summaryrefslogtreecommitdiffstats
path: root/bin/distcenter/entrypoint.sh
diff options
context:
space:
mode:
authorManjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>2018-08-17 16:19:18 -0700
committerManjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>2018-08-17 16:29:05 -0700
commit572150672972e58d3e2b2f21e5dfd3004bce6b68 (patch)
treec16bca53ef9542cc043bb0fcaee326b6b4481c0d /bin/distcenter/entrypoint.sh
parent4455ce1788d419483b6561de5c83508b146aaa51 (diff)
Copy out encrypted private key selectively
Only in the case where no tpm hosts are present, then encrypt and copy out the private key Change-Id: I34fbcf65e61c4e6803f594ffe1c527c9afd8f184 Issue-ID: AAF-376 Signed-off-by: Manjunath Ranganathaiah <manjunath.ranganathaiah@intel.com>
Diffstat (limited to 'bin/distcenter/entrypoint.sh')
-rwxr-xr-xbin/distcenter/entrypoint.sh39
1 files changed, 22 insertions, 17 deletions
diff --git a/bin/distcenter/entrypoint.sh b/bin/distcenter/entrypoint.sh
index 25cefd6..6aac3ca 100755
--- a/bin/distcenter/entrypoint.sh
+++ b/bin/distcenter/entrypoint.sh
@@ -2,22 +2,27 @@
set -e
cd /distcenter
/distcenter/bin/create_ca.sh
-cd /distcenter/ca
-cat /distcenter/passphrase/passphrase | gpg --no-tty --symmetric -z 9 --require-secmem \
- --cipher-algo AES256 --s2k-cipher-algo AES256 --s2k-digest-algo SHA512 \
- --s2k-mode 3 --s2k-count 65000000 --compress-algo BZIP2 \
- --passphrase-fd 0 privkey.pem
-cp /distcenter/ca/privkey.pem.gpg /distcenter/data
-cp /distcenter/ca/ca.cert /distcenter/data
cd /distcenter/data
-DLIST=`ls -d host_*`
-#Iterate over all hosts (host in k8s corresponds node)
-for DIR in $DLIST; do
- echo $DIR
- cp /distcenter/ca/ca.cert /distcenter/data/$DIR
- cd /distcenter/data/$DIR
- /dup/bin/ossl_tpm_duplicate -pemfile /distcenter/ca/privkey.pem -parentPub \
- /distcenter/data/$DIR/out_parent_public -dupPub dupPub -dupPriv dupPriv -dupSymSeed \
- dupSymseed -dupEncKey dupEncKey
-done
+DCOUNT=$(ls -d host_* 2> /dev/null | wc -l)
+if [ "$DCOUNT" != "0" ]
+then
+ DLIST=`ls -d host_*`
+ #Iterate over all hosts (host in k8s corresponds node)
+ for DIR in $DLIST; do
+ echo $DIR
+ cp /distcenter/ca/ca.cert /distcenter/data/$DIR
+ cd /distcenter/data/$DIR
+ /dup/bin/ossl_tpm_duplicate -pemfile /distcenter/ca/privkey.pem -parentPub \
+ /distcenter/data/$DIR/out_parent_public -dupPub dupPub -dupPriv dupPriv -dupSymSeed \
+ dupSymseed -dupEncKey dupEncKey
+ done
+else
+ cd /distcenter/ca
+ cat /distcenter/passphrase/passphrase | gpg --no-tty --symmetric -z 9 --require-secmem \
+ --cipher-algo AES256 --s2k-cipher-algo AES256 --s2k-digest-algo SHA512 \
+ --s2k-mode 3 --s2k-count 65000000 --compress-algo BZIP2 \
+ --passphrase-fd 0 privkey.pem
+ cp /distcenter/ca/privkey.pem.gpg /distcenter/data
+ cp /distcenter/ca/ca.cert /distcenter/data
+fi