#!hs2 #!load hwindows.hsm var( $i, $j, $b ) var( $Shell, $OpenSSL, $Import_Dir, $FileExt, $Export_Dir ) var( $FilesList, $File, $FileList, $Zeile, $CertList ) varset( $CRLF, chr(13) + chr(10) ) MsgBox( "To use a directory of trusted certificates, the certificates have to be named "+_ "according to the following format:" +$CRLF+_ "Filename = hashed certificate subject name with "+_ "extension '0'."+$CRLF+_ "Example: '54edfa5d.0'."+$CRLF+$CRLF+_ "This script will automatically create from existing certificate "+_ "files the following new files:"+$CRLF+_ $CRLF+_ "1. a copy of each certificate named 'hash.0'" +$CRLF+_ "2. a file with additional information about each certificate "+_ "named 'hash.txt'",_ "SSL-Cert-Hash", $MB_ICONINFORMATION ) $Shell = IniRead( "", "SSL-Cert-Hash", "Shell", DirWindows + "command.com" ) if( !fileexists( $Shell ) ) if( FileExists( DirSystem + "cmd.exe") ) $Shell = DirSystem + "cmd.exe" IniWrite( "", "SSL-Cert-Hash", "Shell", $Shell ) else $Shell = StoreValue( "Shell",_ "Command line interpreter not found!"+$CRLF+$CRLF+_ "Please specify the complete path to your command line interpreter",_ "" ) endif if( !fileexists( $Shell ) ) MsgBox( "File '" + $Shell + "' does not exist!", "Error", $MB_ICONERROR ) quit endif endif $OpenSSL = IniRead( "", "SSL-Cert-Hash", "OpenSSL", "" ) if( !fileexists( $OpenSSL ) ) $OpenSSL = StoreValue( "OpenSSL",_ "Please specify the complete path to the file 'openssl.exe'",_ "c:\openssl-0.9.6c\out\openssl.exe" ) if( !fileexists( $OpenSSL ) ) MsgBox( "File '" + $OpenSSL + "' does not exist!", "Error", $MB_ICONERROR ) quit endif endif $Import_Dir = IncludeBackslash( StoreValue( "Import-Dir",_ "Please specify the directory containing the certificates "+_ "to be converted",_ IniRead( "", "SSL-Cert-Hash", "Import-Dir", "C:\WINDOWS\Desktop\" ) ) ) CheckDir( $Import_Dir ) $FileExt = StoreValue( "File-Extension",_ "Please specify the file name extension of the certificate files "+_ "to be converted",_ IniRead( "", "SSL-Cert-Hash", "File-Extension", "pem" ) ) $Export_Dir = IncludeBackslash( StoreValue( "Export-Dir",_ "Please specify the output directory for the certificate files",_ IniRead( "", "SSL-Cert-Hash", "Export-Dir", "C:\Crypto\CA" ) ) ) CheckDir( $Export_Dir ) $FilesList = ListAlloc $FileList = ListAlloc $CertList = ListAlloc ListFiles( $FilesList, $Import_Dir + "*." + $FileExt , True ) for( $i, 0, ListCount( $FilesList ) - 1, 1 ) $File = ListGet( $FilesList, $i ) print( "Loading file '", $File, "'..." ) ListClear( $FileList ) if( ListLoad( $FileList, $File ) < 0 ) warning( "File '" + $File +_ "' does not exist or has an error!", "Fehler", $MB_ICONERROR ) continue endif $b = False for( $j, 0, ListCount( $FileList ) - 1, 1 ) $Zeile = ListGet( $FileList, $j ) if( $Zeile == "-----BEGIN CERTIFICATE-----" ) $b = True ListClear( $CertList ) endif if( $b ) ListAdd( $CertList, $Zeile ) endif if( ( $b ) && ( $Zeile == "-----END CERTIFICATE-----" ) ) $b = False print( "Certificate found in '", $File, "'." ) HashCert( $CertList ) ListClear( $CertList ) endif endfor endfor ListFree( $CertList ) ListFree( $FileList ) ListFree( $FilesList ) quit # ------------------------------------------------------------------------- sub HashCert( $CertList ) var( $ExitCode, $Hash, $Text, $FileName ) $Hash = ListAlloc $Text = ListAlloc FileDelete( $Import_Dir + "Cert.tmp" ) FileDelete( $Import_Dir + "Hash.tmp" ) FileDelete( $Import_Dir + "Text.tmp" ) if( ListSave( $CertList, $Import_Dir + "Cert.tmp" ) == 0 ) execute( $Shell + " /C " + $OpenSSL + " x509 -hash -noout -in Cert.tmp " +_ ">> Hash.tmp", $Import_Dir, 2, True, $ExitCode ) if( $ExitCode != 0 ) warning( "Exitcode=", $Exitcode, " ", $Shell, " /C ", $OpenSSL,_ " x509 -hash -noout -in Cert.tmp >> Hash.tmp" ) return else if( ListLoad( $Hash, $Import_Dir + "Hash.tmp" ) == 0 ) $FileName = $Export_Dir + ListGet( $Hash, 0 ) + ".0" if( ListSave( $CertList, $FileName ) == 0 ) print( "X.509 certificate saved as '", $FileName, "'" ) else warning( "Error saving certificate as '", $FileName, "'!" ) endif else return endif endif execute( $OpenSSL + " x509 -text -in Cert.tmp -noout -out Text.tmp",_ $Import_Dir, 2, True, $ExitCode ) if( $ExitCode != 0 ) warning( "Exitcode=", $Exitcode, " ", $OpenSSL,_ " x509 -text -in Cert.tmp -noout -out Text.tmp" ) return else if( ListLoad( $Text, $Import_Dir + "Text.tmp" ) == 0 ) $FileName = $Export_Dir + ListGet( $Hash, 0 ) + ".txt" if( ListSave( $Text, $FileName ) == 0 ) print( "X.509 certificate information saved as '", $FileName, "'" ) else warning( "Error saving certificate information as '", $FileName, "'!" ) endif else return endif endif endif ListFree( $Hash ) ListFree( $Text ) FileDelete( $Import_Dir + "Cert.tmp" ) FileDelete( $Import_Dir + "Hash.tmp" ) FileDelete( $Import_Dir + "Text.tmp" ) endsub sub StoreValue( $Ident, $Text, $Default ) var( $Value, $ReturnCode ) $Value = InputBox( $Text, "SSL-Cert-Hash", $Default, $ReturnCode ) if( $ReturnCode == False ) quit endif IniWrite( "", "SSL-Cert-Hash", $Ident, $Value ) return( $Value ) endsub sub IncludeBackslash( $String ) $String = trim( $String ) if( copy( $String, len( $String ), 1 ) != "\" ) return( $String + "\" ) else return( $String ) endif endsub sub CheckDir( $Dir ) if( !DirExists( $Dir ) ) MsgBox( "Directory '" + $Dir + "' does not exist!", "Error", $MB_ICONERROR ) quit endif endsub