-
Notifications
You must be signed in to change notification settings - Fork 89
/
parse-certs.sh
executable file
·92 lines (76 loc) · 2.43 KB
/
parse-certs.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
#!/bin/sh
#
# Parse Mozilla's certdata.txt and extract CA Root Certificates into PEM
# format.
#
# certdata.txt can be found in Mozilla's source tree:
# /mozilla/security/nss/lib/ckfw/builtins/certdata.txt
#
if [ $# != 2 ]; then
echo "Usage: `basename $0` [certdata.txt] [output]"
exit 1
fi
tmpfile=mytmpfile.txt
header="header"
echo "Processing $1"
tmprb=tmprb.rb
echo "certnum = 1" >> $tmprb
echo >> $tmprb
echo "while line = \$stdin.gets" >> $tmprb
echo " next if line =~ /^#/" >> $tmprb
echo " next if line =~ /^\s*$/" >> $tmprb
echo " line.chomp!" >> $tmprb
echo >> $tmprb
echo " if line =~ /CKA_LABEL/" >> $tmprb
echo " label,type,val = line.split(' ',3)" >> $tmprb
echo " val.sub!(/^\"/, \"\")" >> $tmprb
echo " val.sub!(/\"$/, \"\")" >> $tmprb
echo " next" >> $tmprb
echo " end" >> $tmprb
echo " if line =~ /CKA_VALUE MULTILINE_OCTAL/" >> $tmprb
echo " data=''" >> $tmprb
echo " fname = format \"%d.crt\", certnum" >> $tmprb
echo >> $tmprb
echo " while line = \$stdin.gets" >> $tmprb
echo " break if /^END/" >> $tmprb
echo " line.chomp!" >> $tmprb
echo " line.gsub(/\\\\([0-3][0-7][0-7])/) { data += \$1.oct.chr }" >> $tmprb
echo " end" >> $tmprb
echo " open(fname, \"w\") do |fp|" >> $tmprb
echo " fp.puts val" >> $tmprb
echo " fp.puts \"-----BEGIN CERTIFICATE-----\"" >> $tmprb
echo " fp.puts [data].pack(\"m*\")" >> $tmprb
echo " fp.puts \"-----END CERTIFICATE-----\"" >> $tmprb
echo " end" >> $tmprb
echo " puts \"Parsing: \" + val" >> $tmprb
echo " certnum += 1" >> $tmprb
echo " end" >> $tmprb
echo "end" >> $tmprb
chmod 755 $tmprb
cat $1 | ruby ./$tmprb
rm -rf $tmprb
echo "##" > $tmpfile
echo "## ca-bundle.crt -- Bundle of CA Root Certificates" >> $tmpfile
echo "## Converted by the service run by Daniel Stenberg" >> $tmpfile
echo "## URL: https://curl.haxx.se/docs/caextract.html" >> $tmpfile
echo "## Converted at: `date -u`" >> $tmpfile
# insert the version string from the Mozilla source file:
grep "^CVS_ID" $1 | sed -e 's/CVS_ID "@(#) \$RCSfile$ /## Mozilla: /' >> $tmpfile
echo "##" >> $tmpfile
cat $header >> $tmpfile
files=*.crt
for file in $files; do
echo "" >> $tmpfile
name=`sed q $file`
echo $name >> $tmpfile
for (( n=0; n<${#name}; ++n ))
do
echo -n "=" >> $tmpfile
done
echo "" >> $tmpfile
echo "" >> $tmpfile
openssl x509 -fingerprint -text -in $file -inform PEM >> $tmpfile
rm -rf $file
done
mv $tmpfile $2
echo "Done.."