#! /usr/bin/perl -w

use Cwd 'abs_path';

my $keyfile = shift;
my $passphrase = shift;

$keyfile = abs_path( $keyfile );

die "the first parameter should be the full path to your p12 file" unless -e $keyfile;
die "the second parameter should be the password to your p12 file" unless $passphrase;

sub runCommand {
   my $command = shift;
   qx/$command/;
  if ($? == -1) {
      die "$command\nfailed to execute: $!\n";
  }
  elsif ($? & 127) {
      die sprintf( "$command\n died with signal %d, %s coredump\n",
          ($? & 127),  ($? & 128) ? 'with' : 'without' );
  }
  else {
     die sprintf( "$command\n exited with value %d\n", $? >> 8) if $? >> 8;
  }
}

chdir '/tmp';
&runCommand( "cp '$keyfile' '$keyfile.save'" );
&runCommand( "openssl pkcs12 -clcerts -nokeys -in '$keyfile' -out certificate.crt -password pass:'$passphrase' -passin pas:'$passphrase'" );
&runCommand( "openssl pkcs12 -cacerts -nokeys -in '$keyfile' -out ca-cert.ca -password pass:'$passphrase' -passin pass:'$passphrase'" );
&runCommand( "openssl pkcs12 -nocerts -in '$keyfile' -out private.key -password pass:'$passphrase' -passin pass:'$passphrase' -passout pass:joe" );
&runCommand( "openssl rsa -in private.key -out 'NewKeyFile.key' -passin pass:joe" );
&runCommand( "cat 'NewKeyFile.key' > PEM.pem" );
&runCommand( "cat 'certificate.crt' >> PEM.pem" );
&runCommand( "cat 'ca-cert.ca' >> PEM.pem" );
&runCommand( "openssl pkcs12 -export -nodes -CAfile ca-cert.ca -in PEM.pem -out '$keyfile'" );

1;