-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathstep_3_check_example_cert_and_crl_dates.sh
executable file
·156 lines (137 loc) · 4.47 KB
/
step_3_check_example_cert_and_crl_dates.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
#!/bin/sh
#####################################################################
######################## Functions ##################################
#####################################################################
# Function return twice
r_2() {
echo ""
echo ""
}
# Function set failure status and exit
set_failure() {
echo "#===================================================================#"
echo "Step 3: Failed"
echo "#===================================================================#"
exit $1
}
# Function assign a number based on Month
month_by_num() {
if [ "$1" = "Jan" ]; then
MONTH=1
elif [ "$1" = "Feb" ]; then
MONTH=2
elif [ "$1" = "Mar" ]; then
MONTH=3
elif [ "$1" = "Apr" ]; then
MONTH=4
elif [ "$1" = "May" ]; then
MONTH=5
elif [ "$1" = "Jun" ]; then
MONTH=6
elif [ "$1" = "Jul" ]; then
MONTH=7
elif [ "$1" = "Aug" ]; then
MONTH=8
elif [ "$1" = "Sep" ]; then
MONTH=9
elif [ "$1" = "Oct" ]; then
MONTH=10
elif [ "$1" = "Nov" ]; then
MONTH=11
elif [ "$1" = "Dec" ]; then
MONTH=12
else
# default case: exit with failure
echo "Month not found."
set_failure 5
fi
}
# Function ensure year is an integer value
verify_year() {
TEST_AGAINST='^[0-9]+$'
if ! [[ $1 =~ $TEST_AGAINST ]]; then
VERIFY_YEAR=0
else
VERIFY_YEAR=1
fi
}
# Function double check the year if still incorrect fail
verify_year_fail() {
if ! [[ $1 =~ $TEST_AGAINST ]]; then
echo "Could not correctly extract the year"
echo "The year identified was: $CHECK_YEAR"
set_failure 5
fi
}
# Function process date in the line read from the grep result
process_date() {
# Extract just the date from the line containing the "Not After" date
E_DATE=`echo "$1" | rev | cut -f1-3 -d: | rev`
# Extract just the month from the extracted date
CHECK_MONTH=`echo "$E_DATE" | cut -f1-2 -d ' ' | rev | cut -f1 -d ' ' | rev`
month_by_num $CHECK_MONTH
CHECK_MONTH_NUM=$MONTH
# Extract just the year from the extracted date
CHECK_YEAR=`echo "$E_DATE" | cut -f1-5 -d ' ' | rev | cut -f1 -d ' ' | rev`
# Due to format discrepancies we should verify we got the year
verify_year $CHECK_YEAR
if [ $VERIFY_YEAR -eq 0 ]; then
echo "BAD YEAR FOUND: $CHECK_YEAR"
CHECK_YEAR=`echo "$E_DATE" | cut -f1-6 -d ' ' | rev | cut -f1 -d ' ' \
| rev`
echo "NEW CHECK_YEAR: $CHECK_YEAR"
verify_year_fail $CHECK_YEAR
fi
# Process the date
DIFF_YEAR=$(( CHECK_YEAR - NOW_YEAR ))
if [ $CHECK_MONTH_NUM -gt $NOW_MONTH_NUM ]; then
DIFF_MONTH=$(( CHECK_MONTH_NUM - NOW_MONTH_NUM ))
else
DIFF_MONTH=$(( NOW_MONTH_NUM - CHECK_MONTH_NUM))
fi
if [ $DIFF_YEAR -eq 0 ]; then
if [ $DIFF_MONTH -le 4 ] && [ $DIFF_MONTH -ge 0 ]; then
echo "Certificates need to be updated"
set_failure 5
else
echo "Certificate will expire in $DIFF_MONTH months"
fi
else
if [ $DIFF_YEAR -lt 0 ]; then
echo "This must be one of the expired certificates used for testing."
echo "$1"
else
echo "Certificate will expire in $DIFF_YEAR year(s) and $DIFF_MONTH month(s)"
fi
fi
}
#####################################################################
###################### End Functions ################################
#####################################################################
echo "#===================================================================#"
echo "Step 3: Begin"
echo "#===================================================================#"
CURR_DIR=`pwd`
NOW_YEAR="$(date +'%Y')"
echo "The current year is: $NOW_YEAR"
NOW_MONTH="$(date +'%b')"
echo "The current month is: $NOW_MONTH"
month_by_num $NOW_MONTH
NOW_MONTH_NUM=$MONTH
echo "Current month in decimal format is: $NOW_MONTH_NUM"
# Extract the expiration dates for certificates
grep -r "$CURR_DIR/wolfssl/certs/" -e "Not After" | while read -r line; do
# echo "$line"
process_date "$line"
done
line=""
# Extract the expiration dates for crl's
grep -r "$CURR_DIR/wolfssl/certs/" -e "Next Update" | while read -r line; do
process_date "$line"
done
echo "#===================================================================#"
echo "Step 3: Success"
echo "#===================================================================#"
r_2
r_2
exit 0