#!/bin/bash
# $Id$

printMenu() {
	echo "Certificate Authority Menu"
	echo "--------------------------"
	echo " "
	echo " [0] Sign csr directory (newrequest.sh)"
	echo " [1] Sign csr file"
	echo " "
	echo " [q] Exit"
	echo " "
	
	read -p ">" CHOICE
	
	case "$CHOICE" in
	0)
		signDir
		;;
	1)
		signFile
		;;
	"q")
		echo "Bye!"
		exit 0
		;;
	*)
		echo "Wrong choice. Please try again."
		;;
	esac
}

signDir() {
	read -p "Certificate Name:" CERTNAME
	if [ -d ./$CERTNAME ] ; then
		if [ -f ./$CERTNAME/$CERTNAME.csr ] ; then
			# Sign the CSR.
			caSign "$CERTNAME/$CERTNAME.csr" "$CERTNAME/$CERTNAME.crt"
			if [ $? -ne "0" ] ; then
				echo "Signing failed. Review output."
				exit 1
			else
				# Create PEM.
				echo "(optional) Creating PEM certificate."
				cat $CERTNAME/$CERTNAME.key \
				$CERTNAME/$CERTNAME.crt > $CERTNAME/$CERTNAME.pem
				echo "Cleaning up..."
				rm -f $CERTNAME/$CERTNAME.csr
			fi
		else
			echo "CSR not found!"
			exit 1
		fi
	else
		echo "Directory not found!"
		exit 1
	fi
	exit 0
}

signFile() {
	read -p "Path to file: " FILEPATH
	if [ -f $FILEPATH ] ; then
		# Extract name:
		CERTNAME=`basename $FILEPATH .csr`
		caSign $FILEPATH $CERTNAME
		if [ $? -ne "0" ] ; then
			echo "Signing failed. Review output."
			exit 1
		fi
	else
		echo "No such file."
		exit 1
	fi
	exit 0
}

##
# Sign CSR.
# Arguments:
# $1 CSR File (Input)
# $2 certificate output file
#
caSign() {
	/usr/bin/openssl ca -policy policy_anything -out $2 -infiles $1
	return $?
}

while true ; do
	printMenu
done