Merge pull request #4 from devilbox/release-0.1

Release v0.1

.travis.yml

@@ -0,0 +1,22 @@
+sudo: required
+
+language: bash
+
+before_install:
+  # Add more modern repos
+  - sudo apt-get update -qq
+  - sudo apt-get install -qq python-software-properties
+  - sudo add-apt-repository ppa:brightbox/ruby-ng -y
+  - sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu/ trusty-backports restricted main universe"
+
+  # Update sources
+  - sudo apt-get update -qqy
+
+  # Install
+  - sudo apt-get install -qqy shellcheck
+
+
+script:
+
+  - shellcheck --shell=bash bin/ca-gen
+  - shellcheck --shell=bash bin/cert-gen

Makefile

@@ -0,0 +1,31 @@
+# Configuration
+SHELL = /bin/sh
+
+MKDIR_P = mkdir -p
+
+
+help:
+	@echo Options
+	@echo "   make install"
+	@echo "      Install everthing (requires sudo or root)"
+	@echo ""
+	@echo "   make help"
+	@echo "      Show this help screen"
+
+
+install:
+
+	@echo "Installing files"
+	@echo ""
+
+	@# Create directories
+	${MKDIR_P} /usr/local/bin
+
+	@# Install binary
+	install -m 0755 bin/ca-gen /usr/local/bin/ca-gen
+	install -m 0755 bin/cert-gen /usr/local/bin/cert-gen
+
+
+	@echo "Installation complete:"
+	@echo "----------------------------------------------------------------------"
+	@echo ""

README.md

@@ -1,24 +1,60 @@
 # ca-gen
 
+[![Build Status](https://travis-ci.org/devilbox/cert-gen.svg?branch=master)](https://travis-ci.org/devilbox/cert-gen)
+[![Join the chat at https://gitter.im/devilbox/Lobby](https://badges.gitter.im/devilbox/Lobby.svg)](https://gitter.im/devilbox/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+![Tag](https://img.shields.io/github/tag/devilbox/ca-gen.svg)
+[![License](https://img.shields.io/badge/license-MIT-blue.svg)](https://opensource.org/licenses/MIT)
+
 Easily create your own CA and self-signed certificates.
 
-CA can be imported into Chrome, Firefox and Internet Explorer for local development.
+The generated CA can be imported into Chrome, Firefox or Internet Explorer for local development.
+All subsequent created certificates will then be valid SSL certificates to each browser.
+
+<img width="200" style="width:200px;" src="img/address-bar.png" />
+
+**Table of Contents**
+
+1. [Available Tools](#available-tools)
+    1. [Tools](#tools)
+    2. [Requirements](#requirements)
+    3. [Installation](#installation)
+2. [Create Certificate Authoriy](#create-certificate-authority)
+    1. [Usage: ca-gen](#usage-ca-gen)
+    2. [Execute: ca-gen](#execute-ca-gen)
+    3. [Example: CA](#example-ca)
+3. [Create SSL Certificate](#create-ssl-certificate)
+    1. [Usage: cert-gen](#usage-cert-gen)
+    2. [Execute: cert-gen](#execute-cert-gen)
+    3. [Example: SSL certificate](#example-ssl-certificate)
+4. [Import CA into Chrome](#import-ca-into-chrome)
+5. [License](#license)
+
+----
 
 ## Available Tools
 
-* [ca-gen](bin/ca-gen)
-* [cert-gen](bin/cert-gen)
+#### Tools
 
+| Tools                    | Description |
+|--------------------------|-------------|
+| [ca-gen](bin/ca-gen)     | Creates a certificate authority |
+| [cert-gen](bin/cert-gen) | Creates SSL certificates signed by a certificate authority |
 
-## Create CA
+#### Requirements
 
-#### Devilbox example
+* `openssl`
+* `bash`
+
+#### Installation
 ```bash
-$ ca-gen -v -c DE -s Berlin -l Berlin -o Devilbox -u Devilbox -n devilbox.org \
-       -e [email protected] devilbox-rootCA.key devilbox-rootCA.crt
+$ sudo make install
 ```
 
-#### Usage
+
+## Create Certificate Authority
+
+#### Usage: ca-gen
+The following shows the general usage for `ca-gen`:
 ```bash
 USAGE: ca-gen -n CN [-kdcslouev] <keyfile> <crtfile>
        ca-gen --help
@@ -43,7 +79,14 @@ Required parameter
   <crtfile>   Path to output cert file
 ```
 
-#### Example output
+#### Execute: ca-gen
+The following command shows how the CA is generated for the [Devilbox](https;//github.com/cytopia/devilbox):
+```bash
+$ ca-gen -v -c DE -s Berlin -l Berlin -o Devilbox -u Devilbox -n devilbox.org \
+       -e [email protected] devilbox-rootCA.key devilbox-rootCA.crt
+```
+
+#### Example: CA
 ```bash
 Certificate:
     Data:
@@ -106,21 +149,10 @@ Certificate:
 ```
 
