70 lines
2.1 KiB
Bash
70 lines
2.1 KiB
Bash
#!/bin/sh
|
|
# SPDX-Version: 3.0
|
|
# SPDX-CreationInfo: 2025-06-03; WEIDNER, Marc S.; <msw@coresecret.dev>
|
|
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/draft-weidner-catalog-rr-ext.git
|
|
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
|
|
# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
|
|
# SPDX-FileType: SOURCE
|
|
# SPDX-License-Identifier: EUPL-1.2
|
|
# SPDX-LicenseComment: This file is part of the draft-weidner-catalog-rr-ext framework.
|
|
# SPDX-PackageName: draft-weidner-catalog-rr-ext
|
|
# SPDX-Security-Contact: security@coresecret.eu
|
|
|
|
# Usage:
|
|
# sh build_caa-ct-sts.sh <OWN_DOMAIN> <CA_DOMAIN> <CRIT_FLAG>
|
|
|
|
set -eu
|
|
readonly OWN_DOMAIN="$1"
|
|
readonly CAA_DOMAIN="$2"
|
|
readonly CRIT__FLAG="$3"
|
|
readonly CAA_CTS_TS="caa-ct-sts.${OWN_DOMAIN}.txt"
|
|
case "${CRIT__FLAG}" in
|
|
true|false) ;;
|
|
*) echo "Error: CRIT_FLAG MUST be either 'true' or 'false'." >&2
|
|
exit 1
|
|
;;
|
|
esac
|
|
:> "${CAA_CTS_TS}"
|
|
{ echo "### CAA-CT-STS Policy: $CAA_CTS_TS ###"
|
|
echo "version: CAACTSTSv1"
|
|
echo "max_age: 60"
|
|
} > "${CAA_CTS_TS}"
|
|
JSON=$(curl -fsSL https://www.gstatic.com/ct/log_list/v3/log_list.json)
|
|
readonly JSON
|
|
echo "${JSON}" | awk -v OWN="${OWN_DOMAIN}" -v CA="${CAA_DOMAIN}" -v CRIT="${CRIT__FLAG}" -v OUT="${CAA_CTS_TS}" '
|
|
BEGIN { FS="\""; }
|
|
/{[[:space:]]*"description"/ {
|
|
desc=""; url=""; start=""; endt=""; logid=""; key="";
|
|
}
|
|
/"description":/ {
|
|
desc = $4
|
|
gsub(/\047/, "", desc)
|
|
}
|
|
/"url":/ {
|
|
url = $4
|
|
}
|
|
/"start_inclusive":/ {
|
|
start = $4
|
|
}
|
|
/"end_exclusive":/ {
|
|
endt = $4
|
|
}
|
|
/"log_id":/ {
|
|
logid = $4
|
|
}
|
|
/"key":/ {
|
|
key = $4
|
|
gsub(/\047/, "", key)
|
|
}
|
|
/"end_exclusive":/ {
|
|
if (desc != "" && url != "" && start != "" && logid != "" && key != "") {
|
|
printf "ct_policy: ( \"%s; critical=%s; desc='\''%s'\''; validfrom=%s; validtill=%s; cturi=%s; logid='\''%s'\''; pubkey='\''%s'\'';\" )\n", \
|
|
CA, CRIT, desc, start, endt, url, logid, key \
|
|
>> OUT
|
|
}
|
|
}
|
|
'
|
|
echo "CAA-CT-STS Policy File: '${CAA_CTS_TS}' written."
|
|
exit 0
|
|
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
|