3 SRC_PATH=/opt/etc/ssl/certs
4 CRT=certs/ca-certificate.crt
6 USERCERT_DIR=certs/usercert/key
7 ROOTCERT_DIR=certs/rootcert
8 ROOTCERT_PATH=/opt/usr/share/$ROOTCERT_DIR
9 ROOTCERT_DB=$DBSPACE_DIR/.security-rootcert.db
10 USERCERT_DB=$DBSPACE_DIR/.security-usercert.db
15 if [ "$error_code" != "0" ]
21 mkdir -p $ROOTCERT_DIR
23 mkdir -p $USERCERT_DIR
28 sqlite3 -line $ROOTCERT_DB 'CREATE TABLE IF NOT EXISTS rootcert (certId INTEGER PRIMARY KEY AUTOINCREMENT, certType SMALLINT DEFAULT 0, certFormat SMALLINT DEFAULT 0, fileName VARCHAR, subjectNameLen SMALLINT DEFAULT 20, subjectName VARCHAR, issuerNameLen SMALLINT DEFAULT 20, issuerName VARCHAR, parentCa SMALLINT, installed VARCHAR, serialNo VARCHAR, serialNoLen SMALLINT DEFAULT 20)'
31 sqlite3 -line $USERCERT_DB 'CREATE TABLE IF NOT EXISTS usercert (certId INTEGER PRIMARY KEY AUTOINCREMENT, certPubKeyHash VARCHAR DEFAULT null, certFormat SMALLINT DEFAULT 0, fileName VARCHAR, subjectNameLen SMALLINT DEFAULT 20, subjectName VARCHAR, issuerNameLen SMALLINT DEFAULT 20, issuerName VARCHAR, prvKeyPath VARCHAR DEFAULT null, prvKeyLen SMALLINT DEFAULT 0, parentCa SMALLINT DEFAULT 0, installed VARCHAR, serialNo VARCHAR, serialNoLen SMALLINT DEFAULT 20)'
34 echo "Insert certificates ..."
36 for NAME in `find $SRC_PATH -type f`
38 CNT_STR=`printf '%03d' $CNT`
40 DER=$ROOTCERT_DIR/$CNT_STR.cert
42 echo "[$CNT_STR.cert] "
44 openssl x509 -in $PEM -inform PEM -out $DER -outform DER
47 SUBJECT_NAME=`openssl x509 -in $DER -inform DER -noout -subject | sed "s#^subject=[ \t]*##"`
49 SUBJECT_NAME_LEN=`echo -n "$SUBJECT_NAME" | wc -c`
51 let SUBJECT_NAME_LEN=($SUBJECT_NAME_LEN+2)/3*4
53 SUBJECT_NAME=`echo -n "$SUBJECT_NAME" | base64 -w 0`
56 ISSUER_NAME=`openssl x509 -in $DER -inform DER -noout -issuer | sed "s#^issuer=[ \t]*##"`
58 ISSUER_NAME_LEN=`echo -n "$ISSUER_NAME" | wc -c`
60 let ISSUER_NAME_LEN=($ISSUER_NAME_LEN+2)/3*4
62 ISSUER_NAME=`echo -n "$ISSUER_NAME" | base64 -w 0`
65 SERIAL_NO_LEN=`openssl x509 -in $DER -inform DER -noout -serial | sed "s#^serial=[ \t]*##" | xxd -r -p | wc -c`
67 let SERIAL_NO_LEN=($SERIAL_NO_LEN+2)/3*4
69 SERIAL_NO=`openssl x509 -in $DER -inform DER -noout -serial | sed "s#^serial=[ \t]*##" | xxd -r -p | base64 -w 0`
72 openssl x509 -in $DER -inform DER -outform PEM >> $CRT
75 sqlite3 -line $ROOTCERT_DB "INSERT INTO rootcert (certId, certType, certFormat, fileName, subjectNameLen, subjectName, issuerNameLen, issuerName, parentCa, installed, serialNo, serialNoLen) VALUES ($CNT, 4, 1, '$ROOTCERT_PATH/$CNT_STR.cert', $SUBJECT_NAME_LEN, '$SUBJECT_NAME', $ISSUER_NAME_LEN, '$ISSUER_NAME', $CNT, 'T', '$SERIAL_NO', $SERIAL_NO_LEN)"
80 echo "Insert certificates ... done"