1.0.0

2026-04-30 06:48:53 +02:00 · 2026-04-30 06:48:53 +02:00 · 11b848c3f2
commit 11b848c3f2
parent 31f3b5578a
11 changed files with 80 additions and 173 deletions
--- a/bin/.gitkeep
+++ b/bin/.gitkeep
--- a/bin/generate-cert.sh
+++ b/bin/generate-cert.sh
@ -3,7 +3,7 @@
 # Script name: create-cert.sh
 # Author: Gilles Mouchet (gilles.mouchet@gmail.com
 # Version: 1.0.0
-# Description: Create a cert and save it on db
+# Description: Create a cert
 # License: GNU GPL v3
 #
 # This program is distributed in the hope that it will be useful,
@ -14,7 +14,6 @@
 # Changelog
 # [1.0.0] - 2026-04-12
 # Added:  
 #   - adding cert into DB  
 #   - generating private key
 #   - generating Certificate Signing Request (csr) file
 #   - signing the certificate with the CA
--- a/bin/info-cert.sh
+++ b/bin/info-cert.sh
@ -1,13 +1,15 @@
 #!/bin/bash
 #############################################################
-# Script name: template.sh
+# Script name: info-cert.sh
 # Author: Gilles Mouchet (gilles.mouchet@gmail.com
-# Version: v1beta 2026-04-05
+# Version: 1.0.0
-# Description: Script template linux
+# Description: Display cert info
-# License: CC BY-NC 4.0 (https://creativecommons.org/licenses/by-nc/4.0/)
+# License: GNU GPL v3
 #
-# This script is provided "as is", WITHOUT ANY WARRANTY OF ANY KIND.
+# This program is distributed in the hope that it will be useful,
-# Commercial use is strictly prohibited without prior authorization.
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 # GNU General Public License for more details.
 #
 # Changelog
 # [1.0.0] - 2026-04-05
--- a/bin/install.sh
+++ b/bin/install.sh
@ -19,7 +19,6 @@
 #   - initialization by gilles.mouchet@gmail.com
 #
 ############################################################
 #
 VERSION=1.0.0
@ -27,13 +26,6 @@ VERSION=1.0.0
 # Main
 ############################################################
 #main (){
 # path resolution 
 #SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 #ROOT_DIR="$(dirname "$SCRIPT_DIR")"
 #CONF_PATH="/etc/own-pki"
 #ENABLE_COLOR=true
 #BIN_PATH="/opt/own-pki"
 #ASSUME_YES=0
 main(){
    SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
@ -162,8 +154,6 @@ main(){
    echo " Installation completed !!"
    echo -e " Adapt the file ${ORANGE}$CONF_PATH/own-pki.conf${NC} as you need"
    echo "******************************************************"
 }
 main "$@"
--- a/bin/remove-cert.sh
+++ b/bin/remove-cert.sh
@ -3,7 +3,7 @@
 # Script name: remove-cert.sh
 # Author: Gilles Mouchet (gilles.mouchet@gmail.com
 # Version: 1.0.0
-# Description: Removes certificate from the database
+# Description: Removes certificate
 # License: GNU GPL v3
 #
 # This program is distributed in the hope that it will be useful,
@ -14,7 +14,7 @@
 # Changelog
 # [1.0.0] - 2026-04-05
 # Added:
-#   - new features
+#   - removes certificates
 # Project initialization:
 #   - initialization by gilles.mouchet@gmail.com
 #
--- a/bin/uninstall.sh
+++ b/bin/uninstall.sh
@ -0,0 +1,68 @@
 #!/bin/bash
 #############################################################
 # Script name: uninstall.sh
 # Author: Gilles Mouchet (gilles.mouchet@gmail.com
 # Version: 1.0.0
 # Description: Uninstall own pki
 # License: GNU GPL v3
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 # GNU General Public License for more details.
 #
 # Changelog
 # [1.0.0] - 2026-04-30
 # Added:
 #   - uninstall script
 # Project initialization:
 #   - initialization by gilles.mouchet@gmail.com
 #
 ############################################################
 version=1.0.0
 ############################################################
 # MAIN
 ############################################################
 main(){
    SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
    ROOT_DIR="$(dirname "$SCRIPT_DIR")"
    # To ensure that users are prompted to confirm with a yes or no.
    ASSUME_YES=0    
 # read library
    source "$ROOT_DIR/lib/stdlib.sh"
 # init config
    init_default 
    init_env
 # set color
    set_color
 # check if script is run with sudo
    check_sudo
 # message 
    msg_info  "***********************************************"
    msg_info " You are going to uninstall the own PKI toolkit."
    msg_info " Only the scripts will be uninstalled."
    msg_error " The folders below will NOT BE DELETED."
    msg_warn  "   - $KEY_CA_PATH"
    msg_warn  "   - $CRT_CA_PATH"
    msg_warn  "   - $CERTS_PATH"
    msg_info  "***********************************************"
    yes_no "Are you sure"
    echo -e -n "Delete $CONF_PATH: "
    rm -rf $CONF_PATH
    check_rc $?
    echo -e -n "Delete $ROOT_DIR: "
    rm -rf $ROOT_DIR
    check_rc $?
