Version 1.6

Papers/includes/scripts/decryptKeys.sh

@@ -0,0 +1,72 @@
+#!/bin/sh
+
+#  Author: sud0nick
+#  Date:   Dec 2018
+
+# Location of SSL keys
+ssl_store="/pineapple/modules/Papers/includes/ssl/";
+ssh_store="/pineapple/modules/Papers/includes/ssh/";
+
+help() {
+	echo "Decryption script for OpenSSL keys";
+	echo "Usage: ./decryptKeys.sh <opts>";
+	echo "Use './decryptKeys.sh --examples' to see example commands";
+	echo '';
+	echo 'NOTE:';
+	echo "Current SSL store is at $ssl_store";
+	echo '';
+	echo 'Parameters:';
+	echo '';
+	echo -e '\t-k:\tName of key to be decrypted';
+	echo -e '\t-p:\tPassword to use to unlock the key';
+	echo -e '\t--ssh:\tThe key to encrypt is in the SSH store';
+	echo -e '\t--help:\tDisplays this help info';
+	echo '';
+}
+
+examples() {
+	echo '';
+        echo 'Examples:';
+        echo 'Decrypt private key:';
+        echo './decryptKeys.sh -k keyName -p password';
+        echo '';
+	echo '';
+}
+
+if [ "$#" -lt 1 ]; then
+        help;
+        exit;
+fi
+
+while [ "$#" -gt 0 ]
+do
+
+if [[ "$1" == "--examples" ]]; then
+	examples;
+	exit;
+fi
+if [[ "$1" == "--ssh" ]]; then
+	ssl_store=$ssh_store;
+fi
+if [[ "$1" == "--help" ]]; then
+	help;
+	exit;
+fi
+if [[ "$1" == "-k" ]]; then
+	KEY="$2";
+fi
+if [[ "$1" == "-p" ]]; then
+	PASS="$2";
+fi
+
+shift
+done;
+
+# Generate a password on the private key
+openssl rsa -in $ssl_store$KEY.key -out $ssl_store$KEY.key -passin pass:"$PASS" 2>/dev/null;
+if [[ $? != 0 ]]; then
+	echo "Bad Password";
+	exit;
+fi
+
+echo "Complete"

Papers/includes/scripts/encryptKeys.sh

@@ -5,6 +5,7 @@
 
 # Location of SSL keys
 ssl_store="/pineapple/modules/Papers/includes/ssl/";
+ssh_store="/pineapple/modules/Papers/includes/ssh/";
 
 help() {
 	echo "Encryption/Export script for OpenSSL certificates";
@@ -21,6 +22,7 @@ help() {
 	echo 'Encryption Options:';
 	echo '';
 	echo -e '\t--encrypt:\tMust be supplied to encrypt keys';
+	echo -e '\t--ssh:\tThe key to encrypt is in the SSH store';
 	echo -e '\t-a:\t\tAlgorithm to use for key encryption (aes256, 3des, camellia256, etc)';
 	echo -e '\t-p:\t\tPassword to use for encryption';
 	echo '';
@@ -66,8 +68,11 @@ fi
 if [[ "$1" == "--encrypt" ]]; then
 	ENCRYPT_KEYS=true;
 fi
+if [[ "$1" == "--ssh" ]]; then
+	ssl_store=$ssh_store;
+fi
 if [[ "$1" == "-a" ]]; then
-        ALGO="$2";
+	ALGO="$2";
 fi
 if [[ "$1" == "-k" ]]; then
 	KEY="$2";

Papers/includes/scripts/getCertInfo.sh

@@ -0,0 +1,51 @@
+#!/bin/sh
+
+#  Author: sud0nick
+#  Date:   Dec 2018
+
+# Location of SSL keys
+ssl_store="/pineapple/modules/Papers/includes/ssl/";
+
+help() {
+	echo "Get certificate properties via OpenSSL";
+	echo "Usage: ./getCertInfo.sh <opts>";
+	echo '';
+	echo 'NOTE:';
+	echo "Current SSL store is at $ssl_store";
+	echo '';
+	echo 'Parameters:';
+	echo '';
+	echo -e '\t-k:\tKey from which to retrieve properties';
+	echo '';
+}
+
+if [ "$#" -lt 1 ]; then
+        help;
+        exit;
+fi
+
+while [ "$#" -gt 0 ]
+do
+
+if [[ "$1" == "-k" ]]; then
+	KEY="$ssl_store$2.cer";
+fi
+
+shift
+done;
+
+ISSUER=$(openssl x509 -in $KEY -noout -issuer | sed 's/^[^=]*=//g');
+FINGERPRINT=$(openssl x509 -in $KEY -noout -fingerprint | sed 's/^[^=]*=//g');
+SUBJECT=$(openssl x509 -in $KEY -noout -subject | sed 's/^[^=]*=//g');
+START_DATE=$(openssl x509 -in $KEY -noout -startdate | sed 's/^[^=]*=//g');
+END_DATE=$(openssl x509 -in $KEY -noout -enddate | sed 's/^[^=]*=//g');
+SERIAL=$(openssl x509 -in $KEY -noout -serial | sed 's/^[^=]*=//g');
+ALT_NAMES=$(openssl x509 -in $KEY -noout -text | grep DNS | sed 's/^[^:]*://g');
+
+echo "issuer=$ISSUER";
+echo "fingerprint=$FINGERPRINT";
+echo "subject=$SUBJECT";
+echo "start=$START_DATE";
+echo "end=$END_DATE";
+echo "serial=$SERIAL";
+echo "dns=$ALT_NAMES";