From c3e54b0c9a274ed411294848d98c72fe3c204888 Mon Sep 17 00:00:00 2001
From: Andrew Cady <d@jerkface.net>
Date: Tue, 6 May 2014 18:14:07 -0400
Subject: example showing how to export keys from chrome/firefox

---
 examples/browser-export.sh | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100755 examples/browser-export.sh

(limited to 'examples/browser-export.sh')

diff --git a/examples/browser-export.sh b/examples/browser-export.sh
new file mode 100755
index 0000000..efb51de
--- /dev/null
+++ b/examples/browser-export.sh
@@ -0,0 +1,31 @@
+#!/bin/sh
+
+extract_certificate_and_private_key()
+{
+  passphrase_file=$(mktemp) || exit
+  echo asdf > $passphrase_file
+  local nssdb="$1" name="$2"
+  pk12util -d sql:"$nssdb"  -n "$name" -w "$passphrase_file" -o /dev/stdout |
+    openssl pkcs12 -passin file:"$passphrase_file" -nodes
+  rm "$passphrase_file"
+}
+
+extract_public_key()
+{
+  local nssdb="$1" name="$2"
+  certutil -d sql:"$nssdb"  -L -n "$name" -a | openssl x509 -pubkey -noout
+}
+
+for nssdb in "$HOME/.pki/nssdb" "$HOME"/.mozilla/firefox/*; do
+  [ -d "$nssdb" ] || continue
+  [ -e "$nssdb"/cert8.db -o -e "$nssdb"/cert9.db ] || continue
+  echo "nssdb=$nssdb" >&2
+  certutil -d sql:"$nssdb"  -L | sed -ne 's/ *.,.,.$//p' |
+    while read name; do
+
+#     certutil -d sql:"$nssdb" -K -n "$name"
+#     extract_public_key "$nssdb" "$name"
+      extract_certificate_and_private_key "$nssdb" "$name"
+
+    done
+done
-- 
cgit v1.2.3