feat: Initial code drop

2024-02-24 18:47:23 +11:00
parent 76ad2ffa99
commit 4b21186b8f
53 changed files with 3273 additions and 0 deletions
--- a/tlsa.sh
+++ b/tlsa.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+
+# Get domain name from arguments
+domain=$1
+
+mkdir certs/$domain
+
+openssl req -x509 -newkey rsa:4096 -sha256 -days 365 -nodes \
+    -keyout certs/$domain/cert.key -out certs/$domain/cert.crt \
+    -extensions ext  -config \
+  <(echo "[req]";
+    echo distinguished_name=req;
+    echo "[ext]";
+    echo "keyUsage=critical,digitalSignature,keyEncipherment";
+    echo "extendedKeyUsage=serverAuth";
+    echo "basicConstraints=critical,CA:FALSE";
+    echo "subjectAltName=DNS:$domain,DNS:*.$domain";
+    ) -subj "/CN=*.$domain"
+
+echo -n "3 1 1 " && openssl x509 -in certs/$domain/cert.crt -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | xxd  -p -u -c 32