#!/bin/bash
#
# This scripts generates DKIM signature keys (private and public) and 
# prints a TXT-Record, suitable for inclusion into a zone file.
#
# Copyright, 2007 state of mind, Patrick Koetter
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#

SELECTOR=${1}

# Check for selector input
if [[ ${SELECTOR} == "" ]]
then
    echo "Usage: ${0} selector"
    exit 1
fi

# Create private key
umask 0177
$(openssl genrsa -out ${SELECTOR}.key 1024 &>/dev/null)

# Extract public key
umask 0133
$(openssl rsa -in ${SELECTOR}.key -out ${SELECTOR}.pub -pubout -outform PEM &>/dev/null)

# Format public key string
PUBKEY=$(grep -v -e "^-" ${SELECTOR}.pub | tr -d '\n')

# Print DNS entry
echo "# TXT-Record";
echo "${1}._domainkey       IN       TXT       \"v=DKIM1\; k=rsa\; p=$PUBKEY\"";
echo; 
echo "# RSA-Keys";
echo "Private key stored in file \'${SELECTOR}.key\'";
echo "Public cert stored in file \'${SELECTOR}.pub\'";
exit 0

# EOF