Check-in [1847ef7af2]
Overview
Comment:Updated to build a certificate chain to a root (atleast one) and also not have loops in chains
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | piv
Files: files | file ages | folders
SHA1:1847ef7af2a89b56508468e20001dc19375aa791
User & Date: rkeene on 2013-01-15 18:44:50
Other Links: manifest | tags
Context
2013-01-15
18:48
Updated built-in certs, and added script to rebuild built-in certs check-in: 2c8ab6e8d0 user: rkeene tags: piv
18:44
Updated to build a certificate chain to a root (atleast one) and also not have loops in chains check-in: 1847ef7af2 user: rkeene tags: piv
15:59
Updated to use BER-TLV decoding to extract responses rather than hard-coded offsets check-in: ab26dec401 user: rkeene tags: piv
Changes

Modified build/certs/federal/Makefile from [f3527cc8d2] to [cb6b7e3e05].

     1      1   all: cert-1.crt CPCA_TRCA.crt
            2  +	grep -l 'Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA' *.crt | xargs rm -f
            3  +	grep -l 'Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA' *.crt | xargs grep -l 'Issuer: C=US, O=U.S. Government, OU=Department of the Treasury, OU=Certification Authorities, OU=US Treasury Root CA' | xargs rm -f
     2      4   
     3      5   CPCA_TRCA.crt:
     4      6   	wget -O - --no-check-certificate https://pki.treas.gov/CPCA_TRCA.cer | openssl x509 -text > "$@.new"
     5      7   	mv "$@.new" "$@"
     6      8   
     7      9   caCertsIssuedTofcpca.p7c:
     8     10   	wget -O "$@.new" http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c
................................................................................
    22     24   			continue; \
    23     25   		fi; \
    24     26   		echo "$${line}" >> "cert-$${idx}.crt"; \
    25     27   		if [ "$${line}" == "-----END CERTIFICATE-----" ]; then \
    26     28   			idx=$$[$$idx + 1]; \
    27     29   		fi; \
    28     30   	done
    29         -	grep -l 'Subject: C=US, O=U.S. Government, OU=Department of the Treasury, OU=Certification Authorities, OU=US Treasury Root CA' cert-*.crt | xargs rm -f
    30     31   
    31     32   clean:
    32     33   	rm -f cert-*.crt
    33     34   	rm -f CPCA_TRCA.crt.new root_sia.p7b.new caCertsIssuedTofcpca.p7c.new
    34     35   
    35     36   distclean: clean
    36     37   	rm -f CPCA_TRCA.crt root_sia.p7b caCertsIssuedTofcpca.p7c