diff options
| author | tv <tv@krebsco.de> | 2026-01-21 04:41:48 +0100 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2026-01-21 04:41:48 +0100 |
| commit | 688cda3018b8371438fac7ba445d81ece6f0bcd0 (patch) | |
| tree | 8a5f5413d72411086ff9518716ab5b4b88ca1fcc | |
| parent | e8790c7eafb532cc720c30235a94590deca935db (diff) | |
certaids: emigrate
| -rw-r--r-- | krebs/5pkgs/simple/certaids.nix | 114 |
1 files changed, 0 insertions, 114 deletions
diff --git a/krebs/5pkgs/simple/certaids.nix b/krebs/5pkgs/simple/certaids.nix deleted file mode 100644 index 094868680..000000000 --- a/krebs/5pkgs/simple/certaids.nix +++ /dev/null @@ -1,114 +0,0 @@ -{ pkgs }: - -let - cert2json = pkgs.writeDash "cert2json" '' - # usage: cert2json < CERT > JSON - set -efu - - ${pkgs.openssl}/bin/openssl crl2pkcs7 -nocrl -certfile /dev/stdin | - ${pkgs.openssl}/bin/openssl pkcs7 -print_certs -text | - ${pkgs.gawk}/bin/awk -F, -f ${pkgs.writeText "cert2json.awk" '' - function abort(msg) { - print(msg) > "/dev/stderr" - exit 1 - } - - function toJSON(x, type, ret) { - type = typeof(x) - switch (type) { - case "array": - if (isArray(x)) return arrayToJSON(x) - if (isObject(x)) return objectToJSON(x) - abort("cannot render array to JSON", x) - case "number": - return numberToJSON(x) - case "string": - return stringToJSON(x) - case "strnum": - case "unassigned": - case "regexp": - case "untyped": - default: - abort("cannot render type: " type) - } - } - - function isArray(x, i, k) { - i = 1 - for (k in x) { - if (k != i++) return 0 - i++ - } - return 1 - } - - function isObject(x, k) { - for (k in x) { - if (typeof(k) != "string") return 0 - } - return 1 - } - - function arrayToJSON(x, k, ret) { - ret = "[" - for (k in x) { - ret=ret toJSON(x[k]) "," - } - sub(/,$/,"",ret) - ret=ret "]" - return ret - } - - function objectToJSON(x, k,ret) { - ret = "{" - for (k in x) { - ret = ret toJSON(k) ":" toJSON(x[k]) "," - } - sub(/,$/, "", ret) - ret = ret "}" - return ret - } - - function numberToJSON(x) { - return x - } - - function stringToJSON(x) { - gsub(/\\/, "&&",x) - gsub(/\n/, "\\n", x) - return "\"" x "\"" - } - - $1 ~ /^ *(Subject|Issuer):/ { - sub(/^ */, "") - sub(/: */, ",") - key=tolower($1) - sub(/[^,]*,/, "") - - # Normalize separators between relative distinguished names. - # [1]: RFC2253, 3. Parsing a String back to a Distinguished Name - # TODO support any distinguished name - gsub(/ *[;,] */, ",") - - for(i = 0; i <= NF; i++) { - split($i, a, "=") - cache[key][a[1]] = a[2] - } - } - - /BEGIN CERTIFICATE/,/END CERTIFICATE/{ - cache["certificate"] = cache["certificate"] $0 "\n" - } - - /END CERTIFICATE/{ - print toJSON(cache) - delete cache - } - ''} - ''; -in - -pkgs.runCommand "certaids" {} '' - mkdir -p $out/bin - ln -s ${cert2json} $out/bin/cert2json -'' |