draft-weidner-catalog-rr-ext/Appendix/build_caa_records.sh

#!/bin/sh
# SPDX-Version: 3.0
# SPDX-CreationInfo: 2025-06-03; WEIDNER, Marc S.; <msw@coresecret.dev>
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/draft-weidner-catalog-rr-ext.git
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
# SPDX-FileType: SOURCE
# SPDX-License-Identifier: EUPL-1.2
# SPDX-LicenseComment: This file is part of the draft-weidner-catalog-rr-ext framework.
# SPDX-PackageName: draft-weidner-catalog-rr-ext
# SPDX-Security-Contact: security@coresecret.eu

# Usage:
#   sh build_caa_records.sh <OWN_DOMAIN> <CA_DOMAIN> <CRIT_FLAG>

set -eu
readonly OWN_DOMAIN="$1"
readonly CAA_DOMAIN="$2"
readonly CRIT__FLAG="$3"
readonly ZONE__FILE="zone_${OWN_DOMAIN}_CAA.txt"
case "${CRIT__FLAG}" in
  true|false) ;;
  *) echo "Error: CRIT_FLAG MUST be either 'true' or 'false'." >&2
    exit 1
    ;;
esac
:> "${ZONE__FILE}"
JSON=$(curl -fsSL https://www.gstatic.com/ct/log_list/v3/log_list.json)
readonly JSON
echo "${JSON}" | awk -v OWN="${OWN_DOMAIN}" -v CA="${CAA_DOMAIN}" -v CRIT="${CRIT__FLAG}" -v OUT="${ZONE__FILE}" '
  BEGIN { FS="\""; }
  /{[[:space:]]*"description"/ {
    desc=""; url=""; start=""; endt=""; logid=""; key="";
  }
  /"description":/ {
    desc = $4
    gsub(/\047/, "", desc)
  }
  /"url":/ {
    url = $4
  }
  /"start_inclusive":/ {
    start = $4
  }
  /"end_exclusive":/ {
    endt = $4
  }
  /"log_id":/ {
    logid = $4
  }
  /"key":/ {
    key = $4
    gsub(/\047/, "", key)
  }
  /"end_exclusive":/ {
    if (desc != "" && url != "" && start != "" && logid != "" && key != "") {
      printf "%s. 60 IN CAA 0 issuect ( \"%s; critical=%s; desc='\''%s'\''; validfrom=%s; validtill=%s; cturi=%s; logid='\''%s'\''; pubkey='\''%s'\'';\" )\n", \
        OWN, CA, CRIT, desc, start, endt, url, logid, key \
      >> OUT
    }
  }
'
echo "Bind9 zone-file: '${ZONE__FILE}' written."
exit 0
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh