From 9d501f27209a7da470c7fd0432cc05b87edb5c95 Mon Sep 17 00:00:00 2001
From: JohnE <git@malloc.io>
Date: Mon, 13 Aug 2018 08:38:31 -0700
Subject: [PATCH] MOD: cp script files complete

---
 .gitignore                         |  3 ++
 src/pki_bootstrap/pki_bootstrap.sh | 62 +++++++++++++++++++-----------
 2 files changed, 43 insertions(+), 22 deletions(-)

diff --git a/.gitignore b/.gitignore
index af68f6a..87bf6da 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,6 @@
+#
+pki-lifecycle*
+
 # Project specific files
 sftp-config.json
 .DS_Store
diff --git a/src/pki_bootstrap/pki_bootstrap.sh b/src/pki_bootstrap/pki_bootstrap.sh
index f91d666..65ebbbb 100755
--- a/src/pki_bootstrap/pki_bootstrap.sh
+++ b/src/pki_bootstrap/pki_bootstrap.sh
@@ -8,15 +8,16 @@
 # 
 
 # source this file to include the functions
-. pki_funcs.sh
+. libs/pki_funcs.sh
 
 PARAM1=$1
 
 usage() {
   echo
-  echo "This script will generate all the files necessary to build a certificate chain of trust"
-  echo "using a CA, CA Intermediate, Server, and Client certificates. After the bootstrap the other"
-  echo "helper scripts will generate new certificates"
+  echo "This application will generate all the files necessary to build a certificate chain of trust"
+  echo "using a CA, CA Intermediate, Server, and Client certificates. All the files are put into"
+  echo "pki lifecyle package"
+  echo "  -put the .cnf config files into the ./cnf directory"
   echo 
   echo "Usage: pki_bootstrap  <.cnf file (minus the .cnf)>"
   echo
@@ -33,7 +34,7 @@ usage() {
 app_init() {
   if [[ -n $PARAM1 ]]; then
     # need to know the location of the configuration file  (expected to be in same dir path as this script)
-    CA_CNF="$CD/ca.cnf"
+    CA_CNF="$CD_ROOT/cnf/ca.cnf"
 
     # handle the case of having the ".cnf" extension or not
     if [[ ${PARAM1: -4} == .cnf ]]; then
@@ -46,7 +47,7 @@ app_init() {
       echo "ZXCV: ${ORG_URL},  ${S_CNF}"
     fi
 
-    FQ_S_CNF="${CD}/${S_CNF}"
+    FQ_S_CNF="${CD_ROOT}/cnf/${S_CNF}"
     if [[ ! -f $FQ_S_CNF ]] || [[ ! -f $CA_CNF ]]; then
       usage
     fi
@@ -67,21 +68,20 @@ one-time-ca() {
   # Organize
   # 
   # create a unique path for the server certificate
-  UNIQ_DIR=`date +%Y-%m-%d.%H_%M_%S`
-  UNIQ_DIR="pki-chain_${UNIQ_DIR}"
-  mkdir -p "${UNIQ_DIR}"
-  cd "${UNIQ_DIR}"
-  # FQ_DIR="${CD}/${UNIQ_DIR}"
-
+  UNIQ_DIR_LC=`date +%Y-%m-%d.%H_%M_%S`
+  UNIQ_DIR_LC="pki-lifecycle_${UNIQ_DIR_LC}"
+  mkdir -p "${UNIQ_DIR_LC}"
+  cd "${UNIQ_DIR_LC}"
 
+  # create certificate
   UNIQ_ID_CA="${SERIAL}.${ORG_URL}"
   CA_DIR="ca_${UNIQ_ID_CA}"
   mkdir $CA_DIR
   cd $CA_DIR
-  generate_ca $UNIQ_ID_CA $SERIAL
   FQ_CA_DIR=`pwd`
   FQ_CA_CERT="${FQ_CA_DIR}/ca_${UNIQ_ID_CA}.crt.pem"
   FQ_CA_KEYS="${FQ_CA_DIR}/ca_${UNIQ_ID_CA}.keys.pem"
+  generate_ca $UNIQ_ID_CA $SERIAL
   cd ..
 }
 
@@ -122,8 +122,22 @@ organize() {
   cp $FQ_CA_DIR/ca_*.info.txt ca-i/docs/
 }
 
+#
+# Copies all applcations to the Lifecycle package
+# 
+# Requires: 
+#   UNIQ_DIR_LC  : unique string for the Lifecycle directory
+#   UNIQ_ID_CA-I : unique string for the CA-I
+#
 cp_pki_lifecycle() {
-  echo
+  cp $CD_ROOT/libs/gen_ca-i.sh $CD_ROOT/$UNIQ_DIR_LC/
+  cp $CD_ROOT/docs/README_LC $CD_ROOT/$UNIQ_DIR_LC/README
+  cp $CD_ROOT/libs/gen_client.sh $CD_ROOT/$UNIQ_DIR_LC/distrobution/$UNIQ_DIR_CA/clients
+  cp $CD_ROOT/libs/gen_server.sh $CD_ROOT/$UNIQ_DIR_LC/distrobution/$UNIQ_DIR_CA/servers
+
+  # cp $LIB_PATH/gen_ca-i.sh  $UNIQ_ID_CA-I/$UNIQ_DIR_LC  ca-i/
+  # cp $LIB_PATH/gen_client.sh clients/
+  # cp $LIB_PATH/gen_server.sh servers/
 }
 
 #
@@ -140,19 +154,19 @@ gen_pki_certs() {
   NUM_CERTS=$(($2-1))
 
   # Create CA Intermediate
-  UNIQ_ID_CA="${B_SERIAL}.${ORG_URL}" 
-  generate_ca_i $UNIQ_ID_CA $B_SERIAL
+  UNIQ_ID_CAI="${B_SERIAL}.${ORG_URL}" 
+  generate_ca_i $UNIQ_ID_CAI $B_SERIAL
 
   # Server Certificates
   for NUM in $(seq 0 $NUM_CERTS)
   do
-    generate_server "$((B_SERIAL+NUM)).${ORG_URL}" $UNIQ_ID_CA $((B_SERIAL+NUM))
+    generate_server "$((B_SERIAL+NUM)).${ORG_URL}" $UNIQ_ID_CAI $((B_SERIAL+NUM))
   done
 
   # Client Certificates
   for NUM in $(seq 0 $NUM_CERTS)
   do
-    generate_client "$((B_SERIAL+NUM)).${ORG_URL}" $UNIQ_ID_CA $((B_SERIAL+NUM))
+    generate_client "$((B_SERIAL+NUM)).${ORG_URL}" $UNIQ_ID_CAI $((B_SERIAL+NUM))
   done
 }
 
@@ -168,24 +182,28 @@ gen_pki() {
   mkdir -p "distrobution/${UNIQ_DIR_CA}"
   cd "distrobution/${UNIQ_DIR_CA}"
 
+  # geneate certificates, organize the files
   gen_pki_certs $SERIAL $2
   organize
   cp_pki_lifecycle
 
+  # return to last path
   cd $CDD
 }
 
 
 main() {
-  CD=`pwd`
+  CD_ROOT=`pwd`
+  LIB_PATH="${CD_ROOT}/libs"
 
   app_init
   one-time-ca
-  gen_pki 10001 2
-  gen_pki 50001 5
+  gen_pki 1001 2
+#  gen_pki 50001 5
 #  gen_pki 80001 10
   
-  cd "${CD}"
+  # make sure we return to root execution path
+  cd "${CD_ROOT}"
 }