Added LunaSA scripts.

author: Endi S. Dewata <edewata@redhat.com> 2016-08-20 04:34:53 +0200
committer: Endi S. Dewata <edewata@redhat.com> 2016-08-20 04:34:53 +0200
commit: 29a95e9e0228cebc484e080707ba9a8bd651b015 (patch)
tree: b417f31eec6488985f50067a02278724982a5d45 /tools
parent: 557385c79b92b5b3af24f22fdced83894de0ca10 (diff)
download: pki-dev-29a95e9e0228cebc484e080707ba9a8bd651b015.tar.gz
pki-dev-29a95e9e0228cebc484e080707ba9a8bd651b015.tar.xz
pki-dev-29a95e9e0228cebc484e080707ba9a8bd651b015.zip
2 files changed, 179 insertions, 0 deletions
diff --git a/tools/lunasa-del.sh b/tools/lunasa-del.sh
new file mode 100755
index 0000000..cfc4bc5
--- /dev/null
+++ b/tools/lunasa-del.sh
@@ -0,0 +1,123 @@
+#!/bin/sh
+
+verbose=
+password_file=
+run=1
+
+# read the options
+TEMP=`getopt -o f:nv --long help -n 'lunasa-del.sh' -- "$@"`
+eval set -- "$TEMP"
+
+# extract options and their arguments into variables.
+while true ; do
+    case "$1" in
+        -f)
+            password_file=$2
+            shift 2
+            ;;
+        --help)
+            echo "Usage: lunasa-del.sh <prefix> -f <password file> [OPTIONS]"
+            echo
+            echo "Options:"
+            echo " -f <password file>   File containing LunaSA password."
+            echo " -n                   Dry run. Do not delete objects."
+            echo " -v                   Run in verbose mode."
+            echo " --help               Show help message."
+            exit 0
+            ;;
+        -n)
+            run= 
+            shift
+            ;;
+        -v)
+            verbose=1
+            shift
+            ;;
+        --)
+            shift
+            break
+            ;;
+        *)
+            echo "Error: invalid option $1" >&2
+            echo "Run lunasa-del.sh --help for help." >&2
+            exit 1
+            ;;
+    esac
+done
+
+prefix=$1
+
+if [[ "$verbose" != "" ]]
+then
+    echo "prefix: $prefix"
+fi
+
+if [[ "$prefix" == "" ]]
+then
+    echo "Error: missing prefix" >&2
+    echo "Run lunasa-del.sh --help for help." >&2
+    exit 1
+fi
+
+if [[ "$verbose" != "" ]]
+then
+    echo "password file: $password_file"
+fi
+
+if [[ "$password_file" == "" ]]
+then
+    echo "Error: missing password file" >&2
+    echo "Run lunasa-del.sh --help for help." >&2
+    exit 1
+fi
+
+password="`cat $password_file`"
+
+if [[ "$verbose" != "" ]]
+then
+    echo "run: $run"
+fi
+
+echo "Searching for objects with prefix: $prefix"
+
+/usr/safenet/lunaclient/bin/cmu list -display handle,id,label -class certificate -password $password | while read cert
+do
+    label=$(echo $cert | cut -d' ' -f3 | cut -d= -f2)
+
+    if [[ "$label" == "$prefix"* ]]
+    then
+
+        echo "object: $label"
+
+        id=$(echo $cert | cut -d' ' -f2 | cut -d= -f2)
+        echo " - id: $id"
+
+        certHandle=$(echo $cert | cut -d' ' -f1 | cut -d= -f2)
+        echo " - certificate: $certHandle"
+
+        if [ "$run" == "1" ]
+        then
+            /usr/safenet/lunaclient/bin/cmu delete -handle $certHandle -force -password $password
+        fi
+
+        publicKey=$(/usr/safenet/lunaclient/bin/cmu list -display handle -id $id -class public -password $password)
+        publicKeyHandle=$(echo $publicKey | cut -d' ' -f1 | cut -d= -f2)
+        echo " - public key: $publicKeyHandle"
+
+        if [ "$run" == "1" ]
+        then
+            /usr/safenet/lunaclient/bin/cmu delete -handle $publicKeyHandle -force -password $password
+        fi
+
+        privateKey=$(/usr/safenet/lunaclient/bin/cmu list -display handle -id $id -class private -password $password)
+        privateKeyHandle=$(echo $privateKey | cut -d' ' -f1 | cut -d= -f2)
+        echo " - private key: $privateKeyHandle"
+
+        if [ "$run" == "1" ]
+        then
+            /usr/safenet/lunaclient/bin/cmu delete -handle $privateKeyHandle -force -password $password
+        fi
+
+    fi
+
+done
diff --git a/tools/lunasa-find.sh b/tools/lunasa-find.sh
new file mode 100755
index 0000000..7f36897
--- /dev/null
+++ b/tools/lunasa-find.sh
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+verbose=
+password_file=
+
+# read the options
+TEMP=`getopt -o f:v --long help -n 'lunasa-find.sh' -- "$@"`
+eval set -- "$TEMP"
+
+# extract options and their arguments into variables.
+while true ; do
+    case "$1" in
+        -f)
+            password_file=$2
+            shift 2
+            ;;
+        --help)
+            echo "Usage: lunasa-find.sh <prefix> -f <password file> [OPTIONS]"
+            echo
+            echo "Options:"
+            echo " -f <password file>   File containing LunaSA password."
+            echo " -v                   Run in verbose mode."
+            echo " --help               Show help message."
+            exit 0
+            ;;
+        -v)
+            verbose=1
+            shift
+            ;;
+        --)
+            shift
+            break
+            ;;
+        *)
+            echo "Error: invalid option $1" >&2
+            echo "Run lunasa-find.sh --help for help." >&2
+            exit 1
+            ;;
+    esac
+done
+
+if [[ "$verbose" != "" ]]
+then
+    echo "password file: $password_file"
+fi
+
+if [[ "$password_file" == "" ]]
+then
+    echo "Error: missing password file" >&2
+    echo "Run lunasa-del.sh --help for help." >&2
+    exit 1
+fi
+
+password="`cat $password_file`"
+
+/usr/safenet/lunaclient/bin/cmu list -display handle,id,class,label -password "$password"
author	Endi S. Dewata <edewata@redhat.com>	2016-08-20 04:34:53 +0200
committer	Endi S. Dewata <edewata@redhat.com>	2016-08-20 04:34:53 +0200
commit	29a95e9e0228cebc484e080707ba9a8bd651b015 (patch)
tree	b417f31eec6488985f50067a02278724982a5d45 /tools
parent	557385c79b92b5b3af24f22fdced83894de0ca10 (diff)
download	pki-dev-29a95e9e0228cebc484e080707ba9a8bd651b015.tar.gz pki-dev-29a95e9e0228cebc484e080707ba9a8bd651b015.tar.xz pki-dev-29a95e9e0228cebc484e080707ba9a8bd651b015.zip