#!/usr/bin/env ruby require "pathname" require "tmpdir" require "open3" require "fileutils" require "/fudo/lib/fudo.rb" Fudo::require("fudo/config") Fudo::require("network") config = Fudo::Config::default hostname = Fudo::Network::hostname keystore = Pathname.new( config.get("services::#{hostname}::service::keystore")) passwd_file = Pathname.new( config.get("services::#{hostname}::service::keystore_passwd_file")) if ARGV.length != 2 puts "usage: #{$0} [KEY_FILE] [CERT_FILE]" exit 1 end KEYNAME = Pathname.new(ARGV[0]) CERTNAME = Pathname.new(ARGV[1]) if not File::readable?(KEYNAME) raise RuntimeError.new("Key #{KEYNAME.to_s} can't be read!") end if not File::readable?(CERTNAME) raise RuntimeError.new("Certificate #{CERTNAME.to_s} can't be read!") end if not keystore.parent.writable? raise RuntimeError.new("Can't write JKS to directory #{keystore.parent.to_s}") end if keystore.exist? raise RuntimeError.new("Keystore exists: #{keystore}! Aborting...") end if passwd_file.exist? raise RuntimeError.new("Keystore password file exists: #{passwd_file}! Aborting...") end def exec_or_die(cmd) out, err, status = Open3::capture3(cmd) if status != 0 puts err raise RuntimeError.new(err) end end def randpass (0...50).map { ('a'..'z').to_a[rand(26)] }.join end finalpass = randpass Dir::mktmpdir { |tmp_0| begin PRIV = Pathname.new(tmp_0) + "private" Dir::mkdir(PRIV) File::chmod(0700, PRIV) pkcs12 = PRIV + "key_crt.p12" pem_to_pkcs12 = <