home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
ftp.jcu.edu.au
/
2014.06.ftp.jcu.edu.au.tar
/
ftp.jcu.edu.au
/
v6.3.2b
/
SWBD63
/
fabos-6.3.2b-10.ppc.rpm
/
fabos-6.3.2b.10.cpio.gz
/
fabos-6.3.2b.10.cpio
/
fabos
/
libexec
/
certvalidate
< prev
next >
Wrap
Text File
|
2010-11-10
|
2KB
|
68 lines
#!/bin/sh
#
# Copyright (c) 2006-2008 Brocade Communications Systems, Inc.
# All rights reserved.
#
# File name: certvalidate
# Module name: fabos/src/security/certvalidate.sh
#
# This script validates the certificate against the private key of the switch
#
export PATH=/fabos/sbin:/fabos/bin:/bin:/usr/bin:/sbin:/fabos/cliexec
# commands
OPENSSL_CMD=/usr/bin/openssl
# File locations and suffixes
ROOT_DIR=/etc/fabos
CERT_DIR=$ROOT_DIR/certs/sw0
TMP_DIR=/tmp
CRT_SUFFIX=.crt
CER_SUFFIX=.cer
PEM_SUFFIX=.pem
PVT_KEY_FILE=$CERT_DIR/pvt_key
# usage /fabos/libexec/certValidate <certificate_name>
if [ $# -ne 1 ]; then
exit 1
fi
certFile=$1
cLen=`expr length $certFile`
let dotIndex="$cLen"-3
fileSuffix=`expr substr $certFile $dotIndex $cLen`
if [ ! -f $PVT_KEY_FILE ]; then
exit 1
fi
if [ "$fileSuffix" == "$PEM_SUFFIX" ]; then
$OPENSSL_CMD x509 -in $CERT_DIR/$certFile -inform PEM -outform DER -out $TMP_DIR/$certFile.der > /dev/null 2>&1
if [ $? != 0 ]; then
exit 1
fi
rm $TMP_DIR/$certFile.der
certificate=$CERT_DIR/$certFile
elif [ "$fileSuffix" == "$CER_SUFFIX" ] || [ "$fileSuffix" == "$CRT_SUFFIX" ]; then
$OPENSSL_CMD x509 -in $CERT_DIR/$certFile -inform DER -outform PEM -out $TMP_DIR/$certFile.pem > /dev/null 2>&1
if [ $? != 0 ]; then
exit 1
fi
certificate=$TMP_DIR/$certFile.pem
else
# any other extension is not supported
exit 1
fi
pvtkeyhash=`$OPENSSL_CMD rsa -noout -modulus -in $PVT_KEY_FILE | $OPENSSL_CMD md5`
certkeyhash=`$OPENSSL_CMD x509 -noout -modulus -in $certificate | $OPENSSL_CMD md5`
if [ "$pvtkeyhash" != "$certkeyhash" ]; then
exit 1
fi
exit 0