#!/bin/sh
loggerName=convert-p12-to-pem.sh

ACTION=$1
INPUT=$2
PASSWORD=$3

CACERT=/home/tool/config/wlan/cert/ca-cert.pem
CLIENTCERT=/home/tool/config/wlan/cert/client-cert.pem
PRIVATEKEY=/home/tool/config/wlan/cert/private-key.pem

eexit() {
    local error_str="$@"
    logger -s -t $loggerName $error_str
    rm $CACERT &> /dev/null
    rm $CLIENTCERT &> /dev/null
    rm $PRIVATEKEY &> /dev/null
    exit 1
}

case "${ACTION}" in
base)
	cd /opt/ti-wireless/ssl
        # CA-Zertifikat extrahieren 
        ./openssl pkcs12 -in $INPUT -out $CACERT -cacerts -nokeys -passin pass:$PASSWORD  
	if [ "$?" -ne "0" ]; then
	  eexit "Error: Convert CA Cert"               
	fi  
        # Client Zertifikat extrahieren
	./openssl pkcs12 -in $INPUT -out $CLIENTCERT -clcerts -nokeys -passin pass:$PASSWORD
  	if [ "$?" -ne "0" ]; then
	  eexit "Error: Convert Client Cert" 	
	fi
        # Private Key extrahieren
	./openssl pkcs12 -in $INPUT -nocerts -out $PRIVATEKEY -nodes -passin pass:$PASSWORD
	if [ "$?" -ne "0" ]; then
	  eexit "Error: Convert Private Key"	            
	fi	
   	;;
add)
        cd /opt/ti-wireless/ssl
        # weiters CA-Zertifikate  extrahieren
        ./openssl pkcs12 -nokeys -cacerts -passin pass:$PASSWORD -in $INPUT >> $CACERT
        if [ "$?" -ne "0" ]; then
	  eexit "Error: Add Convert CA Cert"	            
	fi  
	;;
esac
exit 0