diff --git a/bin/clean-all b/bin/clean-all new file mode 100755 index 0000000..4bb6a7b --- /dev/null +++ b/bin/clean-all @@ -0,0 +1,7 @@ +#!/usr/bin/env bash +BINDIR=$(dirname $(realpath $0)); +BASEDIR=$(realpath "$BINDIR/../"); +cd $BASEDIR; +rm -rf ./storage/ca/*; +mkdir ./storage/ca/certs; +touch ./storage/ca/{,certs/}.gitkeep; diff --git a/bin/create-ca b/bin/create-ca new file mode 100755 index 0000000..aeb10bc --- /dev/null +++ b/bin/create-ca @@ -0,0 +1,16 @@ +#!/usr/bin/env bash +BASEDIR=$(realpath $(dirname $0)); +KEYDIR=$(realpath "$BASEDIR/../storage/ca/"); + +if [ -f $KEYDIR/ca.key ]; then + echo "CA key already exists. not overwriting it." + exit 1; +fi + +CN="ob.ae-cn"; + +if [ ! -z "$1" ]; then + CN=$1; +fi; + +openssl req -days 3650 -nodes -new -x509 -keyout $KEYDIR/ca.key -out $KEYDIR/ca.crt -subj "/CN=$CN" -extensions ca_ext -config "$BASEDIR/../etc/openssl.conf"; diff --git a/bin/create-crl b/bin/create-crl new file mode 100755 index 0000000..34997ab --- /dev/null +++ b/bin/create-crl @@ -0,0 +1,4 @@ +#!/usr/bin/env bash +DIR=$(dirname $(realpath $0)); +openssl ca -config "$DIR/../etc/openssl.conf" -gencrl -keyfile "$DIR/../storage/ca/ca.key" -cert "$DIR/../storage/ca/ca.crt" -out "$DIR/../storage/ca/crl.pem"; +openssl crl -inform PEM -in "$DIR/../storage/ca/crl.pem" -outform DER -out "$DIR/../storage/ca/crl.der"; diff --git a/bin/create-csr b/bin/create-csr new file mode 100755 index 0000000..c1a342c --- /dev/null +++ b/bin/create-csr @@ -0,0 +1,7 @@ +#!/usr/bin/env bash +if [ -z "$3" ]; then + echo "Usage: $0 [commonname] [csr path] [key path]"; + exit 1; +fi + +openssl req -sha256 -keyout $3 -nodes -newkey rsa:2048 -out $2 -subj "/CN=$1" diff --git a/bin/create-invite.php b/bin/create-invite.php index 81be1c3..b93811b 100644 --- a/bin/create-invite.php +++ b/bin/create-invite.php @@ -1,14 +1,12 @@ +#!/usr/bin/env php boot($baseDir); -$newInvite = new \Eater\Glim\Model\Invite(); -$newInvite->setInvite(md5(rand(0, PHP_INT_MAX))); -$newInvite->save(); +$config = new Config(); +$controller = new Controller($config); -echo $newInvite->getInvite() . "\n"; \ No newline at end of file +echo $controller->createInvite() . "\n"; diff --git a/bin/dev-server b/bin/dev-server new file mode 100755 index 0000000..93ae251 --- /dev/null +++ b/bin/dev-server @@ -0,0 +1,4 @@ +#!/usr/bin/env bash +DIR=$(dirname $0); +cd $DIR/../public; +php -S 0:8888; diff --git a/bin/revoke-cert b/bin/revoke-cert new file mode 100755 index 0000000..f432157 --- /dev/null +++ b/bin/revoke-cert @@ -0,0 +1,3 @@ +#!/usr/bin/env bash +DIR=$(dirname $(realpath $0)); +openssl ca -config "$DIR/../etc/openssl.conf" -revoke "$1"; diff --git a/bin/setup b/bin/setup new file mode 100755 index 0000000..a48d0d7 --- /dev/null +++ b/bin/setup @@ -0,0 +1,15 @@ +#!/usr/bin/env bash +BASEDIR="$(dirname $(realpath $0))/../"; +cd $BASEDIR; +STORAGE=$(realpath "$BASEDIR/storage/ca"); + +mkdir -p $STORAGE; +mkdir -p $STORAGE/certs; + +echo 01 > $STORAGE/serial; +echo 01 > $STORAGE/crl_serial; +touch $STORAGE/database; +touch $STORAGE/database.attr; + +$BASEDIR/bin/create-ca $1; +$BASEDIR/bin/create-crl; diff --git a/bin/sign-client-csr b/bin/sign-client-csr new file mode 100755 index 0000000..a95328d --- /dev/null +++ b/bin/sign-client-csr @@ -0,0 +1,6 @@ +#!/usr/bin/env bash +DIR=$(dirname $(realpath $0)); +CSR=$(realpath $1); +CRT=$(realpath $2); +cd $DIR/../; +openssl ca -in $CSR -out $CRT -config $DIR/../etc/openssl.conf -md sha256 -days 3650 -extensions client_ext -batch -notext; diff --git a/bin/sign-server-csr b/bin/sign-server-csr new file mode 100755 index 0000000..3961ad9 --- /dev/null +++ b/bin/sign-server-csr @@ -0,0 +1,6 @@ +#!/usr/bin/env bash +DIR=$(dirname $(realpath $0)); +CSR=$(realpath $1); +CRT=$(realpath $2); +cd $DIR/../; +openssl ca -in $CSR -out $CRT -config $DIR/../etc/openssl.conf -md sha256 -days 3650 -extensions server_ext; \ No newline at end of file diff --git a/config/app.yml b/config/app.yml index 9831de1..d219fc1 100644 --- a/config/app.yml +++ b/config/app.yml @@ -11,4 +11,5 @@ core: user: Eater\Glim\Service\User session: Eater\Glim\Service\Session twig: Eater\Glim\Service\Twig - twig-vars: Eater\Glim\Service\TwigVars \ No newline at end of file + twig-vars: Eater\Glim\Service\TwigVars + ca: Eater\Glim\Service\CA \ No newline at end of file diff --git a/config/routes.yml b/config/routes.yml index d47c5b8..0b0efb1 100644 --- a/config/routes.yml +++ b/config/routes.yml @@ -12,4 +12,6 @@ routes: get: Panel /certificates: /new: - get: Panel\Certificates\_New\Show \ No newline at end of file + get: Panel\Certificates\_New\Show + post: Panel\Certificates\_New\Action + /download/{name}: Panel\Certificates\Download \ No newline at end of file diff --git a/config/schema.xml b/config/schema.xml index a74e792..f83df77 100644 --- a/config/schema.xml +++ b/config/schema.xml @@ -5,7 +5,7 @@ >