Support pkcs#11 in aktualizr and add softhsm token for testing

1 files changed, 9 insertions, 4 deletions

diff --git a/recipes-support/softhsm-testtoken/files/createtoken.sh b/recipes-support/softhsm-testtoken/files/createtoken.sh
index a72ec34..b01db47 100644
--- a/recipes-support/softhsm-testtoken/files/createtoken.sh
+++ b/recipes-support/softhsm-testtoken/files/createtoken.sh
@@ -5,17 +5,22 @@ if pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so -O; then
         exit 0
 fi
 
-if ! ls /var/sota/token/pkey.pem /var/sota/token/client.pem; then
+if ! ls /var/sota/token/pkey.pem /var/sota/token/client.pem /var/sota/token/pkey.pem; then
         # Key/certificate pair is not present, repeat
-        mkdir -p /var/sota/token
         exit 1
 fi
 
 mkdir -p /var/lib/softhsm/tokens
 softhsm2-util --init-token --slot 0 --label "Virtual token" --pin 1234 --so-pin 1234
 
-pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so --label 'Virtual token' --write-object /var/sota/token/pkey.pem --type privkey --login --pin 1234
+softhsm2-util --import /var/sota/token/pkey.pem --label "pkey" --id 02 --token 'Virtual token' --pin 1234
 openssl x509 -outform der -in /var/sota/token/client.pem -out /var/sota/token/client.der
-pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so --label 'Virtual token' --write-object /var/sota/token/client.der --type cert --login --pin 1234
+pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so --id 1 --write-object /var/sota/token/client.der --type cert --login --pin 1234
+
+# Import UPTANE keypair if it exists
+if [ -f /var/sota/token/ecukey.pem ]; then
+        openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in /var/sota/token/ecukey.pem -out /var/sota/token/ecukey.p8
+        softhsm2-util --import /var/sota/token/ecukey.p8 --label "uptanekey" --id 03 --token 'Virtual token' --pin 1234
+fi
 
 exit 0