misc-linux-tools/bin/key-check

#!/bin/bash

trap "exit 1" TERM
export TOP_PID=$$

readonly PROGRAM_NAME=$(basename $0)
readonly PROGRAM_LOC=$(readlink -m $(dirname $0))
readonly ARGS="$@"
readonly ARG_COUNT="$#"

error () {
  local readonly message=$1; shift

  echo $message
  echo

  exit 1
}

file_error () {
  local readonly file=$1; shift

  error "File $file does not exist"
}

hash_error () {
  local readonly file=$1; shift
  local readonly cert_type=$1; shift

  error "File $file is not a $cert_type file"
}

usage () {
  echo usage: $POGRAM_NAME CERTIFICATE_FILE KEY_FILE CSR_FILE
  exit 0
}

md5 () {
  local readonly modulus=$1; shift

  echo $modulus \
    | openssl md5
}

hash_certificate () {
  local readonly certificate=$1; shift
  out=$( openssl x509 -noout -modulus -in $certificate 2>/dev/null )

  if [ $? -ne 0 ]; then
    hash_error $certificate certificate
  fi

  echo $(md5 $out)
}

hash_key () {
  local readonly key=$1; shift
  out=$( openssl rsa -noout -modulus -in $key 2>/dev/null )

  if [ $? -ne 0 ]; then
    hash_error $key key
  fi

  echo $(md5 $out)
}

hash_csr () {
  local readonly csr=$1; shift
  out=$( openssl req -noout -modulus -in $csr 2>/dev/null )

  if [ $? -ne 0 ]; then
    hash_error $csr csr
  fi

  echo $(md5 $out)
}

incorrect_number_of_arguments () {
  test $ARG_COUNT -ne 3
}

is_file () {
  local readonly file=$1

  [[ -f $file ]]
}

main () {
  local readonly certificate=$1; shift
  local readonly key=$1; shift
  local readonly csr=$1; shift

  if incorrect_number_of_arguments; then
    usage
  fi

  if ! is_file $certificate; then
    file_error $certificate
  fi

  if ! is_file $key; then
    file_error $key
  fi

  if ! is_file $csr; then
    file_error $csr
  fi

  echo $(hash_certificate $certificate)
  echo $(hash_key $key)
  echo $(hash_csr $csr)
}

main $ARGS
Script to check SSL certs Verifies that certificate, key and csr all match. Messy and work to be done. This currently does not return appropriate status nor exit at appropriate times. It only displays the three hashes if it can calculate them to be compared by human eyes. 2014-10-28 14:55:42 -04:00			`#!/bin/bash`

			`trap "exit 1" TERM`
			`export TOP_PID=$$`

			`readonly PROGRAM_NAME=$(basename $0)`
			`readonly PROGRAM_LOC=$(readlink -m $(dirname $0))`
			`readonly ARGS="$@"`
			`readonly ARG_COUNT="$#"`

			`error () {`
			`local readonly message=$1; shift`

			`echo $message`
			`echo`

			`exit 1`
			`}`

			`file_error () {`
			`local readonly file=$1; shift`

			`error "File $file does not exist"`
			`}`

			`hash_error () {`
			`local readonly file=$1; shift`
			`local readonly cert_type=$1; shift`

			`error "File $file is not a $cert_type file"`
			`}`

			`usage () {`
			`echo usage: $POGRAM_NAME CERTIFICATE_FILE KEY_FILE CSR_FILE`
			`exit 0`
			`}`

			`md5 () {`
			`local readonly modulus=$1; shift`

			`echo $modulus \`
			`\| openssl md5`
			`}`

			`hash_certificate () {`
			`local readonly certificate=$1; shift`
			`out=$( openssl x509 -noout -modulus -in $certificate 2>/dev/null )`

			`if [ $? -ne 0 ]; then`
			`hash_error $certificate certificate`
			`fi`

			`echo $(md5 $out)`
			`}`

			`hash_key () {`
			`local readonly key=$1; shift`
			`out=$( openssl rsa -noout -modulus -in $key 2>/dev/null )`

			`if [ $? -ne 0 ]; then`
			`hash_error $key key`
			`fi`

			`echo $(md5 $out)`
			`}`

			`hash_csr () {`
			`local readonly csr=$1; shift`
			`out=$( openssl req -noout -modulus -in $csr 2>/dev/null )`

			`if [ $? -ne 0 ]; then`
			`hash_error $csr csr`
			`fi`

			`echo $(md5 $out)`
			`}`

			`incorrect_number_of_arguments () {`
			`test $ARG_COUNT -ne 3`
			`}`

			`is_file () {`
			`local readonly file=$1`

			`[[ -f $file ]]`
			`}`

			`main () {`
			`local readonly certificate=$1; shift`
			`local readonly key=$1; shift`
			`local readonly csr=$1; shift`

			`if incorrect_number_of_arguments; then`
			`usage`
			`fi`

			`if ! is_file $certificate; then`
			`file_error $certificate`
			`fi`

			`if ! is_file $key; then`
			`file_error $key`
			`fi`

			`if ! is_file $csr; then`
			`file_error $csr`
			`fi`

			`echo $(hash_certificate $certificate)`
			`echo $(hash_key $key)`
			`echo $(hash_csr $csr)`
			`}`

			`main $ARGS`