#!/bin/bash
# SSHARK reference implementation (record generating component)
# Version 0.1, released 28 December 2012
# ----- See http://sshark.org/ -----
# Written by Anatole Shaw; ash AT greenhost DOT nl
# Copyright (C)2012 Greenhost VOF; https://greenhost.nl/
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
umask 077
usage () {
echo "USAGE: sshark-gen (|revoked)" >&2
exit 99
}
[[ $# -eq 2 ]] || usage
duration=$2
epoch=$( date +%s )
numeric='^[0-9]+$'
if [[ "$duration" =~ $numeric ]] ; then
expiry=$(($epoch+$duration))
elif [[ "$duration" = "revoked" ]] ; then
expiry=0
else
usage
fi
file=$1
if [[ ! -r ${file} || ! -r ${file}.pub ]] ; then
echo "$0: ${file} or ${file}.pub could not be read"
exit 98
fi
type=$( cat ${file}.pub | awk '{ print $1 }' )
comment=$( cat ${file}.pub | awk '{ print $3 }' )
message="sshark1 serial ${epoch} expiry ${expiry}"
msgf=sshark.txt
echo -n "$message" | sha256sum | awk '{ print $1 }' >$msgf
openssl rsa -in ${file} -text >${file}.pem 2>/dev/null
openssl rsa -in ${file}.pem -pubout >${file}_pub.pem 2>/dev/null
openssl rsautl -sign -inkey ${file}.pem -keyform PEM -in $msgf >sshark.pem
fp=$( ssh-keygen -l -f ${file}.pub | awk '{ print $2 }' | tr -d : )
querybase=$( echo "${type}-${fp}.${comment}." | sed 's/@/._sshark./' )
echo "${querybase} TXT \"${message}\""
base64 sshark.pem | sed -e "s/^/s${epoch}.${querybase} TXT \"sshark1 data /g" -e 's/$/"/g'