Raise copyright years

[zeasypki.git] / zeasypki

diff --git a/zeasypki b/zeasypki
index f9693fc1ec3dfd3139d1e93a2fd61b722c8d022a..f91c616e29e2b4a94517d641d4cdc3b05c04bd28 100755 (executable)
--- a/zeasypki
+++ b/zeasypki
@@ -1,10 +1,9 @@
 #!/usr/bin/env zsh
 # zeasypki -- easy PKI
-# Copyright (C) 2022-2023 Sergey Matveev <stargrave@stargrave.org>
+# Copyright (C) 2022-2024 Sergey Matveev <stargrave@stargrave.org>
 
 set -e
 
-KEY_ENCRYPT_RECIPIENT=${KEY_ENCRYPT_RECIPIENT:-12AD32689C660D426967FD75CB8205632107AD8A}
 COUNTRY=${COUNTRY:-RU}
 
 path=(
@@ -14,11 +13,11 @@ path=(
 )
 
 key_encrypt() {
-    gpg --encrypt --recipient $KEY_ENCRYPT_RECIPIENT
+    age -R ~/.age/general.pub
 }
 
 key_decrypt() {
-    gpg --decrypt
+    age -d -i ~/.age/general.age
 }
 
 # ------------------------ >8 ------------------------
@@ -61,7 +60,6 @@ ca_new_xdsa() {
     trap "rm -f $key $tmpl $cert" HUP PIPE INT QUIT TERM EXIT
     cat > $tmpl <<EOF
 dn = "cn=$domain,c=$COUNTRY"
-serial = 1
 expiration_days = 3650
 ca
 cert_signing_key
@@ -158,7 +156,6 @@ ca_new_gost() {
         -ca \
         -cn $domain \
         -country $COUNTRY \
-        -serial 1 \
         -ai 512C \
         -out-key $key \
         -out-cert $cert
@@ -249,7 +246,7 @@ case $1 in
     export LC_ALL=C
     for cer (**/cer.pem) {
         certtool --certificate-info < $cer | while read line ; do
-            [[ $line =~ "^\s*Not After: .*" ]] && break
+            [[ $line =~ "^Not After: .*" ]] && break
         done
         [[ $MATCH ]]
         # Not After: Sat Jul 02 10:02:29 UTC 2022