Adding spkac support

author: Joe Rayhawk <jrayhawk@omgwallhack.org> 2011-12-08 01:40:11 -0800
committer: Joe Rayhawk <jrayhawk@omgwallhack.org> 2011-12-08 01:40:11 -0800
commit: 9f1ba206a6e5fb68680934b244f1a9377e894682 (patch)
tree: 815ad5c678fca75111b53c76d77ddf899299e9ef
parent: d3f19b5655b794b7c58f8dd5f765125f590f0d8c (diff)
download: cash-9f1ba206a6e5fb68680934b244f1a9377e894682.tar.gz
cash-9f1ba206a6e5fb68680934b244f1a9377e894682.zip
1 files changed, 7 insertions, 1 deletions
diff --git a/signcsr.sh b/signcsr.sh
index 5684f6a..ca50b22 100755
--- a/signcsr.sh
+++ b/signcsr.sh
@@ -28,7 +28,13 @@ fi
 # Gen signed key
 mkdir -pv "$CA"/signed "$CA"/temp "$CA"/certs
 SERIAL=$(cat "$CA"/ca/"$CA".serial)
-openssl ca -config "$OPENSSL_CONFIG" -in "$1"
+
+if [[ "$1" =~ \.spkac$ ]]; then # SPKAC HTML5 <keygen> standard
+  openssl ca -config "$OPENSSL_CONFIG" -spkac "$1" -notext
+else # x509 CSR
+  openssl ca -config "$OPENSSL_CONFIG" -in "$1"
+fi
+
 if [ -e "$CA"/certs/"$SERIAL".pem ]; then # openssl lacks useful exit status codes, so we check to see if it actually did anything instead.
   mv -i "$1" "$CA"/signed/$NAME.csr
   ln "$CA"/certs/"$SERIAL".pem "$CA"/signed/"$NAME".crt # so we can find the certificate by name as well as serial
author	Joe Rayhawk <jrayhawk@omgwallhack.org>	2011-12-08 01:40:11 -0800
committer	Joe Rayhawk <jrayhawk@omgwallhack.org>	2011-12-08 01:40:11 -0800
commit	9f1ba206a6e5fb68680934b244f1a9377e894682 (patch)
tree	815ad5c678fca75111b53c76d77ddf899299e9ef
parent	d3f19b5655b794b7c58f8dd5f765125f590f0d8c (diff)
download	cash-9f1ba206a6e5fb68680934b244f1a9377e894682.tar.gz cash-9f1ba206a6e5fb68680934b244f1a9377e894682.zip