diff options
author | Sahana Prasad <sahana@redhat.com> | 2019-12-10 22:29:50 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2019-12-20 14:36:57 +0100 |
commit | 317cf070e2e905a4fa6b597ddf3c6e11cc0c9dfc (patch) | |
tree | 4e4d9a5d5338e73a3478bffb6d12633fff014e58 | |
parent | 2a22211e7fb897999bb68155fefccaf66ad44d46 (diff) | |
download | libssh-317cf070e2e905a4fa6b597ddf3c6e11cc0c9dfc.tar.gz libssh-317cf070e2e905a4fa6b597ddf3c6e11cc0c9dfc.tar.xz libssh-317cf070e2e905a4fa6b597ddf3c6e11cc0c9dfc.zip |
tests/pkcs11: Adds a script to setup PKCS11 tokens using softhsm and p11tool.
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rwxr-xr-x | tests/pkcs11/setup-softhsm-tokens.sh | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/tests/pkcs11/setup-softhsm-tokens.sh b/tests/pkcs11/setup-softhsm-tokens.sh new file mode 100755 index 00000000..4aca191c --- /dev/null +++ b/tests/pkcs11/setup-softhsm-tokens.sh @@ -0,0 +1,79 @@ +#!/bin/bash + +# The client keys are stored in a SoftHSM device. + +TESTDIR=$1 +PRIVKEY=$2 +OBJNAME=$3 +shift 3 + +PUBKEY="$PRIVKEY.pub" + +echo "TESTDIR: $TESTDIR" +echo "PRIVKEY: $PRIVKEY" +echo "PUBKEY: $PUBKEY" +echo "OBJNAME: $OBJNAME" + +# Create temporary directory for tokens +install -d -m 0755 $TESTDIR/db + +# Create SoftHSM configuration file +cat >$TESTDIR/softhsm.conf <<EOF +directories.tokendir = $TESTDIR/db +objectstore.backend = file +log.level = DEBUG +EOF + +export SOFTHSM2_CONF=$TESTDIR/softhsm.conf + +cat $TESTDIR/softhsm.conf + +#init +cmd='softhsm2-util --init-token --label "$OBJNAME" --free --pin 1234 --so-pin 1234' +eval echo "$cmd" +out=$(eval $cmd) +ret=$? +if [ $ret -ne 0 ]; then + echo "Init token failed" + echo "$out" + exit 1 +fi + +#load private key +cmd='p11tool --provider /usr/lib64/pkcs11/libsofthsm2.so --write --load-privkey "$PRIVKEY" --label "$OBJNAME" --login --set-pin=1234 "pkcs11:token="$OBJNAME""' +eval echo "$cmd" +out=$(eval $cmd) +ret=$? +if [ $ret -ne 0 ]; then + echo "Loading privkey failed" + echo "$out" + exit 1 +fi + +cat $PUBKEY + +ls -l $TESTDIR + +#load public key +cmd='p11tool --provider /usr/lib64/pkcs11/libsofthsm2.so --write --load-pubkey "$PUBKEY" --label "$OBJNAME" --login --set-pin=1234 "pkcs11:token="$OBJNAME""' +eval echo "$cmd" +out=$(eval $cmd) +ret=$? +if [ $ret -ne 0 ]; then + echo "Loading pubkey failed" + echo "$out" + exit 1 +fi + +cmd='p11tool --list-all --login "pkcs11:token="$OBJNAME"" --set-pin=1234' +eval echo "$cmd" +out=$(eval $cmd) +ret=$? +if [ $ret -ne 0 ]; then + echo "Loging failed" + echo "$out" + exit 1 +fi +echo "$out" + +exit 0 |