From a0865eeaad17733a2d21cc141fba168663c9f539 Mon Sep 17 00:00:00 2001 From: Pramod Raghavendra Jayathirth Date: Mon, 27 Aug 2018 09:05:45 -0700 Subject: Script for SoftHSMv2 fallback mechanism This will facilitate the SoftHSMv2 implementation when TPM is unavailable Change-Id: Ic77627702db514213cece200a259f723e6d66d34 Issue-ID: AAF-414 Signed-off-by: Pramod Raghavendra Jayathirth --- bin/caservicecontainer/README | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) (limited to 'bin/caservicecontainer/README') diff --git a/bin/caservicecontainer/README b/bin/caservicecontainer/README index c4c73e8..930d510 100755 --- a/bin/caservicecontainer/README +++ b/bin/caservicecontainer/README @@ -1,9 +1,6 @@ -### Copy the ~/sshsm/test/integration/samplecaservicecontainer to /tmp/samplecaservicecontainer on host machine where the -### containers will be running -### "samplecaservicecontainer" directory is considered as the sample shared volume for now -### The files directory will be mounted on the container -### the bash script test.sh ~/sshsm/test/integration/samplecaservicecontainer/scripts has the steps which are executed by this container as per design. It can be run by the user with sudo rights +### Create a directory /tmp/volume (mkdir -p /tmp/volume) on host. +### This is used as shared volume and mounted inside container ### Build docker image with a base image @@ -11,10 +8,26 @@ $ docker build -t -f dockerfile . ```` -### Running the CA service container +### Running the CA service container - Below command will run and log you into the container ```` -$ docker run -d -v /tmp/run/dbus:/var/run/dbus:rw -v /tmp/samplecaservicecontainer:/tmp/files:rw --name CAServicecontainer +$ docker run -v /tmp/run/dbus:/var/run/dbus:rw -v /tmp/volume:/tmp/files:rw --name -i -t --entrypoint=/bin/bash ```` +### Running the Import utility +```` +$ import.sh +```` #### Make sure the TABRMD container is running on the same dbus mountpoint on the host as the CA service container + +### Expected Input files for SoftHSM operations +### 1. passphrase 2. privkey.pem.gpg 3. ca.cert +### Output - None + +### Expected Input files for TPM Hardware opeartion +### 1. ca.cert 2. duPEncKey 3. dupPriv 4. dupPub 5. dupSymseed 6. tpm_handle (srkhandle) +### Output - None + +### Expected Input for Application's operations +### 1. test.csr 2. CaSign.java(Application file) 3. ca.cert +### Output - test.cert (in /tmp Directory) -- cgit 1.2.3-korg