diff --git a/misc/CA.sh b/misc/CA.sh index bfc99b5e..5ed1e97b 100755 --- a/misc/CA.sh +++ b/misc/CA.sh @@ -1,4 +1,4 @@ -#! /bin/sh +#!/bin/sh if [[ -z "${TOP_DIR}" ]]; then TOP_DIR=pki @@ -14,15 +14,22 @@ CACERT=./cacert.crt DAYS=2 -#GREEN="\033[1;32m" -#RED="\033[1;31m" -#COLOR_RST="\033[0m" - -GREEN="" -RED="" -COLOR_RST="" -BOLD="" -END_BOLD="" +if [ -z "$PS1" ] +then + GREEN="" + RED="" + COLOR_RST="" + BOLD="" + END_BOLD="" + ECHO_OPTS="" +else + GREEN="\033[1;32m" + RED="\033[1;31m" + COLOR_RST="\033[0m" + BOLD="" + END_BOLD="" + ECHO_OPTS="-e" +fi usage() { @@ -52,8 +59,8 @@ OUTPUT=$(mktemp) case $1 in "-newca" ) - echo -e -n "${GREEN}Create the directories, take care this will delete" - echo -e "the old directories ${COLOR_RST}" + echo -n $ECHO_OPTS "${GREEN}Create the directories, take care this will delete" + echo $ECHO_OPTS "the old directories ${COLOR_RST}" # sleep 1; echo -n "1 "; sleep 1; echo -n "2 "; sleep 1; echo "3" clean "ca" @@ -61,7 +68,7 @@ case $1 in ESCAPED=$(echo "${TOP_DIR}" | sed 's/[\/\.]/\\&/g') - echo -e "${GREEN}Making CA key and csr${COLOR_RST}" + echo $ECHO_OPTS "${GREEN}Making CA key and csr${COLOR_RST}" sed -i 's/=.*#COMMONNAME/= FIC CA #COMMONNAME/' $OPENSSL_CONF sed -i "s/=.*#DIR/= ${ESCAPED} #DIR/" $OPENSSL_CONF @@ -90,7 +97,7 @@ case $1 in exit 4 fi - echo -e "${GREEN}Self signes the CA certificate${COLOR_RST}" + echo $ECHO_OPTS "${GREEN}Self signes the CA certificate${COLOR_RST}" openssl ca -batch -create_serial -out ${TOP_DIR}/${CACERT} \ -days ${DAYS} -keyfile ${TOP_DIR}/private/${CAKEY} \ -selfsign -extensions CORE_CA -config ${OPENSSL_CONF} \ @@ -102,9 +109,9 @@ case $1 in fi ;; "-newserver" ) - echo -e "${GREEN}Making the Server key and cert${COLOR_RST}" + echo $ECHO_OPTS "${GREEN}Making the Server key and cert${COLOR_RST}" if ! [ -f ${TOP_DIR}/private/${CAKEY} ]; then - echo -e "${RED}Can not found the CA's key${COLOR_RST}" + echo $ECHO_OPTS "${RED}Can not found the CA's key${COLOR_RST}" exit 2 fi sed -i 's/=.*#COMMONNAME/=10.226.3.70#COMMONNAME/' $OPENSSL_CONF @@ -114,17 +121,17 @@ case $1 in cat $OUTPUT exit 4 fi - echo -e "${GREEN}Signing the Server crt${COLOR_RST}" + echo $ECHO_OPTS "${GREEN}Signing the Server crt${COLOR_RST}" openssl ca -policy policy_match -config ${OPENSSL_CONF} \ -out server.crt -extensions SERVER_SSL -infiles server.csr if [ $? -ne 0 ]; then - echo -e "${RED}Signing failed for new server${COLOR_RST}" + echo $ECHO_OPTS "${RED}Signing failed for new server${COLOR_RST}" rm -rf server.key server.crt server.csr cat $OUTPUT exit 3 else rm server.csr # remove ? - echo -e "${GREEN}Signed certificate is in server.crt${COLOR_RST}" + echo $ECHO_OPTS "${GREEN}Signed certificate is in server.crt${COLOR_RST}" fi ;; "-newclient" ) @@ -133,13 +140,13 @@ case $1 in exit 1 fi echo "==============================================================" - echo -e "${GREEN}Making the client key and csr of ${BOLD}${2}${END_BOLD}${COLOR_RST}" + echo $ECHO_OPTS "${GREEN}Making the client key and csr of ${BOLD}${2}${END_BOLD}${COLOR_RST}" ESCAPED=$(echo "${TOP_DIR}" | sed 's/[\/\.]