From a51a83fb721b7de3c983429b0bb8cbea81aa2b78 Mon Sep 17 00:00:00 2001
From: Guenther Meyer <g.meyer@signum-media.de>
Date: Fri, 21 Jul 2023 11:59:56 +0200
Subject: [PATCH 1/3] remove unnecessary bash dependency

---
 kuksa_certificates/genCerts.sh               | 2 +-
 kuksa_certificates/jwt/recreateJWTkeyPair.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/kuksa_certificates/genCerts.sh b/kuksa_certificates/genCerts.sh
index 2106fe269..d9ae8708c 100755
--- a/kuksa_certificates/genCerts.sh
+++ b/kuksa_certificates/genCerts.sh
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
 
 
 genCAKey() {
diff --git a/kuksa_certificates/jwt/recreateJWTkeyPair.sh b/kuksa_certificates/jwt/recreateJWTkeyPair.sh
index dd9be9b1f..c71e61724 100755
--- a/kuksa_certificates/jwt/recreateJWTkeyPair.sh
+++ b/kuksa_certificates/jwt/recreateJWTkeyPair.sh
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
 
 # Copyright Robert Bosch GmbH, 2020. Part of the Eclipse Kuksa Project.
 #

From 2860b4fdac7827b39b0360eaa942793fff749dbb Mon Sep 17 00:00:00 2001
From: Guenther Meyer <g.meyer@signum-media.de>
Date: Fri, 21 Jul 2023 15:00:13 +0200
Subject: [PATCH 2/3] fixed bashisms

---
 kuksa_certificates/genCerts.sh               | 5 ++++-
 kuksa_certificates/jwt/recreateJWTkeyPair.sh | 6 +++---
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/kuksa_certificates/genCerts.sh b/kuksa_certificates/genCerts.sh
index d9ae8708c..3ec19214c 100755
--- a/kuksa_certificates/genCerts.sh
+++ b/kuksa_certificates/genCerts.sh
@@ -23,9 +23,12 @@ genKey() {
 # as some TLS client integrations cannot handle name verification towards IP-addresses
 # (Only client for now in KUKSA.val that has problem with IP host validation is the kuksa-client gRPC integration)
 genCert() {
+    tmp="$(mktemp)"
+    printf "subjectAltName=DNS:%s, DNS:localhost, IP:127.0.0.1" "$1" > "$tmp"
     openssl req -new -key $1.key -out $1.csr -passin pass:"temp" -subj "/C=CA/ST=Ontario/L=Ottawa/O=Eclipse.org Foundation, Inc./CN=$1/emailAddress=kuksa-dev@eclipse.org"
-    openssl x509 -req -in $1.csr -extfile <(printf "subjectAltName=DNS:$1, DNS:localhost, IP:127.0.0.1") -CA CA.pem -CAkey CA.key -CAcreateserial -days 365 -out $1.pem
+    openssl x509 -req -in $1.csr -extfile "$tmp" -CA CA.pem -CAkey CA.key -CAcreateserial -days 365 -out $1.pem
     openssl verify -CAfile CA.pem $1.pem
+    rm "$tmp"
 }
 
 set -e
diff --git a/kuksa_certificates/jwt/recreateJWTkeyPair.sh b/kuksa_certificates/jwt/recreateJWTkeyPair.sh
index c71e61724..b3b9706c0 100755
--- a/kuksa_certificates/jwt/recreateJWTkeyPair.sh
+++ b/kuksa_certificates/jwt/recreateJWTkeyPair.sh
@@ -13,12 +13,12 @@ echo "Recreating kuksa.val key pair used for JWT verification"
 echo "-------------------------------------------------------"
 
 
-echo -e "\nCreating private key"
+printf "\nCreating private key\n"
 ssh-keygen -t rsa -b 4096 -m PEM -f jwt.key -q -N ""
 
-echo -e "\nCreating public key"
+printf "\nCreating public key\n"
 openssl rsa -in jwt.key -pubout -outform PEM -out jwt.key.pub
 
-echo -e '\nYou can use the PRIVATE key "jwt.key" to generate new tokens using https://jwt.io or the "createToken.py" script.'
+printf '\nYou can use the PRIVATE key "jwt.key" to generate new tokens using https://jwt.io or the "createToken.py" script.\n'
 echo 'You need to give the PUBLIC key "jwt.key.pub" to the kuksa.val server, so it can verify correctly signed JWT tokens.'
 

From 6ec49f325d075c35247ef1e0a550cff29a73689b Mon Sep 17 00:00:00 2001
From: Guenther Meyer <g.meyer@signum-media.de>
Date: Fri, 21 Jul 2023 16:38:53 +0200
Subject: [PATCH 3/3] fixed pre-commit stuff

Signed-off-by: Guenther Meyer <g.meyer@signum-media.de>
---
 kuksa_certificates/genCerts.sh               | 1 -
 kuksa_certificates/jwt/recreateJWTkeyPair.sh | 1 -
 2 files changed, 2 deletions(-)

diff --git a/kuksa_certificates/genCerts.sh b/kuksa_certificates/genCerts.sh
index 3ec19214c..4058975d2 100755
--- a/kuksa_certificates/genCerts.sh
+++ b/kuksa_certificates/genCerts.sh
@@ -65,4 +65,3 @@ do
     genCert $i
     echo ""
 done
-
diff --git a/kuksa_certificates/jwt/recreateJWTkeyPair.sh b/kuksa_certificates/jwt/recreateJWTkeyPair.sh
index b3b9706c0..874be28a6 100755
--- a/kuksa_certificates/jwt/recreateJWTkeyPair.sh
+++ b/kuksa_certificates/jwt/recreateJWTkeyPair.sh
@@ -21,4 +21,3 @@ openssl rsa -in jwt.key -pubout -outform PEM -out jwt.key.pub
 
 printf '\nYou can use the PRIVATE key "jwt.key" to generate new tokens using https://jwt.io or the "createToken.py" script.\n'
 echo 'You need to give the PUBLIC key "jwt.key.pub" to the kuksa.val server, so it can verify correctly signed JWT tokens.'
-