(import scheme)
(import (chicken base))
(import (chicken format))
(import (chicken process))
(import (chicken process-context))

(define stderr (current-error-port))

(define (create-keys! public-key-path private-key-path csr-config-path)
  (call-with-output-file csr-config-path
    (lambda (out)
      (display "[dn]
CN=localhost
[req]
distinguished_name = dn
[EXT]
subjectAltName=DNS:localhost
keyUsage=digitalSignature
extendedKeyUsage=serverAuth" out)))
  (system* (format "openssl req -x509 -out ~a -keyout ~a -newkey rsa:2048 -nodes -sha256 -subj \"/CN=localhost\" -extensions EXT -config ~a"
                   (qs public-key-path)
                   (qs private-key-path)
                   (qs csr-config-path))))

(define main
  (case-lambda
   ((public-key-path private-key-path csr-config-path)
    (create-keys! public-key-path private-key-path csr-config-path))
   (_
    (fprintf stderr "usage: ~a <pubkey.pem> <privkey.pem> <csr.pem>\n"
             (program-name))
    (exit 1))))

(apply main (command-line-arguments))