#!/bin/sh CA_FILE=$(realpath "./server/ca.crt") CA_KEY=$(realpath "./server/ca.key") SRL_FILE=$(realpath "./server/ca.srl") CSR_FILE=$(realpath "./server/server.csr") SSL_FILE=$(realpath "./server/server.crt") SSL_KEY=$(realpath "./server/server.key") superuserCommand="pkexec" if [ -z "$(command -v pkexec)" ]; then superuserCommand="sudo" fi if [ "$1" = "-u" ] || [ "$1" = "--uninstall" ]; then echo "Uninstalling the certificate..." if [ -z "$(command -v p11-kit)" ]; then $superuserCommand sh -c "rm /usr/local/share/ca-certificates/$CA_FILE && update-ca-certificates" else $superuserCommand sh -c "trust anchor --remove $CA_FILE" fi rm "$CA_FILE" "$CA_KEY" "$CSR_FILE" "$SSL_FILE" "$SSL_KEY" "$SRL_FILE" echo "Good, you've uninstalled the certificate." exit 0 fi if ! [ -f "$CA_FILE" ] || ! [ -f "$CA_KEY" ] || ! [ -f "$CSR_FILE" ] || ! [ -f "$SSL_FILE" ] || ! [ -f "$SSL_KEY" ]; then echo "Warning! This will add a certificate to your system's trust store." echo "If this self-signed certificate is ever leaked, attackers can use it to cause damage." echo "Please only run this script if you understand the risks and trust the source of the certificate." echo "We take no responsibility for any damage caused by the use of this certificate... though that's said in the LICENSE." echo "Do you want to continue? (yes/no)" read -r answer if [ "$answer" != "yes" ]; then echo "Aborting." exit 1 fi echo "Well, you said it, not me." COUNTRY="GB" STATE="London" LOCALITY="London" ORGANIZATION="Totally Real Company Inc." ORGANIZATIONAL_UNIT="Testing Department" COMMON_NAME="localhost" openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ -keyout "$CA_KEY" -out "$CA_FILE" \ -subj "/C=$COUNTRY/ST=$STATE/L=$LOCALITY/O=$ORGANIZATION/OU=$ORGANIZATIONAL_UNIT/CN=$COMMON_NAME" openssl req -nodes -newkey rsa:2048 \ -keyout "$SSL_KEY" -out "$CSR_FILE" \ -subj "/C=$COUNTRY/ST=$STATE/L=$LOCALITY/O=$ORGANIZATION/OU=$ORGANIZATIONAL_UNIT/CN=$COMMON_NAME" printf "subjectAltName = DNS:%s\nauthorityKeyIdentifier = keyid,issuer\nbasicConstraints = CA:FALSE\nkeyUsage = digitalSignature, keyEncipherment\nextendedKeyUsage=serverAuth" $COMMON_NAME > /tmp/extfile.cnf openssl x509 -req -in "$CSR_FILE" -CA "$CA_FILE" -CAkey "$CA_KEY" -CAcreateserial -out "$SSL_FILE" -days 365 \ -extfile /tmp/extfile.cnf echo "Self-signed certificate and key have been generated:" echo "Trusting the certificate... (you may be prompted for your password)". if [ -z "$(command -v p11-kit)" ]; then $superuserCommand sh -c "cp $CA_FILE /usr/local/share/ca-certificates/$CA_FILE && update-ca-certificates" else $superuserCommand sh -c "trust anchor $CA_FILE" fi echo "Deleting temporary files..." rm /tmp/extfile.cnf fi echo "Building the server and client..." go build -o server/server server/main.go GOOS=js GOARCH=wasm go build -o client/main.wasm client/main.go echo "Launching the client in your default browser..." xdg-open "https://localhost:8080" echo "Launching the server..." cd server || exit 1 echo "Server started. Press Ctrl+C to stop." ./server echo "Alright, the server has stopped. If you want to remove the self-signed certificate, run ./test.sh --uninstall."