# zeasypki -- easy PKI
# Copyright (C) 2022-2024 Sergey Matveev <stargrave@stargrave.org>
-set -e
+setopt ERR_EXIT PIPE_FAIL
COUNTRY=${COUNTRY:-RU}
zmodload zsh/mapfile
key_get() {
- [[ -s $1/key.pem ]] &&
- REPLY=`< ${1}/key.pem` ||
+ if [[ -s $1/key.pem ]] ; then
+ REPLY=`< ${1}/key.pem`
+ else
REPLY=`key_decrypt < ${1}/key.pem.enc`
+ fi
}
certtool_genkey() {
domain=$3
dst=ca/$algo/$domain
zf_mkdir -p $dst
- [[ -s $dst/key.pem ]] && {
+ [[ ! -s $dst/key.pem ]] || {
print $dst/key.pem already exists >&2
exit 1
}
dst=ee/$algo/$ca/$domain
[[ $dst = $2 ]]
zf_mkdir -p $dst
- [[ -s $dst/key.pem ]] && {
+ [[ ! -s $dst/key.pem ]] || {
print $dst/key.pem already exists >&2
exit 1
}
export LC_ALL=C
for cer (**/cer.pem) {
certtool --certificate-info < $cer | while read line ; do
- [[ $line =~ "^Not After: .*" ]] && break
+ [[ ! $line =~ "^Not After: .*" ]] || break
done
[[ $MATCH ]]
# Not After: Sat Jul 02 10:02:29 UTC 2022