bin/ca
changeset 1 f44419b55cf0
parent 0 730be7994b86
child 2 72112c207284
--- a/bin/ca	Tue Jan 26 23:26:08 2010 +0100
+++ b/bin/ca	Tue Jan 26 23:43:31 2010 +0100
@@ -9,22 +9,22 @@
 use Getopt::Long qw(GetOptionsFromArray);
 use Pod::Usage;
 
-my $CA_CRT   = "CA/ca-crt.pem";
-my $CA_KEY   = "CA/private/ca-key.pem";
-my $CA_DIR   = "./var";
+my $CA_CRT = "CA/ca-crt.pem";
+my $CA_KEY = "CA/private/ca-key.pem";
+my $CA_DIR = "./var";
 
 my %TEMPLATE = (
-    ca => "templates/ca",
+    ca  => "templates/ca",
     req => "templates/req",
 );
 
-my $TMP      = tempdir("/tmp/$ENV{USER}.ca.XXXXXX", CLEANUP => 1);
+my $TMP = tempdir("/tmp/$ENV{USER}.ca.XXXXXX", CLEANUP => 1);
 
 my $opt_days    = undef;    # see the templates/ca for a default
 my $opt_type    = undef;    # see the templates/ca for a default
 my $opt_policy  = "de";     # see the templates/ca for a default
 my $opt_outfile = undef;
-my $opt_force = undef;
+my $opt_force   = undef;
 
 sub init_ca();
 sub ask_pass($);
@@ -37,8 +37,8 @@
         "t|type=s"    => \$opt_type,
         "p|policy=s"  => \$opt_policy,
         "o|outfile=s" => \$opt_outfile,
-	"force"	      => \$opt_force,
-	"init"	      => sub { init_ca(); exit 0; },
+        "force"       => \$opt_force,
+        "init"        => sub { init_ca(); exit 0; },
         "h|help"      => sub { pod2usage(-verbose => 1, -exit => 0) },
         "m|man"       => sub { pod2usage(-verbose => 2, -exit => 0) },
     ) or pod2usage;
@@ -67,8 +67,8 @@
             days   => $opt_days,
             policy => "policy_$opt_policy",
             cacrt  => $CA_CRT,
-	    cakey  => $CA_KEY,
-	    cadir  => $CA_DIR,
+            cakey  => $CA_KEY,
+            cadir  => $CA_DIR,
         } => "$TMP/cnf"
     ) or die $tt2->error, "\n";
 
@@ -106,48 +106,54 @@
     my @keys = ("x", "y");
 
     while (1) {
-	print $prompt;
-	my $stty = `stty -g`;
-	system("stty -echo");
-	chomp($keys[0] = IO::File->new("/dev/tty")->getline());
-	print "\n";
-	system("stty $stty");
-	print "please again for verification: ";
-	system("stty -echo");
-	chomp($keys[1] = IO::File->new("/dev/tty")->getline());
-	print "\n";
-	system("stty $stty");
-	return $keys[0] if $keys[0] eq $keys[1];
-	print "keys mismatch, again\n";
+        print $prompt;
+        my $stty = `stty -g`;
+        system("stty -echo");
+        chomp($keys[0] = IO::File->new("/dev/tty")->getline());
+        print "\n";
+        system("stty $stty");
+        print "please again for verification: ";
+        system("stty -echo");
+        chomp($keys[1] = IO::File->new("/dev/tty")->getline());
+        print "\n";
+        system("stty $stty");
+        return $keys[0] if $keys[0] eq $keys[1];
+        print "keys mismatch, again\n";
     }
 }
 
 sub init_ca() {
+
     # initialize the CA directory structure. This should
     # correspond to the values found in templates/ca
     die "$CA_DIR already exists" if -d $CA_DIR and not $opt_force;
     mkpath(map { "$CA_DIR/$_" } qw(newcerts));
     mkpath(map { dirname $_ } $CA_CRT, $CA_KEY);
     (new IO::File ">$CA_DIR/index");
-    (new IO::File ">$CA_DIR/serial")-> print("01\n");
+    (new IO::File ">$CA_DIR/serial")->print("01\n");
 
-    # now 
+    # now
     my $tt2 = new Template or die $Template::ERROR;
-    $tt2->process($TEMPLATE{req},
-    {
-	# not used yet
-    } => "$TMP/cnf") or die $tt2->error;
+    $tt2->process(
+        $TEMPLATE{req},
+        {
+
+            # not used yet
+        } => "$TMP/cnf"
+    ) or die $tt2->error;
 
     $ENV{CA_PASS} = ask_pass("passphrase for CA key: ");
-    system("openssl req -config $TMP/cnf -x509 -days 3650 -new -passout env:CA_PASS -keyout $TMP/ca-key.pem -out $TMP/ca-crt.pem")
-    and exit;
+    system(
+"openssl req -config $TMP/cnf -x509 -days 3650 -new -passout env:CA_PASS -keyout $TMP/ca-key.pem -out $TMP/ca-crt.pem"
+    ) and exit;
 
     system("openssl x509 -in $TMP/ca-crt.pem -out $CA_CRT") and exit;
     $_ = umask(077);
-    system("openssl rsa -in $TMP/ca-key.pem -des3 -passin env:CA_PASS -passout env:CA_PASS -out $CA_KEY") and exit;
+    system(
+"openssl rsa -in $TMP/ca-key.pem -des3 -passin env:CA_PASS -passout env:CA_PASS -out $CA_KEY"
+    ) and exit;
     umask($_);
 
-
 }
 
 __END__