 }
 main "$@"
--- a/config/.gitkeep
+++ b/config/.gitkeep
--- a/config/ca-config
+++ b/config/ca-config
@ -1,102 +0,0 @@
 HOME            = .
 RANDFILE        = $ENV::HOME/.rnd
 oid_section     = new_oids
 [ new_oids ]
 [ ca ]
 default_ca  = CA_default        # The default ca section
 [ CA_default ]
 dir     = .     # Where everything is kept
 certs       = $dir/certs        # Where the issued certs are   kept
 crl_dir     = $dir/crl      # Where the issued crl are kept
 database    = $dir/dbca/index.txt   # database index file.
 new_certs_dir   = $dir/newcerts     # default place for new certs.
 certificate = $dir/cacert.pem   # The CA certificate
 serial      = $dir/serial/serial        # The current serial number
 crl     = $dir/crl.pem      # The current CRL
 private_key = $dir/private/cakey.pem# The private key
 RANDFILE    = $dir/private/.rand    # private random number file
 x509_extensions = usr_cert      # The extentions to add to the cert
 default_days    = 365           # how long to certify for
 default_crl_days= 30            # how long before next CRL
 default_md  = md5           # which md to use.
 preserve    = no            # keep passed DN ordering
 policy      = policy_match
 [ policy_match ]
 countryName     = match
 stateOrProvinceName = match
 organizationName    = match
 organizationalUnitName  = optional
 commonName      = supplied
 emailAddress        = optional
 [ policy_anything ]
 countryName     = optional
 stateOrProvinceName = optional
 localityName        = optional
 organizationName    = optional
 organizationalUnitName  = optional
 commonName      = supplied
 emailAddress        = optional
 [ req ]
 default_bits        = 1024
 default_keyfile     = privkey.pem
 distinguished_name  = req_distinguished_name
 attributes      = req_attributes
 x509_extensions = v3_ca # The extentions to add to the self signed cert
 string_mask = nombstr
 [ req_distinguished_name ]
 countryName         = Country Name (2 letter code)
 countryName_default     = CH
 countryName_min         = 2
 countryName_max         = 2
 stateOrProvinceName     = State or Province Name (full name)
 stateOrProvinceName_default = Vaud
 localityName            = Locality Name (eg, city)
 localityName_default        = Nyon
 0.organizationName      = Organization Name (eg, company)
 0.organizationName_default  = GMO Lab (gmolab)
 organizationalUnitName      = Organizational Unit Name (eg, section)
 organizationalUnitName_default  = ITCS (Information Technology and Communications Service)
 commonName          = Common Name (eg, YOUR name)
 commonName_default  = 
 commonName_max          = 64
 emailAddress            = Email Address
 emailAddress_default        = example@example.com
 emailAddress_max        = 40
 [ req_attributes ]
 challengePassword       = A challenge password
 challengePassword_min       = 4
 challengePassword_max       = 20
 unstructuredName        = An optional company name
 [ usr_cert ]
 basicConstraints=CA:FALSE
 nsComment           = "OpenSSL Generated Certificate"
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid,issuer:always
 [ v3_req ]
 basicConstraints = CA:FALSE
 keyUsage = nonRepudiation, digitalSignature, keyEncipherment
 [ v3_ca ]
 subjectKeyIdentifier=hash
 authorityKeyIdentifier=keyid:always,issuer:always
 basicConstraints = CA:true
 [ crl_ext ]
 authorityKeyIdentifier=keyid:always,issuer:always
--- a/lib/check-rc.sh-old
+++ b/lib/check-rc.sh-old
@ -1,11 +0,0 @@
 # check if run from script
 [[ "${BASH_SOURCE[0]}" == "${0}" ]] && exit 1
 #------------------------------------------------------------------------------
 check_rc(){
    if [ "$1" != "0" ]; then
       msg_error "Error (RC:$rc)"
       exit 1
    else
       msg_ok "OK"
    fi
 }
--- a/lib/set-color.sh-old
+++ b/lib/set-color.sh-old
@ -1,25 +0,0 @@
 # check if run from script
 [[ "${BASH_SOURCE[0]}" == "${0}" ]] && exit 1
 #-----------------------------------------------------------
 # set colors
 # RED Error 
 # ORANGE Attention or color for parameters when 
 #        confirmation
 # CYAN Ask to user or display a data
 # GREEN OK
 set_color(){
  if [[ "$ENABLE_COLOR" == "true" ]]; then
      RED='\e[0;31m'
      ORANGE='\e[0;33m'
      CYAN='\e[0;36m'
      GREEN='\e[0;32m'
      NC='\e[0m'
  else
      RED=''
      ORANGE=''
      CYAN=''
      GREEN=''
      NC=''
  fi
 }
--- a/lib/yes-no.sh-old
+++ b/lib/yes-no.sh-old
@ -1,14 +0,0 @@
 # check if run from script
 [[ "${BASH_SOURCE[0]}" == "${0}" ]] && exit 1
 yes_no(){
    if [ "$ASSUME_YES" == "0" ]; then
        echo -n -e "${CYAN}$1 [y/N]? ${NC}"
        unset answer
        read answer
        if [ "${answer}" != "y" ]; then
            echo -e "${ORANGE}Canceled!${NC}"
            exit 1
        fi
    fi
 }