Updated TKS scripts.

7 files changed, 46 insertions, 2 deletions

diff --git a/scripts/tks-create.sh b/scripts/tks-create.sh
index 4a6fabe..7cdef34 100755
--- a/scripts/tks-create.sh
+++ b/scripts/tks-create.sh
@@ -1,3 +1,3 @@
 #!/bin/sh -x
 
-pkispawn -v -f tks.cfg -s TKS -v 2>&1 | tee build/tks-create.log
+pkispawn -v -f tks.cfg -s TKS -v
diff --git a/scripts/tks-merged-create.sh b/scripts/tks-merged-create.sh
index 14d29cf..d423681 100755
--- a/scripts/tks-merged-create.sh
+++ b/scripts/tks-merged-create.sh
@@ -1,3 +1,3 @@
 #!/bin/sh -x
 
-pkispawn -f merged.cfg -s TKS -v 2>&1 | tee build/tks-merged-create.log
+pkispawn -f merged.cfg -s TKS -v
diff --git a/scripts/tks-remote-create.sh b/scripts/tks-remote-create.sh
new file mode 100755
index 0000000..c3c9f40
--- /dev/null
+++ b/scripts/tks-remote-create.sh
@@ -0,0 +1,3 @@
+#!/bin/sh -x
+
+pkispawn -v -f tks-remote.cfg -s TKS -v
diff --git a/scripts/tks-secret-create.sh b/scripts/tks-secret-create.sh
new file mode 100755
index 0000000..201f8bd
--- /dev/null
+++ b/scripts/tks-secret-create.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+dd if=/dev/urandom of=tks-secret-random.bin bs=1024 count=2
+
+INSTANCE_DIR=/var/lib/pki/pki-tomcat
+#INSTANCE_DIR=/var/lib/pki/tks-master
+grep "internal=" $INSTANCE_DIR/conf/password.conf | sed "s/internal=//" > $INSTANCE_DIR/conf/internal.txt
+
+#tkstool -T -d $INSTANCE_DIR/alias -n sharedSecret -f $INSTANCE_DIR/conf/internal.txt -z tks-secret-random.bin -o tks-secret.txt
+tkstool -T -d $INSTANCE_DIR/alias -n sharedSecret -f $INSTANCE_DIR/conf/internal.txt -z tks-secret-random.bin
+
+#tkstool -T -d /var/lib/pki/pki-tomcat/alias/ -n sharedSecret
diff --git a/scripts/tks-secret-list.sh b/scripts/tks-secret-list.sh
new file mode 100755
index 0000000..688eeb3
--- /dev/null
+++ b/scripts/tks-secret-list.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+INSTANCE_DIR=/var/lib/pki/tks-master
+grep "internal=" $INSTANCE_DIR/conf/password.conf | sed "s/internal=//" > $INSTANCE_DIR/conf/internal.txt
+
+echo certutil -K -d $INSTANCE_DIR/alias -f $INSTANCE_DIR/conf/internal.txt
+certutil -K -d $INSTANCE_DIR/alias -f $INSTANCE_DIR/conf/internal.txt
+
+echo tkstool -L -d $INSTANCE_DIR/alias -n sharedSecret -f $INSTANCE_DIR/conf/internal.txt -h all
+tkstool -L -d $INSTANCE_DIR/alias -n sharedSecret -f $INSTANCE_DIR/conf/internal.txt -h all
+
diff --git a/scripts/tks-secret-remove.sh b/scripts/tks-secret-remove.sh
new file mode 100755
index 0000000..84d3a08
--- /dev/null
+++ b/scripts/tks-secret-remove.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+INSTANCE_DIR=/var/lib/pki/tks-master
+grep "internal=" $INSTANCE_DIR/conf/password.conf | sed "s/internal=//" > $INSTANCE_DIR/conf/internal.txt
+tkstool -D -d $INSTANCE_DIR/alias -n sharedSecret -f $INSTANCE_DIR/conf/internal.txt
diff --git a/scripts/tks-tps-remove.sh b/scripts/tks-tps-remove.sh
new file mode 100755
index 0000000..7f0d271
--- /dev/null
+++ b/scripts/tks-tps-remove.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+TPSHOST=`cat tps.host`
+
+ldapmodify -x -D "cn=Directory Manager" -w Secret123 -c << EOF
+dn: cn=Token Key Service Manager Agents,ou=groups,dc=tks,dc=pki,dc=example,dc=com
+changetype: modify
+delete: uniqueMember
+uniqueMember: uid=TPS-$TPSHOST-8443,ou=people,dc=tks,dc=pki,dc=example,dc=com
+
+dn: uid=TPS-$TPSHOST-8443,ou=people,dc=tks,dc=pki,dc=example,dc=com
+changetype: delete
+EOF