60 lines
1.9 KiB
Bash
Executable File
60 lines
1.9 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
# Generate markdown and CSV files containing cert info for each host.
|
|
|
|
set -o errexit # (-e) exit immediately if any command has a non-zero exit status
|
|
set -o nounset # (-u) don't accept undefined variables
|
|
#set -o xtrace # for debugging
|
|
|
|
# Go where this script is.
|
|
cd "$(dirname "$0")" || exit
|
|
|
|
# Table header
|
|
md_table="| Host | Cert | Expiry | Key Algorithm | Key Size (bits) | Signature Algorithm |
|
|
--- | --- | --- | --- | --- | ---\n"
|
|
csv_table="Host,Expiry,Key Algorithm,Key Size (bits),Signature Algorithm\n"
|
|
|
|
for cert_file in certs/*.pem; do
|
|
|
|
host=$(expr "$cert_file" : '^certs\/\(.*\)\:[0-9]*\.pem$')
|
|
port=$(expr "$cert_file" : '^certs\/.*\:\([0-9]*\)\.pem$')
|
|
if [ "$port" != 1965 ]; then
|
|
host="$host:$port"
|
|
fi
|
|
|
|
# Get cert details: expiry, key algo, key size, signature algo.
|
|
end_date=$(openssl x509 -in "$cert_file" -enddate -noout | cut -d '=' -f 2)
|
|
end_date=$(date -d "$end_date" +"%Y-%m-%d" --utc)
|
|
|
|
cert_details=$(openssl x509 -in "$cert_file" -noout -text)
|
|
|
|
key_algo=$(echo "$cert_details" | grep 'Public Key Algorithm:' | cut -d ':' -f 2)
|
|
if [ "$key_algo" = ' id-ecPublicKey' ]; then
|
|
key_algo='ECDSA'
|
|
elif [ "$key_algo" = ' rsaEncryption' ]; then
|
|
key_algo='RSA'
|
|
elif [ "$key_algo" = ' ED25519' ]; then
|
|
key_algo='ED25519'
|
|
fi
|
|
|
|
if [ "$key_algo" = 'ED25519' ]; then
|
|
key_size='256'
|
|
else
|
|
key_size=$(echo "$cert_details" | grep 'Public-Key:' | cut -d ':' -f 2)
|
|
key_size=$(expr "$key_size" : '^..\([0-9]*\).*$')
|
|
fi
|
|
|
|
sig_algo=$(echo "$cert_details" | grep ' Signature Algorithm:' | cut -d ':' -f 2 | cut -c2-)
|
|
|
|
# Add a table row.
|
|
md_table="$md_table| [$host](gemini://$host/) | [PEM]($cert_file) | $end_date | $key_algo | $key_size | $sig_algo |\n"
|
|
csv_table="$csv_table""$host,$end_date,$key_algo,$key_size,$sig_algo\n"
|
|
|
|
done
|
|
|
|
# Write to files.
|
|
echo "$md_table" > cert-details.md
|
|
echo "$csv_table" > cert-details.csv
|
|
|
|
echo OK
|