diff options
Diffstat (limited to 'bin/caservicecontainer')
-rwxr-xr-x | bin/caservicecontainer/import.sh | 20 | ||||
-rwxr-xr-x | bin/caservicecontainer/softhsmconfig.sh | 1 |
2 files changed, 13 insertions, 8 deletions
diff --git a/bin/caservicecontainer/import.sh b/bin/caservicecontainer/import.sh index f7aaca8..0efff37 100755 --- a/bin/caservicecontainer/import.sh +++ b/bin/caservicecontainer/import.sh @@ -1,17 +1,22 @@ #!/bin/bash # NOTE - This scripts expects the Init and the Duplicate tools to be already -# run and the output files(listedb in README) to be present at the +# run and the output files(listed in README) to be present at the # shared volume (input for Import tool) +# It also requires the following ENVIRONMENT variables to be set +# SECRETS_FOLDER - containing the srk_handl and prk_passwd files in base64 +# DATA_FOLDER - containing the files that are produced from the distcenter set -e +#Primary Key Password used by TPM Plugin to load keys +TPM_PRK_PASSWORD="$(cat ${SECRETS_FOLDER}/prk_passwd | base64 -d)" +#Handle to the aforementioned Primary Key +SRK_HANDLE="$(cat ${SECRETS_FOLDER}/srk_handle | base64 -d)" #Placeholder of Input files to the Import tool which is the output of duplicate tool -sharedvolume="/tmp/files" +sharedvolume="${DATA_FOLDER}" #key_id is the parameter expected by SoftHSM key_id="8738" -#TPM handle -tpm_handle="0x81000011" #Key_label is the parameter expected by SoftHSM key_label="ABC" #UserPin for the SoftHSM operations @@ -40,12 +45,13 @@ if [ -f ${sharedvolume}/out_parent_public ]; then # 2.b Run the Import Utility cd /tpm-util/bin - ./ossl_tpm_import -H $tpm_handle -dupPub dupPub -dupPriv dupPriv \ --dupSymSeed dupSymseed -dupEncKey dupEncKey -pub outPub -priv outPriv + ./ossl_tpm_import -H $SRK_HANDLE -dupPub dupPub -dupPriv dupPriv \ + -dupSymSeed dupSymseed -dupEncKey dupEncKey -pub outPub -priv outPriv \ + -password $TPM_PRK_PASSWORD cd / chmod 755 softhsmconfig.sh - ./softhsmconfig.sh $tpm_handle $key_id $key_label $upin $sopin $SoftHSMv2SlotID + ./softhsmconfig.sh $SRK_HANDLE $key_id $key_label $upin $sopin $SoftHSMv2SlotID else # 3 SoftHSM mode implementation diff --git a/bin/caservicecontainer/softhsmconfig.sh b/bin/caservicecontainer/softhsmconfig.sh index 5464263..316d507 100755 --- a/bin/caservicecontainer/softhsmconfig.sh +++ b/bin/caservicecontainer/softhsmconfig.sh @@ -17,7 +17,6 @@ echo "The newly assigned plugin directory is ${SSHSM_HW_PLUGINS_PARENT_DIR}" # Configuration generation for SoftHSM # 1.a Create the directory as expected by the SoftHSM to read the files -mkdir -p ${SSHSM_HW_PLUGINS_PARENT_DIR}/S01tpm mkdir -p ${SSHSM_HW_PLUGINS_PARENT_DIR}/S01tpm/activate mkdir -p ${SSHSM_HW_PLUGINS_PARENT_DIR}/S01tpm/key01 |