blob: ec9d3104c4eea75562f5ed8ea85d492e4f5ac299 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
FROM ubuntu:xenial
RUN apt-get -y update && \
apt-get -y install \
autoconf \
autoconf-archive \
libglib2.0-dev \
libdbus-1-dev \
automake \
libtool \
autotools-dev \
libcppunit-dev \
p11-kit \
libcurl4-gnutls-dev \
libcmocka0 \
libcmocka-dev \
build-essential \
git \
pkg-config \
vim \
gcc \
g++ \
m4 \
curl \
wget \
liburiparser-dev \
pandoc \
opensc \
default-jdk
RUN wget https://www.openssl.org/source/openssl-1.1.0.tar.gz && \
gzip -d openssl-1.1.0.tar.gz && \
tar -xvf openssl-1.1.0.tar && \
cd openssl-1.1.0 && \
./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl && \
make && \
make install
RUN apt-get -y install libgcrypt20-dev
RUN apt-get -y install valgrind
RUN wget https://github.com/tpm2-software/tpm2-tss/releases/download/2.0.0/tpm2-tss-2.0.0.tar.gz
RUN tar -xvf tpm2-tss-2.0.0.tar.gz
RUN wget https://github.com/tpm2-software/tpm2-abrmd/releases/download/2.0.0/tpm2-abrmd-2.0.0.tar.gz
RUN tar -xvf tpm2-abrmd-2.0.0.tar.gz
RUN wget https://github.com/tpm2-software/tpm2-tools/releases/download/3.1.0/tpm2-tools-3.1.0.tar.gz
RUN tar -xvf tpm2-tools-3.1.0.tar.gz
RUN cd tpm2-tss-2.0.0 && \
./configure && \
make && \
make install
RUN cp /tpm2-tss-2.0.0/src/util/tpm2b.h /usr/local/include/tss2/
RUN cd tpm2-abrmd-2.0.0 && \
useradd --system --user-group tss && \
./configure --with-dbuspolicydir=/etc/dbus-1/system.d \
--with-udevrulesdir=/etc/udev/rules.d/ \
--with-systemdsystemunitdir=/lib/systemd/system && \
make && \
make install
RUN cd tpm2-tools-3.1.0 && \
export PKG_CONFIG_PATH=/usr/local/ssl/lib/pkgconfig && \
./configure --disable-hardening && \
make && \
make install
RUN echo "/usr/local/lib" > /etc/ld.so.conf.d/tpm2.conf && \
ldconfig
# Clone the sshsm repo
RUN git clone https://gerrit.onap.org/r/aaf/sshsm
# Build SoftHSMv2
RUN cd sshsm && \
cd SoftHSMv2 && \
export LD_LIBRARY_PATH=/usr/local/ssl/lib && \
sh autogen.sh && \
./configure --disable-gost --with-openssl=/usr/local/ssl && \
make && \
make install
# Build TPM-Plugin
RUN cd sshsm && \
chmod 755 TPM2-Plugin/ && \
cd TPM2-Plugin && \
chmod 755 bootstrap && \
sleep 2 && \
./bootstrap && \
./configure LDFLAGS="-L/usr/local/ssl/lib" && \
make && \
make install && \
ldconfig
RUN cd sshsm && \
cd tpm-util && \
cd import && \
make -f sampleMakefile
RUN mkdir tpm-util
RUN cd tpm-util && \
mkdir bin
RUN cp /sshsm/tpm-util/import/ossl_tpm_import /tpm-util/bin/
RUN rm -rf tpm2-tss-2.0.0
RUN rm -rf tpm2-tss-2.0.0.tar.gz
RUN rm -rf tpm2-abrmd-2.0.0
RUN rm -rf tpm2-abrmd-2.0.0.tar.gz
RUN rm -rf tpm2-tools-3.1.0
RUN rm -rf tpm2-tools-3.1.0.tar.gz
RUN rm -rf sshsm
RUN rm -rf openssl-1.1.0
RUN rm -rf openssl-1.1.0.tar
RUN rm -rf openssl-1.1.0.tar.gz
RUN mkdir -p /sshsm/bin
COPY ./import.sh /sshsm/bin
COPY ./softhsmconfig.sh /sshsm/bin
COPY ./application.sh /sshsm/bin
COPY ./abrmd_ready.sh /sshsm/bin
|
