SecurityTests/clxutils/anchorTest/buildCertKeychains

   1 #! /bin/csh -f
   2 #
   3 # Build a new X509Anchors or X509Certificates file from all of the certs in
   4 # specified directory.
   5 #
   6 if ( $#argv != 2 ) then
   7         echo Usage: buildX509Anchors anchors\|certs anchor_dir
   8         exit(1)
   9 endif
  10
  11 set KCDIR=/System/Library/Keychains
  12 set CERTSDIR=$argv[2]
  13 set SECTOOL=/usr/bin/security
  14
  15 switch ( "$argv[1]" )
  16         case anchors:
  17                 set KCFILE=$KCDIR/X509Anchors
  18                 set KCFILE_BACK=$KCDIR/X509Anchors_old
  19                 set KC_PWD=X509Anchors
  20                 breaksw
  21         case certs:
  22                 set KCFILE=$KCDIR/X509Certificates
  23                 set KCFILE_BACK=$KCDIR/X509Certificates_old
  24                 set KC_PWD=X509Certificates
  25                 breaksw
  26         default:
  27         echo Usage: buildX509Anchors anchors\|certs anchor_dir
  28         exit(1)
  29 endsw
  30
  31 if ( -e $KCFILE ) then
  32         echo Saving old $KCFILE...
  33         set cmd="rm -f $KCFILE_BACK"
  34         echo $cmd
  35         $cmd || exit(1)
  36         set cmd="mv $KCFILE $KCFILE_BACK"
  37         echo $cmd
  38         $cmd || exit(1)
  39 else
  40         echo Warning: no existing $KCFILE!
  41 endif
  42
  43 set cmd="$SECTOOL create-keychain -p $KC_PWD $KCFILE"
  44 $cmd || exit(1)
  45
  46 set cmd="cd $CERTSDIR"
  47 echo $cmd
  48 $cmd || exit(1)
  49 foreach i (*)
  50         if( ( -f "$i" )  && ( "$i" != X509Anchors) ) then
  51                 set cmd="$SECTOOL add-certificate -k $KCFILE $i"
  52                 echo $cmd
  53                 $SECTOOL add-certificate -k $KCFILE "$i" || exit(1)
  54         endif
  55 end
  56 echo .../Complete.