#!/bin/bash


CA_DIR=`dirname ${0}`
KEY_STORE="${CA_DIR}/.keystore"
KEY_ALIAS="rhevm"
STORE_PASS="mypass"
JBOSS_HOME="/var/lib/jbossas"
EAR_LIB="${JBOSS_HOME}/server/rhevm-slimmed/deploy/rhevm.ear/lib"
CLASS_PATH="${EAR_LIB}/rhevmencryptutils-3.0.0-0001.jar:${EAR_LIB}/rhevm-compat.jar:${JBOSS_HOME}/common/lib/commons-logging.jar:${EAR_LIB}/commons-codec-1.4.jar"
SSH_PRIV_KEY="${CA_DIR}/keys/rhevm_id_rsa"
PKEY_8="${CA_DIR}/keys/privatekey.pkcs8"


usage () {
    echo "generate-ssh-keys [-s keystore] [-p passwd] [-a alias]  [-k sshkey]"
    echo "  -s   - path to key store"
    echo "  -p   - keystore password"
    echo "  -a   - alias of the key in keystore to generate ssh keys from"
    echo "  -k   - output private ssh key file"
    exit 1
}

clean () {
    rm -f ${PKEY_8}
}

_verifyRC()
{
    RC=$1
    STR=$2
    if [[ ! $RC -eq 0 ]]
    then
        echo "$2"
        exit 1
    fi
}

while getopts ":s:a:p:k:" OPTION
do
  case $OPTION in
    s     ) KEY_STORE=${OPTARG};;
    a     ) KEY_ALIAS=${OPTARG};;
    p     ) STORE_PASS=${OPTARG};;
    k     ) SSH_PRIV_KEY=${OPTARG};;
    *     ) usage ;;   # Default.
  esac
done

# handle the non-option items in command-line
shift $(($OPTIND - 1))
# $1 now references the first non-option item supplied on the command-line
if [[ -n "$1" ]]
then
    echo "Unknown param $1"
    usage
fi

#clean & backup existing files (if exist) in case the script is manually executed
if [  -f  ${SSH_PRIV_KEY} ]; then
    mv -f ${SSH_PRIV_KEY} ${SSH_PRIV_KEY}.old
    clean
fi

#generating ssh private key
java -cp ${CLASS_PATH} org.ovirt.engine.core.rhevmencryptutils.StoreUtils -pvk -store=${KEY_STORE} -pass=${STORE_PASS} -alias=${KEY_ALIAS} > ${PKEY_8}
_verifyRC $? "ERROR: failed extracting private key from keystore"
echo "-----BEGIN PRIVATE KEY-----" > ${SSH_PRIV_KEY}
openssl enc -in ${PKEY_8} -a >> ${SSH_PRIV_KEY}
echo "-----END PRIVATE KEY-----" >> ${SSH_PRIV_KEY}
if [ ! -f  ${SSH_PRIV_KEY} ]; then
    echo "Error occured, exiting."
    clean
    exit -1
fi
clean
chmod 600 ${SSH_PRIV_KEY}
echo "Finished successfuly"
