spcd_ca

2024-09-01 21:00:03 +02:00 · 2024-09-01 21:00:03 +02:00 · c2b3a78617
commit c2b3a78617
parent e41d0e976f
1 changed files with 33 additions and 23 deletions
--- a/spcd/bootstrap.sh
+++ b/spcd/bootstrap.sh
@ -199,6 +199,36 @@ _spcd_txt_pick() {
 # │ functions │
 # ╰───────────╯

+spcd_ca() {
+    local index name value
+    local grep="\(After\|Before\|Issuer\|Signature Algorithm\|Subject:\)"
+    case "${1}" in
+    "list")
+        while true; do
+            index=$((index + 1))
+            name="SPCD_CA_${index}"
+            eval "value=\"\${name}\""
+            [ -n "${value}" ] || break
+            echo "${name} ="
+            echo "${value}" |
+                openssl x509 -noout -text |
+                grep "${grep}"
+        done
+        ;;
+    "write")
+        local root="${2}"
+        while true; do
+            index=$((index + 1))
+            name="SPCD_CA_${index}"
+            eval "value=\"\${name}\""
+            [ -n "${value}" ] || break
+            spcd_os_write "${root}/${index}.crt" "${value}"
+        done
+        ;;
+    *) ;;
+    esac
+}
+
 spcd_dns() {
    local index name value
    case "${1}" in
@ -243,19 +273,6 @@ spcd_error_os() {
    exit "${_SPCD_ERROR_OS}"
 }

-# ╭───────────┬─────────╮
-# │ functions │ openssl │
-# ╰───────────┴─────────╯
-
-spcd_openssl_x509() {
-    if [ -f "${1}" ]; then
-        openssl x509 \
-            -in "${1}" \
-            -noout -text |
-            grep "\(After\|Before\|Issuer\|Signature A\|Subject:\)"
-    fi
-}
-
 # ╭───────────┬────╮
 # │ functions │ os │
 # ╰───────────┴────╯
@ -463,6 +480,7 @@ SPCD_PM_ZYPPER="zypper"
 # ╰──────┴─────────────╯

 spcd_step__environment_defaults_print() {
+    spcd_ca "list"
    spcd_dns "list"
    set -- \
        "GIT_RWX" \
@ -1171,7 +1189,7 @@ spcd_step__ca_install_package() {

 spcd_step__ca_write_certificates() {
    spcd_step "Write certificates"
-    local root index text path
+    local root
    case "${SPCD_OS_ID}" in
    "${SPCD_OS_ALMA}" | "${SPCD_OS_FEDORA}" | "${SPCD_OS_ROCKY}")
        root="/etc/pki/ca-trust/source/anchors"
@ -1188,15 +1206,7 @@ spcd_step__ca_write_certificates() {
    *) ;;
    esac
    spcd_os_mkdir "${root}"
-    while true; do
-        index=$((index + 1))
-        eval "text=\"\${SPCD_CA_${index}}\""
-        [ -n "${text}" ] || break
-        path="${root}/${index}.crt"
-        spcd_split
-        spcd_os_write "${path}" "${text}"
-        spcd_openssl_x509 "${path}"
-    done
+    spcd_ca "write" "${root}"
 }

 spcd_step__ca_update_certificates() {