vgisc-rsa-4096/scripts/gen_crypto_key_xml-3.3.2.sh

#!/bin/bash
################################################################################
# Intended use: Simple shell script to create certs (RSA or EC)
#
# Notes: This script support Linux Bash shell script only
# Install Bash from https://www.gnu.org/software/bash/
#
# Copyright (C) 2015 - 2023, VGISC Dev Team <dev@vgisc.com>
################################################################################

filepath=`readlink -f $0`
SCRIPT_DIR=`dirname $filepath`
basedir=$SCRIPT_DIR/..
FLAG_EC=0

DEV_SRC_DIR="/vgisc/6t/CT129/Dev"
OPENSSL_BIN="$DEV_SRC_DIR/BML/src/rls/3.3.2/rootfs/opt/vgisc/usr/linux-x86_64/bin/openssl"
OPENSSL_LIB="$DEV_SRC_DIR/BML/src/rls/3.3.2/rootfs/opt/vgisc/usr/linux-x86_64/lib"
TEST_OPENSSL_BIN="$OPENSSL_BIN"
COMMON_ARGS="-batch"
export LD_LIBRARY_PATH="$OPENSSL_LIB:$LD_LIBRARY_PATH"

ROOT_CA_DIR="$basedir/root-ca"
SUB_CA_DIR="$basedir/sub-ca"
SERVER_DIR="$basedir/server"
SERVER_DIR="$basedir/server"
CLIENT_DIR="$basedir/client"
DEST_DOMAIN="vgisc.com"
DEST_DIR="$basedir/${DEST_DOMAIN}"

ROOT_CA_CERT="$basedir/root-ca/root-ca.crt"
SUB_CA_CERT="$basedir/sub-ca/sub-ca.crt"

XML_DIR="$basedir/xml"
PKI_PARAM_XML="$basedir/xml/crypto_key.xml"

mkdir -p ${XML_DIR}

i=1
NUM=20

echo "==========================================================="
echo "Generating pki_param file ${PKI_PARAM_XML}..."
echo "==========================================================="
echo ""

echo -e "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" > ${PKI_PARAM_XML}
echo -e "<!-- crypto_key.xml - The cryptographic keys configuration file for the security device." >> ${PKI_PARAM_XML}
echo -e "Use the \"inms_command\" utility to edit. Manual editing is not recommended." >> ${PKI_PARAM_XML}
echo -e "--> " >> ${PKI_PARAM_XML}
echo -e "<crypto_key>" >> ${PKI_PARAM_XML}
echo -e " <config_info>" >> ${PKI_PARAM_XML}
echo -e "  <config_version>${CONFIG_VERSION}</config_version>" >> ${PKI_PARAM_XML}
TIMESTAMP=`date +"%Y-%m-%d %H:%M:%S"`
echo -e "  <config_file_timestamp>${TIMESTAMP}</config_file_timestamp>" >> ${PKI_PARAM_XML}
echo -e "  <config_device_id>1</config_device_id>" >> ${PKI_PARAM_XML}
echo -e " </config_info>" >> ${PKI_PARAM_XML}


echo -e " <keys>" >> ${PKI_PARAM_XML}

TIMESTAMP=`date +"%Y-%m-%d %H:%M:%S"`
echo -e "  <item name=\"root-ca.vgisc.com.crt\" enabled=\"1\" type=\"cacert\" algo=\"RSA\" key_size=\"4096\" content_type=\"pem\" use_for=\"\" update_time=\"${TIMESTAMP}\">" >> ${PKI_PARAM_XML}
${OPENSSL_BIN} x509 -in ${ROOT_CA_CERT} >> ${PKI_PARAM_XML}
echo -e "  </item>" >> ${PKI_PARAM_XML}
TIMESTAMP=`date +"%Y-%m-%d %H:%M:%S"`
echo -e "  <item name=\"sub-ca.vgisc.com.crt\" type=\"cacert\" algo=\"RSA\" key_size=\"4096\" content_type=\"pem\" use_for=\"\" update_time=\"${TIMESTAMP}\">" >> ${PKI_PARAM_XML}
${OPENSSL_BIN} x509 -in ${SUB_CA_CERT} >> ${PKI_PARAM_XML}
echo -e "  </item>" >> ${PKI_PARAM_XML}

i=1
while [ $i -le $NUM ]
do
	TIMESTAMP=`date +"%Y-%m-%d %H:%M:%S"`
	echo -e "  <item name=\"client-$i.vgisc.com.crt\" enabled=\"1\" type=\"cert\" algo=\"RSA\" key_size=\"4096\" content_type=\"pem\" use_for=\"\" update_time=\"${TIMESTAMP}\">" >> ${PKI_PARAM_XML}
	${OPENSSL_BIN} x509 -in ${CLIENT_DIR}/client-$i.vgisc.com.crt >> ${PKI_PARAM_XML}
	echo -e "  </item>" >> ${PKI_PARAM_XML}
	i=`expr $i + 1`
done

i=1
while [ $i -le $NUM ]
do
	TIMESTAMP=`date +"%Y-%m-%d %H:%M:%S"`
	echo -e "  <item name=\"client-$i.vgisc.com.key\" enabled=\"1\" type=\"key\" algo=\"RSA\" key_size=\"4096\" content_type=\"mkc4b.b64\" use_for=\"\" update_time=\"${TIMESTAMP}\">" >> ${PKI_PARAM_XML}
	cat ${CLIENT_DIR}/client-$i.vgisc.com.mkc4b.b64 >> ${PKI_PARAM_XML}
	echo -e "  </item>" >> ${PKI_PARAM_XML}
	i=`expr $i + 1`
done
echo -e " </keys>" >> ${PKI_PARAM_XML}
echo -e "</crypto_key>" >> ${PKI_PARAM_XML}
    
echo "All Done"
################################################################################
#					BASH SCRIPT ON LINUX/UNIX - END
################################################################################