 
-## Create certificate
-
-#### Devilbox example
-```bash
-$ cert-gen -v -c DE -s Berlin -l Berlin -o Devilbox -u Devilbox \
-           -n project.loc -e [email protected] \
-           -a '*.project.loc,*.www.project.loc' \
-           devilbox-rootCA.key \
-           devilbox-rootCA.crt \
-           project.loc.key \
-           project.loc.csr \
-           project.loc.crt
-```
+## Create SSL Certificate
 
-#### Usage
+#### Usage: cert-gen
+The following shows the general usage for cert-gen:
 ```bash
 USAGE: cert-gen -n CN [-kdcsloueav] <ca-key> <ca-crt> <key> <csr> <crt>
        cert-gen --help
@@ -149,7 +181,20 @@ Required parameter
   <crt>       Path to output certificate crt file
 ```
 
-#### Example output
+#### Execute: cert-gen
+The following command shows how SSL certificates are generated for the [Devilbox](github.com/cytopia/devilbox):
+```bash
+$ cert-gen -v -c DE -s Berlin -l Berlin -o Devilbox -u Devilbox \
+           -n project.loc -e [email protected] \
+           -a '*.project.loc,*.www.project.loc' \
+           devilbox-rootCA.key \
+           devilbox-rootCA.crt \
+           project.loc.key \
+           project.loc.csr \
+           project.loc.crt
+```
+
+#### Example: SSL Certificate
 ```bash
 Certificate:
     Data:
@@ -206,7 +251,8 @@ Certificate:
          02:db:c7:03
 ```
 
-## Import to Chrome
+
+## Import CA into Chrome
 
 **1. Open Chrome settings - scroll down and click `Advanced`**
 

bin/ca-gen

@@ -218,8 +218,8 @@ fi
 ###
 
 # Subject dnQualifier (Public key thumbprint, see SMPTE 430-2-2006 sections 5.3.1, 5.4 and DCI CTP section 2.1.11)
-ca_dnq="$( openssl rsa -outform PEM -pubout -in "${CA_KEY_FILE}" | openssl base64 -d | dd bs=1 skip=24 2>/dev/null | openssl sha1 -binary | openssl base64 )"
-ca_dnq="$( echo "${ca_dnq}" | sed 's|/|\\/|g' )" # can have values like '0Za8/aABE05Aroz7le1FOpEdFhk=', note the '/'. protect for name parser
+ca_dnq="$( openssl rsa -outform PEM -pubout -in "${CA_KEY_FILE}" 2>/dev/null | openssl base64 -d | dd bs=1 skip=24 2>/dev/null | openssl sha1 -binary | openssl base64 )"
+ca_dnq="${ca_dnq//\//\\/}" # echo "${ca_dnq}" | sed 's|/|\\/|g' )" # can have values like '0Za8/aABE05Aroz7le1FOpEdFhk=', note the '/'. protect for name parser
 SUBJECT="${SUBJECT}/dnQualifier=${ca_dnq}"
 
 
@@ -260,5 +260,18 @@ fi
 ###
 ### 4. Validate
 ###
-openssl x509 -in "${CA_CRT_FILE}" -text
-openssl x509 -noout -subject -issuer -in "${CA_CRT_FILE}"
+if ! out="$( openssl x509 -in "${CA_CRT_FILE}" -text )"; then
+	echo "${out}"
+	exit 1
+fi
+if [ "${DEF_VERBOSE}" = "1" ]; then
+	echo "${out}"
+fi
+
+if ! out="$( openssl x509 -noout -subject -issuer -in "${CA_CRT_FILE}" )"; then
+	echo "${out}"
+	exit 1
+fi
+if [ "${DEF_VERBOSE}" = "1" ]; then
+	echo "${out}"
+fi

bin/cert-gen

@@ -255,10 +255,11 @@ fi
 ###
 
 # Command
+# shellcheck disable=SC1117
 cmd=" openssl x509 \
   -req \
   -extensions v3_req \
-  -extfile <(printf '[ req ]\nreq_extensions = v3_req\n[ v3_req ]\nsubjectAltName=${ALT_NAMES}') \
+  -extfile <(printf '[ req ]\nreq_extensions = v3_req\n[ v3_req ]\nsubjectAltName=${ALT_NAMES}'\n) \
   -days ${DEF_DAYS} \
   -in ${CSR_FILE} \
   -CA ${CA_CRT_FILE} \
@@ -287,5 +288,18 @@ fi
 ###
 ### 4. Validate
 ###
-openssl x509 -in "${CRT_FILE}" -text -noout
-openssl verify -verbose -CAfile "${CA_CRT_FILE}" "${CRT_FILE}"
+if ! out="$( openssl x509 -in "${CRT_FILE}" -text -noout )"; then
+	echo "${out}"
+	exit 1
+fi
+if [ "${DEF_VERBOSE}" = "1" ]; then
+	echo "${out}"
+fi
+
+if ! out="$( openssl verify -verbose -CAfile "${CA_CRT_FILE}" "${CRT_FILE}" )"; then
+	echo "${out}"
+	exit 1
+fi
+if [ "${DEF_VERBOSE}" = "1" ]; then
+	echo "${out}"
+fi