#!/bin/bash

# description       : Converts PFX files to their individual crt, key, caa, and pem files
# author            : Joachim
# email             : contact@joachim.gent
# version           : 2.0
#==============================================================================

clear


echo  "=================================================================="
echo "██████╗ ███████╗██╗  ██╗    ██████╗     ██████╗ ███████╗███╗   ███╗"
echo "██╔══██╗██╔════╝╚██╗██╔╝    ╚════██╗    ██╔══██╗██╔════╝████╗ ████║"
echo "██████╔╝█████╗   ╚███╔╝      █████╔╝    ██████╔╝█████╗  ██╔████╔██║"
echo "██╔═══╝ ██╔══╝   ██╔██╗     ██╔═══╝     ██╔═══╝ ██╔══╝  ██║╚██╔╝██║"
echo "██║     ██║     ██╔╝ ██╗    ███████╗    ██║     ███████╗██║ ╚═╝ ██║"
echo "╚═╝     ╚═╝     ╚═╝  ╚═╝    ╚══════╝    ╚═╝     ╚══════╝╚═╝     ╚═╝"
echo  "=================================================================="

echo
read -p "I will look for PFX files in current dir (`pwd`). Do you wish to continue? Y/n ..." choice

if [[ "$choice" == "Y" || "$choice" == "y" ]]; then

echo
#echo "========================================================="
echo "I found these PFX files for you:"
echo  "========================================================="

ls | grep .pfx | grep -v crt2pfx.script

echo
echo "========================================================="
read -p "Which PFX file do you want to convert?: " pfxfile
read -s -p "Password: " password
#echo "========================================================="

filename=`basename $pfxfile .pfx`

#create directory
echo
echo -e "> Creating directory `pwd`/$filename"
mkdir -p $filename

echo "> Extracting key file..."
openssl pkcs12 -in ${filename}.pfx -nocerts -nodes -passin pass:$password | sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' >> ./$filename/${filename}.key


echo "> Extracting crt..."
openssl pkcs12 -in ${filename}.pfx -clcerts -nokeys -passin pass:$password | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> ./$filename/${filename}.crt


echo "> Exctracting caa..."
openssl pkcs12 -in ${filename}.pfx -cacerts -nokeys -chain -passin pass:$password | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> ./$filename/${filename}.caa

cat ./$filename/$filename.key >> ./$filename/${filename}.pem
cat ./$filename/$filename.crt >> ./$filename/${filename}.pem
cat ./$filename/$filename.caa >> ./$filename/${filename}.pem

echo "done!"
echo
echo "created files:"
echo " 🔑    ./$filename/$filename.key"
echo " 📄    ./$filename/$filename.crt"
echo " 📄    ./$filename/${filename}.ca"
echo " 📄    ./$filename/${filename}.pem"
echo
echo "Extraction complete! 🐼  "
echo
else
    echo "Conversion canceled."
    exit 1
fi