diff options
author | Endi S. Dewata <edewata@redhat.com> | 2017-07-20 08:16:14 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2017-07-20 08:16:14 +0200 |
commit | 43f17ccffb5cec8c7b4faa6f441090db96b6eacb (patch) | |
tree | 6afa03fae3c0ace1944be9087f92c12b1f0c1fc7 /scripts | |
parent | fd5fe75b88810c3b42ae8c1daaefb821a33e6b94 (diff) | |
download | pki-dev-43f17ccffb5cec8c7b4faa6f441090db96b6eacb.tar.gz pki-dev-43f17ccffb5cec8c7b4faa6f441090db96b6eacb.tar.xz pki-dev-43f17ccffb5cec8c7b4faa6f441090db96b6eacb.zip |
Added Luna SA scripts.
Diffstat (limited to 'scripts')
-rwxr-xr-x | scripts/lunasa-check.sh | 3 | ||||
-rw-r--r-- | scripts/lunasa-del.sh | 123 | ||||
-rwxr-xr-x | scripts/lunasa-del2.sh | 9 | ||||
-rwxr-xr-x | scripts/lunasa-del3.sh | 17 |
4 files changed, 152 insertions, 0 deletions
diff --git a/scripts/lunasa-check.sh b/scripts/lunasa-check.sh new file mode 100755 index 0000000..0fc7d0d --- /dev/null +++ b/scripts/lunasa-check.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +/usr/safenet/lunaclient/bin/vtl verify diff --git a/scripts/lunasa-del.sh b/scripts/lunasa-del.sh new file mode 100644 index 0000000..a545c56 --- /dev/null +++ b/scripts/lunasa-del.sh @@ -0,0 +1,123 @@ +#!/bin/sh + +verbose= +password_file= +run=1 + +# read the options +TEMP=`getopt -o f:nv --long help -n 'lunasa-del.sh' -- "$@"` +eval set -- "$TEMP" + +# extract options and their arguments into variables. +while true ; do + case "$1" in + -f) + password_file=$2 + shift 2 + ;; + --help) + echo "Usage: lunasa-del.sh <prefix> -f <password file> [OPTIONS]" + echo + echo "Options:" + echo " -f <password file> File containing LunaSA password." + echo " -n Dry run. Do not delete objects." + echo " -v Run in verbose mode." + echo " --help Show help message." + exit 0 + ;; + -n) + run= + shift + ;; + -v) + verbose=1 + shift + ;; + --) + shift + break + ;; + *) + echo "Error: invalid option $1" >&2 + echo "Run lunasa-del.sh --help for help." >&2 + exit 1 + ;; + esac +done + +prefix=$1 + +if [ "$verbose" != "" ] +then + echo "prefix: $prefix" +fi + +if [ "$prefix" == "" ] +then + echo "Error: missing prefix" >&2 + echo "Run lunasa-del.sh --help for help." >&2 + exit 1 +fi + +if [ "$verbose" != "" ] +then + echo "password file: $password_file" +fi + +if [ "$password_file" == "" ] +then + echo "Error: missing password file" >&2 + echo "Run lunasa-del.sh --help for help." >&2 + exit 1 +fi + +password="`cat $password_file`" + +if [ "$verbose" != "" ] +then + echo "run: $run" +fi + +echo "Searching for objects with prefix: $prefix" + +/usr/safenet/lunaclient/bin/cmu list -display handle,id,label -class certificate -password "$password" | while read cert +do + label=$(echo $cert | cut -d' ' -f3 | cut -d= -f2) + + if [[ "$label" == "$prefix"* ]] + then + + echo "object: $label" + + id=$(echo $cert | cut -d' ' -f2 | cut -d= -f2) + echo " - id: $id" + + certHandle=$(echo $cert | cut -d' ' -f1 | cut -d= -f2) + echo " - certificate: $certHandle" + + if [ "$run" == "1" ] + then + /usr/safenet/lunaclient/bin/cmu delete -handle $certHandle -force -password $password + fi + + publicKey=$(/usr/safenet/lunaclient/bin/cmu list -display handle -id $id -class public -password $password) + publicKeyHandle=$(echo $publicKey | cut -d' ' -f1 | cut -d= -f2) + echo " - public key: $publicKeyHandle" + + if [ "$run" == "1" ] + then + /usr/safenet/lunaclient/bin/cmu delete -handle $publicKeyHandle -force -password $password + fi + + privateKey=$(/usr/safenet/lunaclient/bin/cmu list -display handle -id $id -class private -password $password) + privateKeyHandle=$(echo $privateKey | cut -d' ' -f1 | cut -d= -f2) + echo " - private key: $privateKeyHandle" + + if [ "$run" == "1" ] + then + /usr/safenet/lunaclient/bin/cmu delete -handle $privateKeyHandle -force -password $password + fi + + fi + +done diff --git a/scripts/lunasa-del2.sh b/scripts/lunasa-del2.sh new file mode 100755 index 0000000..c42b2c9 --- /dev/null +++ b/scripts/lunasa-del2.sh @@ -0,0 +1,9 @@ +#!/bin/sh + +for handle in "$@" +do + echo "Deleting object #$handle..." + /usr/safenet/lunaclient/bin/cmu delete -handle $handle -force -password `cat lunasa.txt` +done + +echo "Done." diff --git a/scripts/lunasa-del3.sh b/scripts/lunasa-del3.sh new file mode 100755 index 0000000..39240d9 --- /dev/null +++ b/scripts/lunasa-del3.sh @@ -0,0 +1,17 @@ +#!/bin/sh + +password="`cat lunasa.txt`" + +for id in "$@" +do + echo "Deleting id $id..." + + /usr/safenet/lunaclient/bin/cmu list -display handle,class -id $id -password $password | while read cert + do + class=$(echo $cert | cut -d' ' -f2 | cut -d= -f2) + handle=$(echo $cert | cut -d' ' -f1 | cut -d= -f2) + echo " - $class: $handle" + + /usr/safenet/lunaclient/bin/cmu delete -handle $handle -force -password $password + done +done |