From 4a7366c4f161a98611a292394a9662a0c507f904 Mon Sep 17 00:00:00 2001 From: Anton Gerasimov Date: Fri, 8 Sep 2017 17:11:33 +0200 Subject: Add recipes to test pkcs11 functionality in Aktualizr --- .../softhsm-testtoken/files/createtoken.service | 12 ++++++++++ .../softhsm-testtoken/files/createtoken.sh | 21 +++++++++++++++++ .../softhsm-testtoken/softhsm-testtoken.bb | 27 ++++++++++++++++++++++ 3 files changed, 60 insertions(+) create mode 100644 recipes-support/softhsm-testtoken/files/createtoken.service create mode 100644 recipes-support/softhsm-testtoken/files/createtoken.sh create mode 100644 recipes-support/softhsm-testtoken/softhsm-testtoken.bb (limited to 'recipes-support/softhsm-testtoken') diff --git a/recipes-support/softhsm-testtoken/files/createtoken.service b/recipes-support/softhsm-testtoken/files/createtoken.service new file mode 100644 index 0000000..23317b9 --- /dev/null +++ b/recipes-support/softhsm-testtoken/files/createtoken.service @@ -0,0 +1,12 @@ +[Unit] +Description=Create a mock smartcard for testing +Before=aktualizr.service +RequiredBy=aktualizr.service + +[Service] +RestartSec=10 +Restart=on-failure +ExecStart=/usr/bin/createtoken.sh + +[Install] +WantedBy=aktualizr.service diff --git a/recipes-support/softhsm-testtoken/files/createtoken.sh b/recipes-support/softhsm-testtoken/files/createtoken.sh new file mode 100644 index 0000000..a72ec34 --- /dev/null +++ b/recipes-support/softhsm-testtoken/files/createtoken.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +if pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so -O; then + # The token has already been initialized, exit + exit 0 +fi + +if ! ls /var/sota/token/pkey.pem /var/sota/token/client.pem; then + # Key/certificate pair is not present, repeat + mkdir -p /var/sota/token + exit 1 +fi + +mkdir -p /var/lib/softhsm/tokens +softhsm2-util --init-token --slot 0 --label "Virtual token" --pin 1234 --so-pin 1234 + +pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so --label 'Virtual token' --write-object /var/sota/token/pkey.pem --type privkey --login --pin 1234 +openssl x509 -outform der -in /var/sota/token/client.pem -out /var/sota/token/client.der +pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so --label 'Virtual token' --write-object /var/sota/token/client.der --type cert --login --pin 1234 + +exit 0 diff --git a/recipes-support/softhsm-testtoken/softhsm-testtoken.bb b/recipes-support/softhsm-testtoken/softhsm-testtoken.bb new file mode 100644 index 0000000..c5691db --- /dev/null +++ b/recipes-support/softhsm-testtoken/softhsm-testtoken.bb @@ -0,0 +1,27 @@ +SUMMARY = "Mock smartcard for aktualizr" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \ + file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" + + +inherit systemd + +RDEPENDS_${PN} = "softhsm libp11" +DEPENDS_append = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', ' systemd', '', d)}" + + +SRC_URI = "file://createtoken.service \ + file://createtoken.sh" + +SYSTEMD_SERVICE_${PN} = "createtoken.service" + +do_install() { + install -d ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/createtoken.service ${D}${systemd_unitdir}/system/createtoken.service + install -d ${D}${bindir} + install -m 0744 ${WORKDIR}/createtoken.sh ${D}${bindir}/createtoken.sh +} + +FILES_${PN} = "${bindir}/createtoken.sh \ + ${systemd_unitdir}/system/createtoken.service" + -- cgit v1.2.3-54-g00ecf