vkosuri/explore_openssl.sh

## explore_openssl.sh
#!/bin/bash

# Function to display usage instructions
usage() {
    echo "Usage: $0 <operation> [options]"
    echo "Operations:"
    echo "  genca     - Generate a CA certificate and output public key, private key, and CSR."
    echo "  genec     - Generate an EC key and certificate."
    echo "  genrsa    - Generate an RSA key and certificate."
    echo "  genpkcs12 - Generate a PKCS#12 (.pfx) file from a private key and certificate."
    echo "  der2pem   - Convert a DER file to PEM format."
    echo "  pem2der   - Convert a PEM file to DER format."
    echo "  encrypt   - Encrypt a file with AES-256-CBC encryption."
    echo "  hashfile  - Create a SHA-256 hash of a file."
    echo "  gen-self-signed - Generate a self-signed certificate."
    exit 1
}

# Check for the correct number of arguments
if [ $# -lt 1 ]; then
    usage
fi

# Perform the selected operation based on the command line argument
case "$1" in
    genca)
        if [ $# -ne 5 ]; then
            echo "Usage: $0 genca <output_prefix> <common_name> <country_code> <san>"
            exit 1
        fi

        output_prefix="$2"
        common_name="$3"
        country_code="$4"
        san="$5"

        # Create a configuration file for the CA certificate
        cat > ca-config.cnf << EOF
[req]
default_bits = 2048
prompt = no
distinguished_name = dn

[dn]
C = ${country_code}
CN = ${common_name}
EOF

        # Generate the CA private key
        openssl genpkey -algorithm RSA -out "${output_prefix}_private.pem"

        # Generate the CA self-signed certificate with extensions
        openssl req -new -x509 -key "${output_prefix}_private.pem" -out "${output_prefix}_public.pem" -config ca-config.cnf -extensions v3_ca -subj "/C=${country_code}/CN=${common_name}/SAN=${san}"

        # Clean up the temporary configuration file
        rm -f ca-config.cnf
        ;;

    genec)
        if [ $# -ne 2 ]; then
            echo "Usage: $0 genec <output_prefix>"
            exit 1
        fi

        output_prefix="$2"
        openssl ecparam -genkey -name secp256k1 -out "${output_prefix}_private.pem"
        openssl req -new -key "${output_prefix}_private.pem" -out "${output_prefix}_cert.csr"
        openssl req -x509 -key "${output_prefix}_private.pem" -in "${output_prefix}_cert.csr" -out "${output_prefix}_public.pem"
        ;;

    genrsa)
        if [ $# -ne 2 ]; then
            echo "Usage: $0 genrsa <output_prefix>"
            exit 1
        fi

        output_prefix="$2"
        openssl genrsa -out "${output_prefix}_private.pem" 2048
        openssl req -new -key "${output_prefix}_private.pem" -out "${output_prefix}_cert.csr"
        openssl req -x509 -key "${output_prefix}_private.pem" -in "${output_prefix}_cert.csr" -out "${output_prefix}_public.pem"
        ;;

    genpkcs12)
        if [ $# -ne 4 ]; then
            echo "Usage: $0 genpkcs12 <private_key> <certificate> <output_pfx>"
            exit 1
        fi

        private_key="$2"
        certificate="$3"
        output_pfx="$4"
        openssl pkcs12 -export -out "${output_pfx}" -inkey "${private_key}" -in "${certificate}"
        ;;

    der2pem)
        if [ $# -ne 3 ]; then
            echo "Usage: $0 der2pem <input_der> <output_pem>"
            exit 1
        fi

        input_der="$2"
        output_pem="$3"
        openssl x509 -inform der -in "${input_der}" -out "${output_pem}"
        ;;

    pem2der)
        if [ $# -ne 3 ]; then
            echo "Usage: $0 pem2der <input_pem> <output_der>"
            exit 1
        fi

        input_pem="$2"
        output_der="$3"
        openssl x509 -outform der -in "${input_pem}" -out "${output_der}"
        ;;

    encrypt)
        if [ $# -ne 4 ]; then
            echo "Usage: $0 encrypt <input_file> <output_file>"
            exit 1
        fi

        input_file="$2"
        output_file="$3"
        openssl enc -aes-256-cbc -salt -in "${input_file}" -out "${output_file}"
        ;;

    hashfile)
        if [ $# -ne 3 ]; then
            echo "Usage: $0 hashfile <input_file> <output_hash_file>"
            exit 1
        fi

        input_file="$2"
        output_hash_file="$3"
        openssl dgst -sha256 -out "${output_hash_file}" "${input_file}"
        ;;

    gen-self-signed)
        if [ $# -ne 2 ]; then
            echo "Usage: $0 gen-self-signed <output_prefix>"
            exit 1
        fi

        output_prefix="$2"
        openssl req -new -x509 -keyout "${output_prefix}_private.pem" -out "${output_prefix}_public.pem"
        openssl req -new -keyout "${output_prefix}_private.pem" -out "${output_prefix}_csr.pem"
        ;;

