diff options
Diffstat (limited to 'bin')
-rw-r--r-- | bin/distcenter/Dockerfile | 20 | ||||
-rw-r--r-- | bin/distcenter/README.md | 17 | ||||
-rwxr-xr-x | bin/distcenter/create_ca.sh | 8 | ||||
-rwxr-xr-x | bin/distcenter/entrypoint.sh | 12 |
4 files changed, 57 insertions, 0 deletions
diff --git a/bin/distcenter/Dockerfile b/bin/distcenter/Dockerfile new file mode 100644 index 0000000..f79c7ef --- /dev/null +++ b/bin/distcenter/Dockerfile @@ -0,0 +1,20 @@ +FROM rmannfv/aaf-base:openssl_1.1.0 + +RUN git clone https://gerrit.onap.org/r/aaf/sshsm +RUN cd sshsm && \ + cd tpm-util && \ + cd duplicate && \ + make -f sampleMakefile + +RUN mkdir /createca +COPY ./create_ca.sh /createca/ +RUN mkdir /dup +RUN mkdir /dup/database +RUN mkdir /dup/database/host_sample +RUN mkdir /dup/bin + +RUN cp sshsm/tpm-util/duplicate/ossl_tpm_duplicate /dup/bin +RUN cp sshsm/test/integration/samplecaservicecontainer/inittoolfiles/out_parent_public /dup/database/host_sample + +ADD entrypoint.sh /entrypoint.sh +ENTRYPOINT [ "/entrypoint.sh" ] diff --git a/bin/distcenter/README.md b/bin/distcenter/README.md new file mode 100644 index 0000000..973cbf9 --- /dev/null +++ b/bin/distcenter/README.md @@ -0,0 +1,17 @@ +Create folder under /tmp/volume/host_sample on host. This will be mounted into the container as shared volume for now. + +Build the container using + + docker build --no-cache -t dist-center . + +Run it mounting the volume + + docker run -v /tmp/volume:/volume dist-center + +This will output the following files in /tmp/volume/host_sample + + ca.cert + dupEncKey + dupPriv + dupPub + dupSymseed diff --git a/bin/distcenter/create_ca.sh b/bin/distcenter/create_ca.sh new file mode 100755 index 0000000..0296408 --- /dev/null +++ b/bin/distcenter/create_ca.sh @@ -0,0 +1,8 @@ +#!/bin/bash +CA_DIR=$PWD/ca +mkdir $CA_DIR +mkdir -p $PWD/certs +cd $CA_DIR +echo "000a" > serial +touch certindex +openssl req -x509 -newkey rsa:2048 -days 3650 -nodes -out ca.cert -subj '/C=US/ST=CA/L=local/O=onap/CN=test.onap.ca' diff --git a/bin/distcenter/entrypoint.sh b/bin/distcenter/entrypoint.sh new file mode 100755 index 0000000..85cdf52 --- /dev/null +++ b/bin/distcenter/entrypoint.sh @@ -0,0 +1,12 @@ +#!/bin/sh +set -e +cd /createca +/createca/create_ca.sh +cd /volume +DLIST=`ls -d host_*` +for DIR in $DLIST; do + echo $DIR + cp /createca/ca/ca.cert /volume/$DIR + cd /volume/$DIR + /dup/bin/ossl_tpm_duplicate -pemfile /createca/ca/privkey.pem -parentPub /dup/database/$DIR/out_parent_public -dupPub dupPub -dupPriv dupPriv -dupSymSeed dupSymseed -dupEncKey dupEncKey +done |