diff options
Diffstat (limited to 'bin/caservicecontainer/import.sh')
-rwxr-xr-x | bin/caservicecontainer/import.sh | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/bin/caservicecontainer/import.sh b/bin/caservicecontainer/import.sh index 0efff37..27d5059 100755 --- a/bin/caservicecontainer/import.sh +++ b/bin/caservicecontainer/import.sh @@ -10,11 +10,9 @@ set -e #Primary Key Password used by TPM Plugin to load keys -TPM_PRK_PASSWORD="$(cat ${SECRETS_FOLDER}/prk_passwd | base64 -d)" +export TPM_PRK_PASSWORD="$(cat ${SECRETS_FOLDER}/prk_passwd | base64 -d)" #Handle to the aforementioned Primary Key SRK_HANDLE="$(cat ${SECRETS_FOLDER}/srk_handle | base64 -d)" -#Placeholder of Input files to the Import tool which is the output of duplicate tool -sharedvolume="${DATA_FOLDER}" #key_id is the parameter expected by SoftHSM key_id="8738" #Key_label is the parameter expected by SoftHSM @@ -29,6 +27,8 @@ slot_no="0" token_no="Token1" #cert_id is the input for the application which is hexadecimal equivalent of key_id cert_id=$(printf '%x' ${key_id}) +#Set working dir +WORKDIR=$PWD # 1.Initialize the token/ softhsm2-util --init-token --slot ${slot_no} --label "${token_name}" \ @@ -38,10 +38,10 @@ cert_id=$(printf '%x' ${key_id}) echo "The slot ID used is ${SoftHSMv2SlotID}" # 2.Plugin directory for the SoftHSM to load plugin and for further operations -if [ -f ${sharedvolume}/out_parent_public ]; then +if [ -f ${DATA_FOLDER}/out_parent_public ]; then # 2.a Copy the required input files for the Import tool - cp ${sharedvolume}/dup* /tpm-util/bin/ + cp ${DATA_FOLDER}/dup* /tpm-util/bin/ # 2.b Run the Import Utility cd /tpm-util/bin @@ -49,7 +49,7 @@ if [ -f ${sharedvolume}/out_parent_public ]; then -dupSymSeed dupSymseed -dupEncKey dupEncKey -pub outPub -priv outPriv \ -password $TPM_PRK_PASSWORD - cd / + cd $WORKDIR chmod 755 softhsmconfig.sh ./softhsmconfig.sh $SRK_HANDLE $key_id $key_label $upin $sopin $SoftHSMv2SlotID else @@ -58,7 +58,7 @@ else echo "TPM hardware unavailable. Using SoftHSM implementation" - cd ${sharedvolume} + cd ${DATA_FOLDER} # 3.a Extract the Private key using passphrase passphrase="$(cat passphrase)" @@ -75,7 +75,7 @@ else fi # 3.a Application operation -cd ${sharedvolume} +cd ${DATA_FOLDER} # 3.b Convert the crt to der format openssl x509 -in ca.cert -outform der -out ca.der @@ -85,10 +85,10 @@ pkcs11-tool --module /usr/local/lib/softhsm/libsofthsm2.so -l --pin ${upin} \ --write-object ./ca.der --type cert --id ${cert_id} # 4. Calling the functionalities of the sample application -cd / +cd $WORKDIR chmod 755 application.sh ./application.sh $key_label $SoftHSMv2SlotID $upin $cert_id # 5. Cleanup -cd / +cd $WORKDIR rm -rf slotinfo.txt |