Added Luna SA scripts.

author: Endi S. Dewata <edewata@redhat.com> 2017-07-20 08:16:14 +0200
committer: Endi S. Dewata <edewata@redhat.com> 2017-07-20 08:16:14 +0200
commit: 43f17ccffb5cec8c7b4faa6f441090db96b6eacb (patch)
tree: 6afa03fae3c0ace1944be9087f92c12b1f0c1fc7 /scripts
parent: fd5fe75b88810c3b42ae8c1daaefb821a33e6b94 (diff)
download: pki-dev-43f17ccffb5cec8c7b4faa6f441090db96b6eacb.tar.gz
pki-dev-43f17ccffb5cec8c7b4faa6f441090db96b6eacb.tar.xz
pki-dev-43f17ccffb5cec8c7b4faa6f441090db96b6eacb.zip
4 files changed, 152 insertions, 0 deletions
diff --git a/scripts/lunasa-check.sh b/scripts/lunasa-check.sh
new file mode 100755
index 0000000..0fc7d0d
--- /dev/null
+++ b/scripts/lunasa-check.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+/usr/safenet/lunaclient/bin/vtl verify
diff --git a/scripts/lunasa-del.sh b/scripts/lunasa-del.sh
new file mode 100644
index 0000000..a545c56
--- /dev/null
+++ b/scripts/lunasa-del.sh
@@ -0,0 +1,123 @@
+#!/bin/sh
+
+verbose=
+password_file=
+run=1
+
+# read the options
+TEMP=`getopt -o f:nv --long help -n 'lunasa-del.sh' -- "$@"`
+eval set -- "$TEMP"
+
+# extract options and their arguments into variables.
+while true ; do
+    case "$1" in
+        -f)
+            password_file=$2
+            shift 2
+            ;;
+        --help)
+            echo "Usage: lunasa-del.sh <prefix> -f <password file> [OPTIONS]"
+            echo
+            echo "Options:"
+            echo " -f <password file>   File containing LunaSA password."
+            echo " -n                   Dry run. Do not delete objects."
+            echo " -v                   Run in verbose mode."
+            echo " --help               Show help message."
+            exit 0
+            ;;
+        -n)
+            run= 
+            shift
+            ;;
+        -v)
+            verbose=1
+            shift
+            ;;
+        --)
+            shift
+            break
+            ;;
+        *)
+            echo "Error: invalid option $1" >&2
+            echo "Run lunasa-del.sh --help for help." >&2
+            exit 1
+            ;;
+    esac
+done
+
+prefix=$1
+
+if [ "$verbose" != "" ]
+then
+    echo "prefix: $prefix"
+fi
+
+if [ "$prefix" == "" ]
+then
+    echo "Error: missing prefix" >&2
+    echo "Run lunasa-del.sh --help for help." >&2
+    exit 1
+fi
+
+if [ "$verbose" != "" ]
+then
+    echo "password file: $password_file"
+fi
+
+if [ "$password_file" == "" ]
+then
+    echo "Error: missing password file" >&2
+    echo "Run lunasa-del.sh --help for help." >&2
+    exit 1
+fi
+
+password="`cat $password_file`"
+
+if [ "$verbose" != "" ]
+then
+    echo "run: $run"
+fi
+
+echo "Searching for objects with prefix: $prefix"
+
+/usr/safenet/lunaclient/bin/cmu list -display handle,id,label -class certificate -password "$password" | while read cert
+do
+    label=$(echo $cert | cut -d' ' -f3 | cut -d= -f2)
+
+    if [[ "$label" == "$prefix"* ]]
+    then
+
+        echo "object: $label"
+
+        id=$(echo $cert | cut -d' ' -f2 | cut -d= -f2)
+        echo " - id: $id"
+
+        certHandle=$(echo $cert | cut -d' ' -f1 | cut -d= -f2)
+        echo " - certificate: $certHandle"
+
+        if [ "$run" == "1" ]
+        then
+            /usr/safenet/lunaclient/bin/cmu delete -handle $certHandle -force -password $password
+        fi
+
+        publicKey=$(/usr/safenet/lunaclient/bin/cmu list -display handle -id $id -class public -password $password)
+        publicKeyHandle=$(echo $publicKey | cut -d' ' -f1 | cut -d= -f2)
+        echo " - public key: $publicKeyHandle"
+
+        if [ "$run" == "1" ]
+        then
+            /usr/safenet/lunaclient/bin/cmu delete -handle $publicKeyHandle -force -password $password
+        fi
+
+        privateKey=$(/usr/safenet/lunaclient/bin/cmu list -display handle -id $id -class private -password $password)
+        privateKeyHandle=$(echo $privateKey | cut -d' ' -f1 | cut -d= -f2)
+        echo " - private key: $privateKeyHandle"
+
+        if [ "$run" == "1" ]
+        then
+            /usr/safenet/lunaclient/bin/cmu delete -handle $privateKeyHandle -force -password $password
+        fi
+
+    fi
+
+done
diff --git a/scripts/lunasa-del2.sh b/scripts/lunasa-del2.sh
new file mode 100755
index 0000000..c42b2c9
--- /dev/null
+++ b/scripts/lunasa-del2.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+for handle in "$@"
+do
+    echo "Deleting object #$handle..."
+    /usr/safenet/lunaclient/bin/cmu delete -handle $handle -force -password `cat lunasa.txt`
+done
+
+echo "Done."
diff --git a/scripts/lunasa-del3.sh b/scripts/lunasa-del3.sh
new file mode 100755
index 0000000..39240d9
--- /dev/null
+++ b/scripts/lunasa-del3.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+password="`cat lunasa.txt`"
+
+for id in "$@"
+do
+    echo "Deleting id $id..."
+
+    /usr/safenet/lunaclient/bin/cmu list -display handle,class -id $id -password $password | while read cert
+    do
+        class=$(echo $cert | cut -d' ' -f2 | cut -d= -f2)
+        handle=$(echo $cert | cut -d' ' -f1 | cut -d= -f2)
+        echo " - $class: $handle"
+
+        /usr/safenet/lunaclient/bin/cmu delete -handle $handle -force -password $password
+    done
+done
author	Endi S. Dewata <edewata@redhat.com>	2017-07-20 08:16:14 +0200
committer	Endi S. Dewata <edewata@redhat.com>	2017-07-20 08:16:14 +0200
commit	43f17ccffb5cec8c7b4faa6f441090db96b6eacb (patch)
tree	6afa03fae3c0ace1944be9087f92c12b1f0c1fc7 /scripts
parent	fd5fe75b88810c3b42ae8c1daaefb821a33e6b94 (diff)
download	pki-dev-43f17ccffb5cec8c7b4faa6f441090db96b6eacb.tar.gz pki-dev-43f17ccffb5cec8c7b4faa6f441090db96b6eacb.tar.xz pki-dev-43f17ccffb5cec8c7b4faa6f441090db96b6eacb.zip