diff options
| author |   Kiran Kamineni <kiran.k.kamineni@intel.com> | 2018-09-26 12:48:34 -0700 |
|---|---|---|
| committer | Kiran Kamineni <kiran.k.kamineni@intel.com> | 2018-09-26 13:11:05 -0700 |
| commit | e19f78e89aaa94bbf3e0c612314d48c9672ad5c3 (patch) | |
| tree | b4f188e1f28a7afe8abdd0bf7842f55de70e5e16 | |
| parent | 67e6b6dd230ccb83204d2d103a033f735c83a14f (diff) | |
Update location of passphrase in distcenter
Location for passphrase needed to be updated in
scenarios where tpm is not available
P2: Add more changes to get the passphrase to be passed
correctly
Issue-ID: AAF-521
Change-Id: Ibf022e05489e77cdcec642a543abf5cec3c21e53
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
| -rwxr-xr-x | bin/caservicecontainer/application.sh | 2 | ||||
| -rwxr-xr-x | bin/caservicecontainer/import.sh | 4 | ||||
| -rwxr-xr-x | bin/distcenter/entrypoint.sh | 2 |
3 files changed, 3 insertions, 5 deletions
diff --git a/bin/caservicecontainer/application.sh b/bin/caservicecontainer/application.sh index a7c864d..da4d2d8 100755 --- a/bin/caservicecontainer/application.sh +++ b/bin/caservicecontainer/application.sh @@ -12,7 +12,7 @@ applicationlibrary="/usr/local/lib/softhsm/libsofthsm2.so" # Setting up the java application and running the application # 1. Create the configuration pkcs11.cfg for the application # Remove any existing cfg file first from the CWD -rm pkcs11.cfg +rm -f pkcs11.cfg touch pkcs11.cfg chmod 755 pkcs11.cfg echo "name = ${key_label}" >> pkcs11.cfg diff --git a/bin/caservicecontainer/import.sh b/bin/caservicecontainer/import.sh index 7fa8909..e8ead2e 100755 --- a/bin/caservicecontainer/import.sh +++ b/bin/caservicecontainer/import.sh @@ -60,9 +60,7 @@ else cd ${DATA_FOLDER} # 3.a Extract the Private key using passphrase - passphrase="$(cat passphrase)" - echo "${passphrase}" - echo "${passphrase}" | gpg --batch --yes --passphrase-fd 0 privkey.pem.gpg + cat passphrase | gpg --batch --yes --passphrase-fd 0 privkey.pem.gpg # 3.b Convert the Private key pem into der format openssl rsa -in ./privkey.pem -outform DER -out privatekey.der diff --git a/bin/distcenter/entrypoint.sh b/bin/distcenter/entrypoint.sh index 6aac3ca..92778f7 100755 --- a/bin/distcenter/entrypoint.sh +++ b/bin/distcenter/entrypoint.sh @@ -19,7 +19,7 @@ then done else cd /distcenter/ca - cat /distcenter/passphrase/passphrase | gpg --no-tty --symmetric -z 9 --require-secmem \ + cat /distcenter/data/passphrase | gpg --no-tty --symmetric -z 9 --require-secmem \ --cipher-algo AES256 --s2k-cipher-algo AES256 --s2k-digest-algo SHA512 \ --s2k-mode 3 --s2k-count 65000000 --compress-algo BZIP2 \ --passphrase-fd 0 privkey.pem |