#!/bin/bash

. sbs/exec/config/allg
. $(dirname $BASH_SOURCE)/config/functions

filetype="$vadirInput"

case "$vadirInput" in
    crt) dir="$certcertdir"; filetype="crt";;
    csr) dir="$certcsrdir"; filetype="csr";;
    ext) dir="$certextdir"; filetype="crt";;
    *) exit 1;;
esac

ext=${vafilenameInput##*.}
name=${vafilenameInput%.*}

if [ "$ext" != "$filetype" ]; then
	echo '#mne_lang#Falscher Dateityp#' >&2
	exit 1;
fi

if [ "$vafilenameInput_old" != "$vafilenameInput" ]; then
  mv "$dir/$vafilenameInput_old" "$dir/$vafilenameInput";
fi

if [ "$vadataInput" != "" ]; then
  file="/tmp/$$.$vadirInput";
  echo "$vadataInput" | base64 --decode > $file

  if [ "$vadirInput" == 'ext' ]; then
	mne_error_ignore=1
    openssl x509 -text -noout -in $file >/dev/null 2>/dev/null
    if [ "$?" != "0" ]; then
    	echo "#mne_lang#Kein Zertifikat#" >&2
    	rm $file
    	exit 1
    fi
	mne_error_ignore=0

    mv "$file" "$dir/$vafilenameInput"
	update-ca-certificates -f >&$logfile 2>&$logfile
  fi
  
  if [ "$vadirInput" == 'csr' ]; then
    check_capasswd "$vapasswd"
    cert_checkcsr "$name" "$file"
    if [ -f "$certkeydir/$name.key" ]; then
      keydata=$(openssl pkey -in "$certkeydir/$name.key" -pubout -outform pem)
      csrdata=$(openssl req  -in "$file" -noout -pubkey -outform pem)
      if [ "$keydata" != "$csrdata" ]; then
        echo "#mne_lang#Request gehört nicht zum Schlüssel#" >&2
        rm $file
        exit 1
      fi
    fi
    mv "$file" "$dir/$vafilenameInput"
    cert_mkcrt "$name" "$vapasswd"
  fi
  
  if [ "$vadirInput" == 'crt' ]; then
    if [ -f "$certkeydir/$name.key" ]; then
      keydata=$(openssl pkey -in "$certkeydir/$name.key" -pubout -outform pem)
      crtdata=$(openssl x509  -in "$file" -noout -pubkey -outform pem)
      if [ "$keydata" != "$csrdata" ]; then
        echo "#mne_lang#Zertifikat gehört nicht zum Schlüssel#" >&2
        rm $file
        exit 1
      fi
      mv "$file" "$dir/$vafilenameInput"
    else
        echo "#mne_lang#Zum Zertifikat existiert kein Schlüssel#" >&2
        rm $file
    fi
  fi
  
fi

exit 0
