aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKiran Kamineni <kiran.k.kamineni@intel.com>2018-07-17 03:28:32 +0000
committerGerrit Code Review <gerrit@onap.org>2018-07-17 03:28:32 +0000
commit37ae03d707d87c00f49feaface32c38286013029 (patch)
tree0c3806597a35817a01a678edeb9f6d1df8a92401
parent340f71a18cfcb41444f370a295545847db9ac912 (diff)
parentfd2e9971b51bee7a2f7d1c5890dfd147da02d7f4 (diff)
Merge "Key distribution center container"
Diffstat
-rw-r--r--bin/distcenter/Dockerfile20
-rw-r--r--bin/distcenter/README.md17
-rwxr-xr-xbin/distcenter/create_ca.sh8
-rwxr-xr-xbin/distcenter/entrypoint.sh12
4 files changed, 57 insertions, 0 deletions
diff --git a/bin/distcenter/Dockerfile b/bin/distcenter/Dockerfile
new file mode 100644
index 0000000..f79c7ef
--- /dev/null
+++ b/bin/distcenter/Dockerfile
@@ -0,0 +1,20 @@
+FROM rmannfv/aaf-base:openssl_1.1.0
+
+RUN git clone https://gerrit.onap.org/r/aaf/sshsm
+RUN cd sshsm && \
+ cd tpm-util && \
+ cd duplicate && \
+ make -f sampleMakefile
+
+RUN mkdir /createca
+COPY ./create_ca.sh /createca/
+RUN mkdir /dup
+RUN mkdir /dup/database
+RUN mkdir /dup/database/host_sample
+RUN mkdir /dup/bin
+
+RUN cp sshsm/tpm-util/duplicate/ossl_tpm_duplicate /dup/bin
+RUN cp sshsm/test/integration/samplecaservicecontainer/inittoolfiles/out_parent_public /dup/database/host_sample
+
+ADD entrypoint.sh /entrypoint.sh
+ENTRYPOINT [ "/entrypoint.sh" ]
diff --git a/bin/distcenter/README.md b/bin/distcenter/README.md
new file mode 100644
index 0000000..973cbf9
--- /dev/null
+++ b/bin/distcenter/README.md
@@ -0,0 +1,17 @@
+Create folder under /tmp/volume/host_sample on host. This will be mounted into the container as shared volume for now.
+
+Build the container using
+
+ docker build --no-cache -t dist-center .
+
+Run it mounting the volume
+
+ docker run -v /tmp/volume:/volume dist-center
+
+This will output the following files in /tmp/volume/host_sample
+
+ ca.cert
+ dupEncKey
+ dupPriv
+ dupPub
+ dupSymseed
diff --git a/bin/distcenter/create_ca.sh b/bin/distcenter/create_ca.sh
new file mode 100755
index 0000000..0296408
--- /dev/null
+++ b/bin/distcenter/create_ca.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+CA_DIR=$PWD/ca
+mkdir $CA_DIR
+mkdir -p $PWD/certs
+cd $CA_DIR
+echo "000a" > serial
+touch certindex
+openssl req -x509 -newkey rsa:2048 -days 3650 -nodes -out ca.cert -subj '/C=US/ST=CA/L=local/O=onap/CN=test.onap.ca'
diff --git a/bin/distcenter/entrypoint.sh b/bin/distcenter/entrypoint.sh
new file mode 100755
index 0000000..85cdf52
--- /dev/null
+++ b/bin/distcenter/entrypoint.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+cd /createca
+/createca/create_ca.sh
+cd /volume
+DLIST=`ls -d host_*`
+for DIR in $DLIST; do
+ echo $DIR
+ cp /createca/ca/ca.cert /volume/$DIR
+ cd /volume/$DIR
+ /dup/bin/ossl_tpm_duplicate -pemfile /createca/ca/privkey.pem -parentPub /dup/database/$DIR/out_parent_public -dupPub dupPub -dupPriv dupPriv -dupSymSeed dupSymseed -dupEncKey dupEncKey
+done