    *)
        usage
        ;;
esac

echo "Operation completed."
	#!/bin/bash

	# Function to display usage instructions
	usage() {
	echo "Usage: $0 <operation> [options]"
	echo "Operations:"
	echo " genca - Generate a CA certificate and output public key, private key, and CSR."
	echo " genec - Generate an EC key and certificate."
	echo " genrsa - Generate an RSA key and certificate."
	echo " genpkcs12 - Generate a PKCS#12 (.pfx) file from a private key and certificate."
	echo " der2pem - Convert a DER file to PEM format."
	echo " pem2der - Convert a PEM file to DER format."
	echo " encrypt - Encrypt a file with AES-256-CBC encryption."
	echo " hashfile - Create a SHA-256 hash of a file."
	echo " gen-self-signed - Generate a self-signed certificate."
	exit 1
	}

	# Check for the correct number of arguments
	if [ $# -lt 1 ]; then
	usage
	fi

	# Perform the selected operation based on the command line argument
	case "$1" in
	genca)
	if [ $# -ne 5 ]; then
	echo "Usage: $0 genca <output_prefix> <common_name> <country_code> <san>"
	exit 1
	fi

	output_prefix="$2"
	common_name="$3"
	country_code="$4"
	san="$5"

	# Create a configuration file for the CA certificate
	cat > ca-config.cnf << EOF
	[req]
	default_bits = 2048
	prompt = no
	distinguished_name = dn

	[dn]
	C = ${country_code}
	CN = ${common_name}
	EOF

	# Generate the CA private key
	openssl genpkey -algorithm RSA -out "${output_prefix}_private.pem"

	# Generate the CA self-signed certificate with extensions
	openssl req -new -x509 -key "${output_prefix}_private.pem" -out "${output_prefix}_public.pem" -config ca-config.cnf -extensions v3_ca -subj "/C=${country_code}/CN=${common_name}/SAN=${san}"

	# Clean up the temporary configuration file
	rm -f ca-config.cnf
	;;

	genec)
	if [ $# -ne 2 ]; then
	echo "Usage: $0 genec <output_prefix>"
	exit 1
	fi

	output_prefix="$2"
	openssl ecparam -genkey -name secp256k1 -out "${output_prefix}_private.pem"
	openssl req -new -key "${output_prefix}_private.pem" -out "${output_prefix}_cert.csr"
	openssl req -x509 -key "${output_prefix}_private.pem" -in "${output_prefix}_cert.csr" -out "${output_prefix}_public.pem"
	;;

	genrsa)
	if [ $# -ne 2 ]; then
	echo "Usage: $0 genrsa <output_prefix>"
	exit 1
	fi

	output_prefix="$2"
	openssl genrsa -out "${output_prefix}_private.pem" 2048
	openssl req -new -key "${output_prefix}_private.pem" -out "${output_prefix}_cert.csr"
	openssl req -x509 -key "${output_prefix}_private.pem" -in "${output_prefix}_cert.csr" -out "${output_prefix}_public.pem"
	;;

	genpkcs12)
	if [ $# -ne 4 ]; then
	echo "Usage: $0 genpkcs12 <private_key> <certificate> <output_pfx>"
	exit 1
	fi

	private_key="$2"
	certificate="$3"
	output_pfx="$4"
	openssl pkcs12 -export -out "${output_pfx}" -inkey "${private_key}" -in "${certificate}"
	;;

	der2pem)
	if [ $# -ne 3 ]; then
	echo "Usage: $0 der2pem <input_der> <output_pem>"
	exit 1
	fi

	input_der="$2"
	output_pem="$3"
	openssl x509 -inform der -in "${input_der}" -out "${output_pem}"
	;;

	pem2der)
	if [ $# -ne 3 ]; then
	echo "Usage: $0 pem2der <input_pem> <output_der>"
	exit 1
	fi

	input_pem="$2"
	output_der="$3"
	openssl x509 -outform der -in "${input_pem}" -out "${output_der}"
	;;

	encrypt)
	if [ $# -ne 4 ]; then
	echo "Usage: $0 encrypt <input_file> <output_file>"
	exit 1
	fi

	input_file="$2"
	output_file="$3"
	openssl enc -aes-256-cbc -salt -in "${input_file}" -out "${output_file}"
	;;

	hashfile)
	if [ $# -ne 3 ]; then
	echo "Usage: $0 hashfile <input_file> <output_hash_file>"
	exit 1
	fi

	input_file="$2"
	output_hash_file="$3"
	openssl dgst -sha256 -out "${output_hash_file}" "${input_file}"
	;;

	gen-self-signed)
	if [ $# -ne 2 ]; then
	echo "Usage: $0 gen-self-signed <output_prefix>"
	exit 1
	fi

	output_prefix="$2"
	openssl req -new -x509 -keyout "${output_prefix}_private.pem" -out "${output_prefix}_public.pem"
	openssl req -new -keyout "${output_prefix}_private.pem" -out "${output_prefix}_csr.pem"
	;;

	*)
	usage
	;;
	esac

	echo "Operation completed."