/\\&/g') sed -i "s/=.*#DIR/= ${ESCAPED} #DIR/" $OPENSSL_CONF if ! [ -f ${TOP_DIR}/private/${CAKEY} ]; then - echo -e "${RED}Can not found the CA's key${COLOR_RST}" + echo $ECHO_OPTS "${RED}Can not found the CA's key${COLOR_RST}" exit 2 fi sed -i "s/=.*#COMMONNAME/= $2#COMMONNAME/" $OPENSSL_CONF @@ -160,26 +167,26 @@ case $1 in exit 4 fi - echo -e "${GREEN}Signing the Client crt${COLOR_RST}" + echo $ECHO_OPTS "${GREEN}Signing the Client crt${COLOR_RST}" openssl ca -batch -policy policy_match -out ${TOP_DIR}/${2}.crt \ -config ${OPENSSL_CONF} -extensions CLIENT_SSL -infiles ${TOP_DIR}/${2}.csr > $OUTPUT 2>&1 if [ $? -ne 0 ]; then - echo -e "${RED}Signing failed for $2 ${COLOR_RST}" + echo $ECHO_OPTS "${RED}Signing failed for $2 ${COLOR_RST}" cat $OUTPUT clean "client" $2 exit 3 fi - echo -e "${GREEN}Export the Client files to pkcs12${COLOR_RST}" + echo $ECHO_OPTS "${GREEN}Export the Client files to pkcs12${COLOR_RST}" openssl pkcs12 -export -inkey ${TOP_DIR}/${2}.key -in ${TOP_DIR}/${2}.crt -name ${2} \ -passin pass:$pass -out ${TOP_DIR}/pkcs/${2}.p12 \ -passout pass:$pass > $OUTPUT 2>&1 if [ $? -ne 0 ]; then - echo -e "${RED}pkcs12 export failed for ${BOLD}$2${END_BOLD}${COLOR_RST}" + echo $ECHO_OPTS "${RED}pkcs12 export failed for ${BOLD}$2${END_BOLD}${COLOR_RST}" cat $OUTPUT clean "client" $2 exit 4 else - echo -e "Exported pkcs12 file is ${2}.p12" + echo $ECHO_OPTS "Exported pkcs12 file is ${2}.p12" fi mv ${TOP_DIR}/${2}.crt ${TOP_DIR}/certs echo "$2:$pass" >> ${TOP_DIR}/../teams.pass @@ -191,32 +198,32 @@ case $1 in echo "Usage: $0 -revoke NAME" exit 1 fi - echo -e "${GREEN}Revocate ${BOLD}${2}${END_BOLD}${COLOR_RST}" + echo $ECHO_OPTS "${GREEN}Revocate ${BOLD}${2}${END_BOLD}${COLOR_RST}" openssl ca -revoke ${TOP_DIR}/certs/${2}.crt -config ${OPENSSL_CONF}\ -keyfile ${TOP_DIR}/private/${CAKEY} \ -cert ${TOP_DIR}/${CACERT} > $OUTPUT 2>&1 if [ $? -ne 0 ]; then - echo -e "${RED}Revocation failed for ${BOLD}${2}${END_BOLD}${COLOR_RST}" + echo $ECHO_OPTS "${RED}Revocation failed for ${BOLD}${2}${END_BOLD}${COLOR_RST}" cat $OUTPUT exit 4 fi rm ${TOP_DIR}/certs/${2}.crt rm ${TOP_DIR}/pkcs/${2}.p12 - echo -e "${GREEN}Generate crl.pem${COLOR_RST}" + echo $ECHO_OPTS "${GREEN}Generate crl.pem${COLOR_RST}" openssl ca -config ${OPENSSL_CONF} -gencrl -out ${TOP_DIR}/crl.pem > $OUTPUT 2>&1 if [ $? -ne 0 ]; then - echo -e "${RED}Generate crl.pem failed" + echo $ECHO_OPTS "${RED}Generate crl.pem failed" cat $OUTPUT exit 5 fi ;; "-gencrl" ) - echo -e "${GREEN}Generate crl.pem${COLOR_RST}" + echo $ECHO_OPTS "${GREEN}Generate crl.pem${COLOR_RST}" openssl ca -config ${OPENSSL_CONF} -gencrl -out ${TOP_DIR}/crl.pem > $OUTPUT 2>&1 if [ $? -ne 0 ]; then - echo -e "${RED}Generate crl.pem failed" + echo $ECHO_OPTS "${RED}Generate crl.pem failed" cat $OUTPUT exit 5 fi