1.0.0

bin/generate-cert.sh

@@ -3,7 +3,7 @@
 # Script name: create-cert.sh
 # Author: Gilles Mouchet (gilles.mouchet@gmail.com
 # Version: 1.0.0
-# Description: Create a cert and save it on db
+# Description: Create a cert
 # License: GNU GPL v3
 #
 # This program is distributed in the hope that it will be useful,
@@ -14,7 +14,6 @@
 # Changelog
 # [1.0.0] - 2026-04-12
 # Added:  
-#   - adding cert into DB  
 #   - generating private key
 #   - generating Certificate Signing Request (csr) file
 #   - signing the certificate with the CA

bin/info-cert.sh

@@ -1,13 +1,15 @@
 #!/bin/bash
 #############################################################
-# Script name: template.sh
+# Script name: info-cert.sh
 # Author: Gilles Mouchet (gilles.mouchet@gmail.com
-# Version: v1beta 2026-04-05
-# Description: Script template linux
-# License: CC BY-NC 4.0 (https://creativecommons.org/licenses/by-nc/4.0/)
+# Version: 1.0.0
+# Description: Display cert info
+# License: GNU GPL v3
 #
-# This script is provided "as is", WITHOUT ANY WARRANTY OF ANY KIND.
-# Commercial use is strictly prohibited without prior authorization.
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
 #
 # Changelog
 # [1.0.0] - 2026-04-05

bin/install.sh

@@ -19,7 +19,6 @@
 #   - initialization by gilles.mouchet@gmail.com
 #
 ############################################################
-#
 
 VERSION=1.0.0
 
@@ -27,13 +26,6 @@ VERSION=1.0.0
 # Main
 ############################################################
 #main (){
-# path resolution 
-#SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-#ROOT_DIR="$(dirname "$SCRIPT_DIR")"
-#CONF_PATH="/etc/own-pki"
-#ENABLE_COLOR=true
-#BIN_PATH="/opt/own-pki"
-#ASSUME_YES=0
 
 main(){
     SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
@@ -162,8 +154,6 @@ main(){
     echo " Installation completed !!"
     echo -e " Adapt the file ${ORANGE}$CONF_PATH/own-pki.conf${NC} as you need"
     echo "******************************************************"
-
-
 }
 main "$@"
 

bin/remove-cert.sh

@@ -3,7 +3,7 @@
 # Script name: remove-cert.sh
 # Author: Gilles Mouchet (gilles.mouchet@gmail.com
 # Version: 1.0.0
-# Description: Removes certificate from the database
+# Description: Removes certificate
 # License: GNU GPL v3
 #
 # This program is distributed in the hope that it will be useful,
@@ -14,7 +14,7 @@
 # Changelog
 # [1.0.0] - 2026-04-05
 # Added:
-#   - new features
+#   - removes certificates
 # Project initialization:
 #   - initialization by gilles.mouchet@gmail.com
 #

bin/uninstall.sh

@@ -0,0 +1,68 @@
+#!/bin/bash
+#############################################################
+# Script name: uninstall.sh
+# Author: Gilles Mouchet (gilles.mouchet@gmail.com
+# Version: 1.0.0
+# Description: Uninstall own pki
+# License: GNU GPL v3
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# Changelog
+# [1.0.0] - 2026-04-30
+# Added:
+#   - uninstall script
+# Project initialization:
+#   - initialization by gilles.mouchet@gmail.com
+#
+############################################################
+
+version=1.0.0
+
+############################################################
+# MAIN
+############################################################
+
+main(){
+    SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+    ROOT_DIR="$(dirname "$SCRIPT_DIR")"
+
+    # To ensure that users are prompted to confirm with a yes or no.
+    ASSUME_YES=0    
+
+# read library
+    source "$ROOT_DIR/lib/stdlib.sh"
+    
+# init config
+    init_default 
+    init_env
+    
+# set color
+    set_color
+    
+# check if script is run with sudo
+    check_sudo
+
+# message 
+    msg_info  "***********************************************"
+    msg_info " You are going to uninstall the own PKI toolkit."
+    msg_info " Only the scripts will be uninstalled."
+    msg_error " The folders below will NOT BE DELETED."
+    msg_warn  "   - $KEY_CA_PATH"
+    msg_warn  "   - $CRT_CA_PATH"
+    msg_warn  "   - $CERTS_PATH"
+    msg_info  "***********************************************"
+    yes_no "Are you sure"
+
+    echo -e -n "Delete $CONF_PATH: "
+    rm -rf $CONF_PATH
+    check_rc $?
+
+    echo -e -n "Delete $ROOT_DIR: "
+    rm -rf $ROOT_DIR
+    check_rc $?
+}
+main "$@"

