summaryrefslogtreecommitdiffstats
path: root/recipes-support/softhsm-testtoken/files/createtoken.sh
blob: fa4569d901b16811f240f7cbe4a634729872f206 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
#!/bin/sh

if pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so -O; then
	# The token has already been initialized, exit
	exit 0
fi

if ! ls /var/sota/import/pkey.pem /var/sota/import/client.pem; then
	# Key/certificate pair is not present, repeat
	exit 1
fi

mkdir -p /var/lib/softhsm/tokens
softhsm2-util --init-token --slot 0 --label "Virtual token" --pin 1234 --so-pin 1234

openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in /var/sota/import/pkey.pem -out /var/sota/import/pkey.p8
softhsm2-util --import /var/sota/import/pkey.p8 --label "pkey" --id 02 --token 'Virtual token' --pin 1234
openssl x509 -outform der -in /var/sota/import/client.pem -out /var/sota/import/client.der
pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so --id 1 --write-object /var/sota/import/client.der --type cert --login --pin 1234

# Import UPTANE keypair if it exists
if [ -f /var/sota/import/ecukey.pem ]; then
	openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in /var/sota/import/ecukey.pem -out /var/sota/import/ecukey.p8
	softhsm2-util --import /var/sota/import/ecukey.p8 --label "uptanekey" --id 03 --token 'Virtual token' --pin 1234
fi

exit 0