Skip to content

Commit a7f3bc2

Browse files
aentingeraentinger
committed
Extract constant openssl x509 parameters into variable to avoid duplication by copy.
1 parent 0d7c462 commit a7f3bc2

File tree

2 files changed

+518
-13
lines changed

2 files changed

+518
-13
lines changed

tools/nina-fw-create-roots.sh

Lines changed: 15 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -19,82 +19,84 @@ do
1919
is_cybertrust=$(openssl x509 -in $filename -text -nocert | grep "O = \"Cybertrust, Inc\"")
2020
is_usertrust=$(openssl x509 -in $filename -text -nocert | grep "O = The USERTRUST Network")
2121

22+
openssl_opts="-text -certopt no_header,no_pubkey,no_subject,no_issuer,no_signame,no_version,no_serial,no_validity,no_extensions,no_sigdump,no_aux,no_extensions"
23+
2224
if [ ! -z "$is_amazon" ]
2325
then
2426
echo $is_amazon
25-
openssl x509 -in $filename -text -certopt no_header,no_pubkey,no_subject,no_issuer,no_signame,no_version,no_serial,no_validity,no_extensions,no_sigdump,no_aux,no_extensions >> roots.pem
27+
openssl x509 -in $filename $openssl_opts >> roots.pem
2628
fi
2729

2830
if [ ! -z "$is_google" ]
2931
then
3032
echo $is_google
31-
openssl x509 -in $filename -text -certopt no_header,no_pubkey,no_subject,no_issuer,no_signame,no_version,no_serial,no_validity,no_extensions,no_sigdump,no_aux,no_extensions >> roots.pem
33+
openssl x509 -in $filename $openssl_opts >> roots.pem
3234
fi
3335

3436
if [ ! -z "$is_comodo_uppercase" ]
3537
then
3638
echo $is_comodo_uppercase
37-
openssl x509 -in $filename -text -certopt no_header,no_pubkey,no_subject,no_issuer,no_signame,no_version,no_serial,no_validity,no_extensions,no_sigdump,no_aux,no_extensions >> roots.pem
39+
openssl x509 -in $filename $openssl_opts >> roots.pem
3840
fi
3941

4042
if [ ! -z "$is_comodo" ]
4143
then
4244
echo $is_comodo
43-
openssl x509 -in $filename -text -certopt no_header,no_pubkey,no_subject,no_issuer,no_signame,no_version,no_serial,no_validity,no_extensions,no_sigdump,no_aux,no_extensions >> roots.pem
45+
openssl x509 -in $filename $openssl_opts >> roots.pem
4446
fi
4547

4648
if [ ! -z "$is_digicert" ]
4749
then
4850
echo $is_digicert
49-
openssl x509 -in $filename -text -certopt no_header,no_pubkey,no_subject,no_issuer,no_signame,no_version,no_serial,no_validity,no_extensions,no_sigdump,no_aux,no_extensions >> roots.pem
51+
openssl x509 -in $filename $openssl_opts >> roots.pem
5052
fi
5153

5254
if [ ! -z "$is_isrg" ]
5355
then
5456
echo $is_isrg
55-
openssl x509 -in $filename -text -certopt no_header,no_pubkey,no_subject,no_issuer,no_signame,no_version,no_serial,no_validity,no_extensions,no_sigdump,no_aux,no_extensions >> roots.pem
57+
openssl x509 -in $filename $openssl_opts >> roots.pem
5658
fi
5759

5860
if [ ! -z "$is_verisign" ]
5961
then
6062
echo $is_verisign
61-
openssl x509 -in $filename -text -certopt no_header,no_pubkey,no_subject,no_issuer,no_signame,no_version,no_serial,no_validity,no_extensions,no_sigdump,no_aux,no_extensions >> roots.pem
63+
openssl x509 -in $filename $openssl_opts >> roots.pem
6264
fi
6365

6466
if [ ! -z "$is_baltimore" ]
6567
then
6668
echo $is_baltimore
67-
openssl x509 -in $filename -text -certopt no_header,no_pubkey,no_subject,no_issuer,no_signame,no_version,no_serial,no_validity,no_extensions,no_sigdump,no_aux,no_extensions >> roots.pem
69+
openssl x509 -in $filename $openssl_opts >> roots.pem
6870
fi
6971

7072
if [ ! -z "$is_globalsign" ]
7173
then
7274
echo $is_globalsign
73-
openssl x509 -in $filename -text -certopt no_header,no_pubkey,no_subject,no_issuer,no_signame,no_version,no_serial,no_validity,no_extensions,no_sigdump,no_aux,no_extensions >> roots.pem
75+
openssl x509 -in $filename $openssl_opts >> roots.pem
7476
fi
7577

7678
if [ ! -z "$is_starfield" ]
7779
then
7880
echo $is_starfield
79-
openssl x509 -in $filename -text -certopt no_header,no_pubkey,no_subject,no_issuer,no_signame,no_version,no_serial,no_validity,no_extensions,no_sigdump,no_aux,no_extensions >> roots.pem
81+
openssl x509 -in $filename $openssl_opts >> roots.pem
8082
fi
8183

8284
if [ ! -z "$is_dst" ]
8385
then
8486
echo $is_dst
85-
openssl x509 -in $filename -text -certopt no_header,no_pubkey,no_subject,no_issuer,no_signame,no_version,no_serial,no_validity,no_extensions,no_sigdump,no_aux,no_extensions >> roots.pem
87+
openssl x509 -in $filename $openssl_opts >> roots.pem
8688
fi
8789

8890
if [ ! -z "$is_cybertrust" ]
8991
then
9092
echo $is_cybertrust
91-
openssl x509 -in $filename -text -certopt no_header,no_pubkey,no_subject,no_issuer,no_signame,no_version,no_serial,no_validity,no_extensions,no_sigdump,no_aux,no_extensions >> roots.pem
93+
openssl x509 -in $filename $openssl_opts >> roots.pem
9294
fi
9395

9496
if [ ! -z "$is_usertrust" ]
9597
then
9698
echo $is_usertrust
97-
openssl x509 -in $filename -text -certopt no_header,no_pubkey,no_subject,no_issuer,no_signame,no_version,no_serial,no_validity,no_extensions,no_sigdump,no_aux,no_extensions >> roots.pem
99+
openssl x509 -in $filename $openssl_opts >> roots.pem
98100
fi
99101

100102
done

0 commit comments

Comments
 (0)