summaryrefslogtreecommitdiffstats
path: root/bin/caservicecontainer
diff options
context:
space:
mode:
Diffstat (limited to 'bin/caservicecontainer')
-rwxr-xr-xbin/caservicecontainer/import.sh20
-rwxr-xr-xbin/caservicecontainer/softhsmconfig.sh1
2 files changed, 13 insertions, 8 deletions
diff --git a/bin/caservicecontainer/import.sh b/bin/caservicecontainer/import.sh
index f7aaca8..0efff37 100755
--- a/bin/caservicecontainer/import.sh
+++ b/bin/caservicecontainer/import.sh
@@ -1,17 +1,22 @@
#!/bin/bash
# NOTE - This scripts expects the Init and the Duplicate tools to be already
-# run and the output files(listedb in README) to be present at the
+# run and the output files(listed in README) to be present at the
# shared volume (input for Import tool)
+# It also requires the following ENVIRONMENT variables to be set
+# SECRETS_FOLDER - containing the srk_handl and prk_passwd files in base64
+# DATA_FOLDER - containing the files that are produced from the distcenter
set -e
+#Primary Key Password used by TPM Plugin to load keys
+TPM_PRK_PASSWORD="$(cat ${SECRETS_FOLDER}/prk_passwd | base64 -d)"
+#Handle to the aforementioned Primary Key
+SRK_HANDLE="$(cat ${SECRETS_FOLDER}/srk_handle | base64 -d)"
#Placeholder of Input files to the Import tool which is the output of duplicate tool
-sharedvolume="/tmp/files"
+sharedvolume="${DATA_FOLDER}"
#key_id is the parameter expected by SoftHSM
key_id="8738"
-#TPM handle
-tpm_handle="0x81000011"
#Key_label is the parameter expected by SoftHSM
key_label="ABC"
#UserPin for the SoftHSM operations
@@ -40,12 +45,13 @@ if [ -f ${sharedvolume}/out_parent_public ]; then
# 2.b Run the Import Utility
cd /tpm-util/bin
- ./ossl_tpm_import -H $tpm_handle -dupPub dupPub -dupPriv dupPriv \
--dupSymSeed dupSymseed -dupEncKey dupEncKey -pub outPub -priv outPriv
+ ./ossl_tpm_import -H $SRK_HANDLE -dupPub dupPub -dupPriv dupPriv \
+ -dupSymSeed dupSymseed -dupEncKey dupEncKey -pub outPub -priv outPriv \
+ -password $TPM_PRK_PASSWORD
cd /
chmod 755 softhsmconfig.sh
- ./softhsmconfig.sh $tpm_handle $key_id $key_label $upin $sopin $SoftHSMv2SlotID
+ ./softhsmconfig.sh $SRK_HANDLE $key_id $key_label $upin $sopin $SoftHSMv2SlotID
else
# 3 SoftHSM mode implementation
diff --git a/bin/caservicecontainer/softhsmconfig.sh b/bin/caservicecontainer/softhsmconfig.sh
index 5464263..316d507 100755
--- a/bin/caservicecontainer/softhsmconfig.sh
+++ b/bin/caservicecontainer/softhsmconfig.sh
@@ -17,7 +17,6 @@ echo "The newly assigned plugin directory is ${SSHSM_HW_PLUGINS_PARENT_DIR}"
# Configuration generation for SoftHSM
# 1.a Create the directory as expected by the SoftHSM to read the files
-mkdir -p ${SSHSM_HW_PLUGINS_PARENT_DIR}/S01tpm
mkdir -p ${SSHSM_HW_PLUGINS_PARENT_DIR}/S01tpm/activate
mkdir -p ${SSHSM_HW_PLUGINS_PARENT_DIR}/S01tpm/key01