
|
|
| tail -1 \
|
|
| tr ':' "\n" \
|
|
| while read B ; do
|
|
printf "\x$B"
|
|
done
|
|
`
|
|
|
|
RFC=`openssl x509 -in $CERT -noout -text \
|
|
| grep Subject \
|
|
| tr ',' "\n" \
|
|
| grep x500UniqueIdentifier \
|
|
| tr -d ' ' \
|
|
| cut -d '=' -f 2
|
|
`
|
|
|
|
NOTAFTER=`openssl x509 -in $CERT -noout -text \
|
|
| grep 'Not After' \
|
|
| cut -d ':' -f 2-999 \
|
|
| sed 's/GMT$//'
|
|
`
|
|
#openssl x509 -enddate -noout -in file.pem
|
|
|
|
FERT=`date -d"$NOTAFTER" +%y%m%d%H%M%SZ`
|
|
|
|
CO="$TOKEN|$RFC|$SERIAL"
|
|
#echo -n $CO > co.debug
|
|
|
|
SIGNATURE=`echo -n $CO \
|
|
| openssl pkeyutl -sign -inkey $KEY -digest $DIGEST -rawin \
|
|
| base64 -w0
|
|
`
|
|
#echo $SIGNATURE > firma.debug
|
|
|
|
CO_BASE64=`echo -n $CO \
|
|
| base64 -w0`
|
|
SIGNATURE_BASE64=`echo -n $SIGNATURE \
|
|
| base64 -w0`
|
|
TOKEN=`echo -n "$CO_BASE64#$SIGNATURE_BASE64" \
|
|
| base64 -w0`
|
|
|
|
echo
|
|
echo "-----CADENA ORIGINAL-----"
|
|
echo $CO
|
|
#echo "-----CADENA ORIGINAL-----"
|
|
#echo "===>$CO_BASE64<==="
|
|
echo "----------FIRMA----------"
|
|
echo $SIGNATURE
|
|
echo "----------TOKEN----------"
|
|
echo $TOKEN
|
|
echo "--------NOT AFTER--------"
|
|
echo $FERT
|
|
echo "-------------------------"
|