#!/bin/bash

BASENAME=$(basename $0)

if [ "$1" = "" ]; then
	echo "Usage: $BASENAME CERT KEY (optional: CSR)"
	exit 0
elif [ "$2" = "" ]; then
	echo "Not enough arguments"
	exit 0
fi

CERTFILE=$1
KEYFILE=$2

CERTHASH=$(openssl x509 -noout -modulus -in $CERTFILE | openssl md5)
KEYHASH=$(openssl rsa -noout -modulus -in $KEYFILE | openssl md5)

if [ "$CERTHASH" == "$KEYHASH" ]; then
	echo "OK! The certificate $CERTFILE matches the key $KEYFILE."
else
	echo "FAILURE! The certificate $CERTFILE doesn't match the key $KEYFILE."
fi

if [ "$3" != "" ]; then
	CSRFILE=$3
	CSRHASH=$(openssl req -noout -modulus -in $CSRFILE | openssl md5)
	if [ "$CSRHASH" == "$KEYHASH" ]; then
		echo "OK! The request-file $CSRFILE matches the key $KEYFILE."
	else
		echo "FAILURE! The request-file $CSRFILE doesn't match the key $KEYFILE."
	fi
fi