#!/bin/sh
# env
# Written in 2020 by Lucas
# CC0 1.0 Universal/Public domain - No rights reserved
#
# To the extent possible under law, the author(s) have dedicated all
# copyright and related and neighboring rights to this software to the
# public domain worldwide. This software is distributed without any
# warranty. You should have received a copy of the CC0 Public Domain
# Dedication along with this software. If not, see
# <http://creativecommons.org/publicdomain/zero/1.0/>.

usage()
{
	printf "Usage: %s [-c curve] [-d days] domain\n" "${0##*/}" >&2
	exit 1
}

tonumber()
{
	printf "%u\n" "$*"
}

curve=secp384r1
days=3650
while getopts c:d: flag; do
	case $flag in
	c)	[ -n "$OPTARG" ] || usage
		curve=$OPTARG
		;;
	d)	days=$(tonumber "$OPTARG") || usage
		;;
	*)	usage
		;;
	esac
done
shift $((OPTIND - 1))
[ $# -eq 1 ] && [ -n "$1" ] || usage
domain=$1

if [ -f "$domain.key" ]; then
	printf "%s: key for %s already exists; reusing it\n" \
	    "${0##*/}" "$domain" >&2
else
	(umask 0377 &&
	    openssl ecparam -genkey -name "$curve" -out "$domain.key")
fi

umask 0333 && openssl req -new -x509 -days "$days" -subj "/CN=$domain" \
    -key "$domain.key" -out "$domain.pem"