#!/bin/sh

local down_path="$1"
local down_cert="$2"
local down_type="$3"

DOWNCERT="/tmp/$down_cert.crt"
DOWNKEY="/tmp/$down_cert.pem"

cp /etc/ipsec.d/$down_path/$down_cert.crt $DOWNCERT
[ -f $DOWNCERT ] || return 0;

if [ "$3" = "0" ]; then 
	echo "Download Local Certificate" > /dev/console
elif [ "$3" = "1" ]; then 
	echo "Download PKCS12 Certificate" > /dev/console
	local down_pass="$4"
	cp /etc/ipsec.d/private/private_key_$down_cert.pem $DOWNKEY
	openssl pkcs12 -export -in $DOWNCERT -inkey $DOWNKEY -out $DOWNCERT.p12 -descert -password pass:$down_pass
elif [ "$3" = "2" ]; then 
	echo "Download Local Certificate and Private Key" > /dev/console
	cp /etc/ipsec.d/private/private_key_$down_cert.pem $DOWNKEY
	tar -zcv -f $DOWNCERT.tar.gz $DOWNCERT $DOWNKEY
fi