config/ca-config

@@ -1,102 +0,0 @@
-HOME            = .
-RANDFILE        = $ENV::HOME/.rnd
-oid_section     = new_oids
-
-[ new_oids ]
-
-[ ca ]
-default_ca  = CA_default        # The default ca section
-[ CA_default ]
-dir     = .     # Where everything is kept
-certs       = $dir/certs        # Where the issued certs are   kept
-crl_dir     = $dir/crl      # Where the issued crl are kept
-database    = $dir/dbca/index.txt   # database index file.
-new_certs_dir   = $dir/newcerts     # default place for new certs.
-certificate = $dir/cacert.pem   # The CA certificate
-serial      = $dir/serial/serial        # The current serial number
-crl     = $dir/crl.pem      # The current CRL
-private_key = $dir/private/cakey.pem# The private key
-RANDFILE    = $dir/private/.rand    # private random number file
-x509_extensions = usr_cert      # The extentions to add to the cert
-default_days    = 365           # how long to certify for
-default_crl_days= 30            # how long before next CRL
-default_md  = md5           # which md to use.
-preserve    = no            # keep passed DN ordering
-policy      = policy_match
-
-[ policy_match ]
-countryName     = match
-stateOrProvinceName = match
-organizationName    = match
-organizationalUnitName  = optional
-commonName      = supplied
-emailAddress        = optional
-
-[ policy_anything ]
-countryName     = optional
-stateOrProvinceName = optional
-localityName        = optional
-organizationName    = optional
-organizationalUnitName  = optional
-commonName      = supplied
-emailAddress        = optional
-
-[ req ]
-default_bits        = 1024
-default_keyfile     = privkey.pem
-distinguished_name  = req_distinguished_name
-attributes      = req_attributes
-x509_extensions = v3_ca # The extentions to add to the self signed cert
-string_mask = nombstr
-
-[ req_distinguished_name ]
-countryName         = Country Name (2 letter code)
-countryName_default     = CH
-countryName_min         = 2
-countryName_max         = 2
-
-stateOrProvinceName     = State or Province Name (full name)
-stateOrProvinceName_default = Vaud
-
-localityName            = Locality Name (eg, city)
-localityName_default        = Nyon
-
-0.organizationName      = Organization Name (eg, company)
-0.organizationName_default  = GMO Lab (gmolab)
-
-organizationalUnitName      = Organizational Unit Name (eg, section)
-
-organizationalUnitName_default  = ITCS (Information Technology and Communications Service)
-
-commonName          = Common Name (eg, YOUR name)
-commonName_default  = 
-commonName_max          = 64
-
-emailAddress            = Email Address
-emailAddress_default        = example@example.com
-emailAddress_max        = 40
-
-[ req_attributes ]
-challengePassword       = A challenge password
-challengePassword_min       = 4
-challengePassword_max       = 20
-
-unstructuredName        = An optional company name
-
-[ usr_cert ]
-basicConstraints=CA:FALSE
-nsComment           = "OpenSSL Generated Certificate"
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-[ v3_req ]
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always,issuer:always
-basicConstraints = CA:true
-
-[ crl_ext ]
-authorityKeyIdentifier=keyid:always,issuer:always

lib/check-rc.sh-old

@@ -1,11 +0,0 @@
-# check if run from script
-[[ "${BASH_SOURCE[0]}" == "${0}" ]] && exit 1
-#------------------------------------------------------------------------------
-check_rc(){
-    if [ "$1" != "0" ]; then
-       msg_error "Error (RC:$rc)"
-       exit 1
-    else
-       msg_ok "OK"
-    fi
-}

lib/set-color.sh-old

@@ -1,25 +0,0 @@
-# check if run from script
-[[ "${BASH_SOURCE[0]}" == "${0}" ]] && exit 1
-
-#-----------------------------------------------------------
-# set colors
-# RED Error 
-# ORANGE Attention or color for parameters when 
-#        confirmation
-# CYAN Ask to user or display a data
-# GREEN OK
-set_color(){
-  if [[ "$ENABLE_COLOR" == "true" ]]; then
-      RED='\e[0;31m'
-      ORANGE='\e[0;33m'
-      CYAN='\e[0;36m'
-      GREEN='\e[0;32m'
-      NC='\e[0m'
-  else
-      RED=''
-      ORANGE=''
-      CYAN=''
-      GREEN=''
-      NC=''
-  fi
-}

lib/yes-no.sh-old

@@ -1,14 +0,0 @@
-# check if run from script
-[[ "${BASH_SOURCE[0]}" == "${0}" ]] && exit 1
-
-yes_no(){
-    if [ "$ASSUME_YES" == "0" ]; then
-        echo -n -e "${CYAN}$1 [y/N]? ${NC}"
-        unset answer
-        read answer
-        if [ "${answer}" != "y" ]; then
-            echo -e "${ORANGE}Canceled!${NC}"
-            exit 1
-        fi
-    fi
-}