Skip to content

Commit 74b614b

Browse files
amusarraamusarra
committed
Added the --key-length param to the certs_manager.sh
1 parent d9a6949 commit 74b614b

File tree

2 files changed

+20
-5
lines changed

2 files changed

+20
-5
lines changed

src/main/shell/certs-manager/_common.sh

+4-2
Original file line numberDiff line numberDiff line change
@@ -237,13 +237,15 @@ generate_p12_file() {
237237

238238
# Function to generate a private key
239239
# @param private_key_file: The private key file path
240+
# @param key_length: The length of the key
240241
generate_private_key() {
241242
local private_key_file=$1
243+
local key_length=$2
242244
local password_file="${private_key_file}.password"
243245
local private_key_password=$(openssl rand -base64 12)
244246

245-
echo -e "${BLUE}🔑 Generating the private key...${NC}"
246-
if ! openssl genpkey -algorithm RSA -out "$private_key_file" -aes256 -pass pass:"$private_key_password"; then
247+
echo -e "${BLUE}🔑 Generating the private key with length ${key_length}...${NC}"
248+
if ! openssl genpkey -algorithm RSA -out "$private_key_file" -aes256 -pass pass:"$private_key_password" -pkeyopt rsa_keygen_bits:"$key_length"; then
247249
echo -e "${RED}❌ Error generating the private key.${NC}"
248250
exit 1
249251
fi

src/main/shell/certs-manager/certs_manager.sh

+16-3
Original file line numberDiff line numberDiff line change
@@ -54,6 +54,9 @@ SCRIPT_DIR=$(cd "$(dirname "$0")" && pwd)
5454
# Source common functions
5555
source "$SCRIPT_DIR/_common.sh"
5656

57+
# Default key length
58+
DEFAULT_KEY_LENGTH=2048
59+
5760
# Check if the required tools are installed
5861
check_zsh_version
5962
check_bash_version
@@ -74,6 +77,7 @@ print_usage() {
7477
echo -e " ${YELLOW}--organization <organization>${NC}"
7578
echo -e " ${YELLOW}--organizational-unit <unit>${NC}"
7679
echo -e " ${YELLOW}--common-name <name>${NC}"
80+
echo -e " ${YELLOW}--key-length <length>${NC} (default: 2048)"
7781
echo -e " ${YELLOW}[--output-p12-file <file>]${NC}"
7882
echo -e "${BLUE}Parameters for generate-server:${NC}"
7983
echo -e " ${YELLOW}--private-key-file <file>${NC}"
@@ -89,6 +93,7 @@ print_usage() {
8993
echo -e " ${YELLOW}--organization <organization>${NC}"
9094
echo -e " ${YELLOW}--organizational-unit <unit>${NC}"
9195
echo -e " ${YELLOW}--common-name <name>${NC}"
96+
echo -e " ${YELLOW}--key-length <length>${NC} (default: 2048)"
9297
echo -e " ${YELLOW}[--san-domains <domains>]${NC}"
9398
echo -e " ${YELLOW}[--output-p12-file <file>]${NC}"
9499
echo -e "${BLUE}Parameters for generate-client:${NC}"
@@ -105,6 +110,7 @@ print_usage() {
105110
echo -e " ${YELLOW}--organization <organization>${NC}"
106111
echo -e " ${YELLOW}--organizational-unit <unit>${NC}"
107112
echo -e " ${YELLOW}--common-name <name>${NC}"
113+
echo -e " ${YELLOW}--key-length <length>${NC} (default: 2048)"
108114
echo -e " ${YELLOW}[--extensions-file <file>]${NC}"
109115
echo -e " ${YELLOW}[--ext-cert-role <role>]${NC}"
110116
echo -e " ${YELLOW}[--ext-cert-device-id <id>]${NC}"
@@ -118,6 +124,10 @@ shift
118124
declare -A PARAMS
119125
while [[ "$#" -gt 0 ]]; do
120126
case $1 in
127+
--key-length)
128+
KEY_LENGTH="$2"
129+
shift
130+
;;
121131
--working-dir)
122132
PARAMS["WORKING_DIR"]=$2
123133
shift
@@ -211,6 +221,9 @@ while [[ "$#" -gt 0 ]]; do
211221
shift
212222
done
213223

224+
# Set key length to default if not provided
225+
KEY_LENGTH=${KEY_LENGTH:-$DEFAULT_KEY_LENGTH}
226+
214227
# Check if working directory is provided
215228
if [ -z "${PARAMS["WORKING_DIR"]}" ]; then
216229
echo -e "${RED}--working-dir is required${NC}"
@@ -237,7 +250,7 @@ generate-ca)
237250
exit 0
238251
fi
239252

240-
generate_private_key "$PRIVATE_KEY_FILE"
253+
generate_private_key "$PRIVATE_KEY_FILE" "$KEY_LENGTH"
241254
PRIVATE_KEY_PASSWORD=$(get_private_key_password "$PRIVATE_KEY_FILE")
242255
generate_ca_certificate "$PRIVATE_KEY_FILE" "$CA_CERTIFICATE_FILE" "${PARAMS["VALIDITY_DAYS"]}" "${PARAMS["COUNTRY"]}" "${PARAMS["STATE"]}" "${PARAMS["LOCALITY"]}" "${PARAMS["ORGANIZATION"]}" "${PARAMS["ORGANIZATIONAL_UNIT"]}" "${PARAMS["COMMON_NAME"]}" "$PRIVATE_KEY_PASSWORD"
243256

@@ -267,7 +280,7 @@ generate-server)
267280
exit 0
268281
fi
269282

270-
generate_private_key "$PRIVATE_KEY_FILE"
283+
generate_private_key "$PRIVATE_KEY_FILE" "$KEY_LENGTH"
271284
PRIVATE_KEY_PASSWORD=$(get_private_key_password "$PRIVATE_KEY_FILE")
272285
if [ -z "${PARAMS["CA_KEY_PASSWORD"]}" ]; then
273286
CA_KEY_PASSWORD=$(get_private_key_password "$CA_KEY_FILE")
@@ -307,7 +320,7 @@ generate-client)
307320
exit 0
308321
fi
309322

310-
generate_private_key "$PRIVATE_KEY_FILE"
323+
generate_private_key "$PRIVATE_KEY_FILE" "$KEY_LENGTH"
311324
PRIVATE_KEY_PASSWORD=$(get_private_key_password "$PRIVATE_KEY_FILE")
312325
if [ -z "${PARAMS["CA_KEY_PASSWORD"]}" ]; then
313326
CA_KEY_PASSWORD=$(get_private_key_password "$CA_KEY_FILE")

0 commit comments

Comments
 (0)