trust-store-generators/cert-details.sh

#!/bin/sh

# Generate markdown and CSV files containing cert info for each host.

set -o errexit  # (-e) exit immediately if any command has a non-zero exit status
set -o nounset  # (-u) don't accept undefined variables
#set -o xtrace  # for debugging

timestamp_start=$(date +%s)

# Go where this script is.
cd "$(dirname "$0")" || exit

# Table header
md_table="| Host | Cert | Expiry | Key Algorithm | Key Size (bits) | Signature Algorithm |
--- | --- | --- | --- | --- | ---\n"
csv_table="Host,Expiry,Key Algorithm,Key Size (bits),Signature Algorithm\n"

for cert_file in certs/*.pem; do

  host=$(expr "$cert_file" : '^certs\/\(.*\)\:[0-9]*\.pem$')
  port=$(expr "$cert_file" : '^certs\/.*\:\([0-9]*\)\.pem$')
  if [ "$port" != 1965 ]; then
    host="$host:$port"
  fi

  # Get cert details: expiry, key algo, key size, signature algo.
  end_date=$(openssl x509 -in "$cert_file" -enddate -noout | cut -d '=' -f 2)
  end_date=$(date -d "$end_date" +"%Y-%m-%d" --utc)

  cert_details=$(openssl x509 -in "$cert_file" -noout -text)

  key_algo=$(echo "$cert_details" | grep 'Public Key Algorithm:' | cut -d ':' -f 2)
  if [ "$key_algo" = ' id-ecPublicKey' ]; then
    key_algo='ECDSA'
  elif [ "$key_algo" = ' rsaEncryption' ]; then
    key_algo='RSA'
  elif [ "$key_algo" = ' ED25519' ]; then
    key_algo='ED25519'
  fi

  if [ "$key_algo" = 'ED25519' ]; then
    key_size='256'
  else
    key_size=$(echo "$cert_details" | grep 'Public-Key:' | cut -d ':' -f 2)
    key_size=$(expr "$key_size" : '^..\([0-9]*\).*$')
  fi

  sig_algo=$(echo "$cert_details" | grep '        Signature Algorithm:' | cut -d ':' -f 2 | cut -c2-)

  # Add a table row.
  md_table="$md_table| [$host](gemini://$host/) | [PEM]($cert_file) | $end_date | $key_algo | $key_size | $sig_algo |\n"
  csv_table="$csv_table""$host,$end_date,$key_algo,$key_size,$sig_algo\n"

done

# Write to files.
echo "$md_table" > cert-details.md
echo "$csv_table" > cert-details.csv

timestamp_end=$(date +%s)
exec_time="$((timestamp_end - timestamp_start))"
exec_time_formatted="$(date -d "@$exec_time" --utc "+%H:%M:%S")"

echo "OK (duration: $exec_time_formatted)"
init 2021-04-28 09:20:18 +00:00			`#!/bin/sh`

			`# Generate markdown and CSV files containing cert info for each host.`

			`set -o errexit # (-e) exit immediately if any command has a non-zero exit status`
			`set -o nounset # (-u) don't accept undefined variables`
			`#set -o xtrace # for debugging`

output execution duration for each script 2023-03-19 17:21:40 +00:00			`timestamp_start=$(date +%s)`

init 2021-04-28 09:20:18 +00:00			`# Go where this script is.`
			`cd "$(dirname "$0")" \|\| exit`

			`# Table header`
			`md_table="\| Host \| Cert \| Expiry \| Key Algorithm \| Key Size (bits) \| Signature Algorithm \|`
			`--- \| --- \| --- \| --- \| --- \| ---\n"`
			`csv_table="Host,Expiry,Key Algorithm,Key Size (bits),Signature Algorithm\n"`

			`for cert_file in certs/*.pem; do`

			`host=$(expr "$cert_file" : '^certs\/\(.\)\:[0-9]\.pem$')`
			`port=$(expr "$cert_file" : '^certs\/.\:\([0-9]\)\.pem$')`
			`if [ "$port" != 1965 ]; then`
			`host="$host:$port"`
			`fi`

			`# Get cert details: expiry, key algo, key size, signature algo.`
			`end_date=$(openssl x509 -in "$cert_file" -enddate -noout \| cut -d '=' -f 2)`
			`end_date=$(date -d "$end_date" +"%Y-%m-%d" --utc)`

			`cert_details=$(openssl x509 -in "$cert_file" -noout -text)`

			`key_algo=$(echo "$cert_details" \| grep 'Public Key Algorithm:' \| cut -d ':' -f 2)`
			`if [ "$key_algo" = ' id-ecPublicKey' ]; then`
			`key_algo='ECDSA'`
			`elif [ "$key_algo" = ' rsaEncryption' ]; then`
			`key_algo='RSA'`
			`elif [ "$key_algo" = ' ED25519' ]; then`
			`key_algo='ED25519'`
			`fi`

			`if [ "$key_algo" = 'ED25519' ]; then`
			`key_size='256'`
			`else`
			`key_size=$(echo "$cert_details" \| grep 'Public-Key:' \| cut -d ':' -f 2)`
			`key_size=$(expr "$key_size" : '^..\([0-9]\).$')`
			`fi`

remove extra space in $sig_algo 2021-06-30 17:53:23 +00:00			`sig_algo=$(echo "$cert_details" \| grep ' Signature Algorithm:' \| cut -d ':' -f 2 \| cut -c2-)`
init 2021-04-28 09:20:18 +00:00
			`# Add a table row.`
remove extra space in $sig_algo 2021-06-30 17:53:23 +00:00			`md_table="$md_table\| [$host](gemini://$host/) \| [PEM]($cert_file) \| $end_date \| $key_algo \| $key_size \| $sig_algo \|\n"`
init 2021-04-28 09:20:18 +00:00			`csv_table="$csv_table""$host,$end_date,$key_algo,$key_size,$sig_algo\n"`

			`done`

			`# Write to files.`
			`echo "$md_table" > cert-details.md`
			`echo "$csv_table" > cert-details.csv`

output execution duration for each script 2023-03-19 17:21:40 +00:00			`timestamp_end=$(date +%s)`
			`exec_time="$((timestamp_end - timestamp_start))"`
			`exec_time_formatted="$(date -d "@$exec_time" --utc "+%H:%M:%S")"`

			`echo "OK (duration: $exec_time_formatted)"`