define subject id in subject-keygrip.hex

.gitignore

@@ -3,3 +3,4 @@
 *.p12
 *.pem
 *.pfx
+gpgsm-params

Makefile

@@ -1,6 +1,11 @@
-all : cert.der cert.pem cert.openssl-text
+all : gpgsm-params cert.der cert.pem cert.openssl-text
 
-cert.der : gpgsm-batch-params
+gpgsm-params : gpgsm-params-template subject-keygrip.hex
+	./prepare-gpgsm-params --template gpgsm-params-template \
+		--subject-keygrip "$(shell cat subject-keygrip.hex)" \
+		> $@
+
+cert.der : gpgsm-params
 	gpgsm --gen-key --batch --output $@ < $^
 
 cert.pem : cert.der
@@ -9,7 +14,8 @@ cert.pem : cert.der
 cert.openssl-text : cert.pem
 	openssl x509 -in $^ -text > $@
 
-clean : 
+clean :
+	-trash gpgsm-params
 	-trash cert.der
 	-trash cert.pem
 	-trash cert.openssl-text

gpgsm-batch-params → gpgsm-params-template

@@ -1,12 +1,12 @@
 Key-Type: RSA
 # Key-Length: 2048
-Key-Grip: 6C1DEF614EB6B631FAFB6A90B85D0352001BF1C3
+Key-Grip: {subject-keygrip}
 Key-Usage: sign
 Serial: random
 Name-DN: CN=client,C=AT
 Hash-Algo: SHA256
 Issuer-DN: CN=Fabian Peter Hammerle,C=AT
-Subject-Key-Id: 6C1DEF614EB6B631FAFB6A90B85D0352001BF1C3
+Subject-Key-Id: {subject-keygrip}
 Signing-Key: C2E04B00B3F087DB143B4BB6411813BA220ED4BA
 Authority-Key-Id: C2E04B00B3F087DB143B4BB6411813BA220ED4BA
 # X509v3 Basic Constraints: critical

prepare-gpgsm-params

@@ -0,0 +1,45 @@
+#!/usr/bin/env python3
+# PYTHON_ARGCOMPLETE_OK
+
+
+def fill_template(template, subject_keygrip):
+
+    print(template.read().strip().format(**{
+        'subject-keygrip': subject_keygrip,
+    }))
+
+
+def _init_argparser():
+
+    import argparse
+    argparser = argparse.ArgumentParser(description=None)
+    argparser.add_argument(
+        '--template',
+        type=argparse.FileType('r'),
+        required=True,
+    )
+    argparser.add_argument(
+        '--subject-keygrip',
+        type=str,
+        required=True,
+    )
+    return argparser
+
+
+def main(argv):
+
+    argparser = _init_argparser()
+    try:
+        import argcomplete
+        argcomplete.autocomplete(argparser)
+    except ImportError:
+        pass
+    args = argparser.parse_args(argv)
+
+    fill_template(**vars(args))
+
+    return 0
+
+if __name__ == "__main__":
+    import sys
+    sys.exit(main(sys.argv[1:]))

subject-keygrip.hex

@@ -0,0 +1 @@
+6C1DEF614EB6B631FAFB6A90B85D0352001BF1C3