extend checkcerts.sh to print bits and hash information

tests/scripts/checkcerts.sh

@@ -20,7 +20,7 @@ SOON=60
 
 date2julian() {
     # Julian date conversion adapted from a post (its code released into the public
-    # domain) by Tapani Tarvainen to comp.unix.shell (1998) for portability
+    # domain) by Tapani Tarvainen to comp.unix.shell 1998)) for portability
     # (e.g. using 'expr' instead of requiring Bash, ksh, or zsh).
     #   $1 = Month
     #   $2 = Day
@@ -101,6 +101,26 @@ checkcert() {
     echo $DATA
 }
 
+get_bits() {
+    if [ $OPENSSL ]; then
+        BITS=$(openssl x509 -text -noout -in $1 | sed -e '/Public-Key/!d' \
+            -e 's/\s\+Public-Key: (\([0-9]\+\) bit)/\1 bits/')
+    else
+        BITS=$(certtool -i < $1 | sed -e '/^.*Algorithm Security Level/!d' \
+            -e 's/.*(\([0-9]\+\) bits).*/\1 bits/')
+    fi
+}
+
+get_sigtype() {
+    if [ $OPENSSL ]; then
+        TYPE=$(openssl x509 -text -noout -in $1 | sed -e '/Signature Algorithm/!d' \
+            -e 's/\s\+Signature Algorithm:\s\+\(.\+\)/\1/' | head -n1)
+    else
+        TYPE=$(certtool -i < $1 | sed -e '/^.*Signature Algorithm:/!d' \
+            -e 's/.*:\s\+\(.*\)/\1/')
+    fi
+}
+
 print_status() {
         if [ $DAYS -ge $SOON ]; then
             echo "Expires in $DAYS days ($EXPIRES)"
@@ -164,6 +184,8 @@ do
     else
        compute_dates
     fi
+    get_bits $i && get_sigtype $i
+    printf '%s - %s\n\n' "$BITS" "$TYPE"
     if grep '\s$' $i > /dev/null 2>&1; then
         echo "********* Trailing whitespace found in file $i *********"
         FAIL=1