diff options
author | Endi S. Dewata <edewata@redhat.com> | 2016-08-20 04:34:53 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2016-08-20 04:34:53 +0200 |
commit | 29a95e9e0228cebc484e080707ba9a8bd651b015 (patch) | |
tree | b417f31eec6488985f50067a02278724982a5d45 /tools | |
parent | 557385c79b92b5b3af24f22fdced83894de0ca10 (diff) | |
download | pki-dev-29a95e9e0228cebc484e080707ba9a8bd651b015.tar.gz pki-dev-29a95e9e0228cebc484e080707ba9a8bd651b015.tar.xz pki-dev-29a95e9e0228cebc484e080707ba9a8bd651b015.zip |
Added LunaSA scripts.
Diffstat (limited to 'tools')
-rwxr-xr-x | tools/lunasa-del.sh | 123 | ||||
-rwxr-xr-x | tools/lunasa-find.sh | 56 |
2 files changed, 179 insertions, 0 deletions
diff --git a/tools/lunasa-del.sh b/tools/lunasa-del.sh new file mode 100755 index 0000000..cfc4bc5 --- /dev/null +++ b/tools/lunasa-del.sh @@ -0,0 +1,123 @@ +#!/bin/sh + +verbose= +password_file= +run=1 + +# read the options +TEMP=`getopt -o f:nv --long help -n 'lunasa-del.sh' -- "$@"` +eval set -- "$TEMP" + +# extract options and their arguments into variables. +while true ; do + case "$1" in + -f) + password_file=$2 + shift 2 + ;; + --help) + echo "Usage: lunasa-del.sh <prefix> -f <password file> [OPTIONS]" + echo + echo "Options:" + echo " -f <password file> File containing LunaSA password." + echo " -n Dry run. Do not delete objects." + echo " -v Run in verbose mode." + echo " --help Show help message." + exit 0 + ;; + -n) + run= + shift + ;; + -v) + verbose=1 + shift + ;; + --) + shift + break + ;; + *) + echo "Error: invalid option $1" >&2 + echo "Run lunasa-del.sh --help for help." >&2 + exit 1 + ;; + esac +done + +prefix=$1 + +if [[ "$verbose" != "" ]] +then + echo "prefix: $prefix" +fi + +if [[ "$prefix" == "" ]] +then + echo "Error: missing prefix" >&2 + echo "Run lunasa-del.sh --help for help." >&2 + exit 1 +fi + +if [[ "$verbose" != "" ]] +then + echo "password file: $password_file" +fi + +if [[ "$password_file" == "" ]] +then + echo "Error: missing password file" >&2 + echo "Run lunasa-del.sh --help for help." >&2 + exit 1 +fi + +password="`cat $password_file`" + +if [[ "$verbose" != "" ]] +then + echo "run: $run" +fi + +echo "Searching for objects with prefix: $prefix" + +/usr/safenet/lunaclient/bin/cmu list -display handle,id,label -class certificate -password $password | while read cert +do + label=$(echo $cert | cut -d' ' -f3 | cut -d= -f2) + + if [[ "$label" == "$prefix"* ]] + then + + echo "object: $label" + + id=$(echo $cert | cut -d' ' -f2 | cut -d= -f2) + echo " - id: $id" + + certHandle=$(echo $cert | cut -d' ' -f1 | cut -d= -f2) + echo " - certificate: $certHandle" + + if [ "$run" == "1" ] + then + /usr/safenet/lunaclient/bin/cmu delete -handle $certHandle -force -password $password + fi + + publicKey=$(/usr/safenet/lunaclient/bin/cmu list -display handle -id $id -class public -password $password) + publicKeyHandle=$(echo $publicKey | cut -d' ' -f1 | cut -d= -f2) + echo " - public key: $publicKeyHandle" + + if [ "$run" == "1" ] + then + /usr/safenet/lunaclient/bin/cmu delete -handle $publicKeyHandle -force -password $password + fi + + privateKey=$(/usr/safenet/lunaclient/bin/cmu list -display handle -id $id -class private -password $password) + privateKeyHandle=$(echo $privateKey | cut -d' ' -f1 | cut -d= -f2) + echo " - private key: $privateKeyHandle" + + if [ "$run" == "1" ] + then + /usr/safenet/lunaclient/bin/cmu delete -handle $privateKeyHandle -force -password $password + fi + + fi + +done diff --git a/tools/lunasa-find.sh b/tools/lunasa-find.sh new file mode 100755 index 0000000..7f36897 --- /dev/null +++ b/tools/lunasa-find.sh @@ -0,0 +1,56 @@ +#!/bin/sh + +verbose= +password_file= + +# read the options +TEMP=`getopt -o f:v --long help -n 'lunasa-find.sh' -- "$@"` +eval set -- "$TEMP" + +# extract options and their arguments into variables. +while true ; do + case "$1" in + -f) + password_file=$2 + shift 2 + ;; + --help) + echo "Usage: lunasa-find.sh <prefix> -f <password file> [OPTIONS]" + echo + echo "Options:" + echo " -f <password file> File containing LunaSA password." + echo " -v Run in verbose mode." + echo " --help Show help message." + exit 0 + ;; + -v) + verbose=1 + shift + ;; + --) + shift + break + ;; + *) + echo "Error: invalid option $1" >&2 + echo "Run lunasa-find.sh --help for help." >&2 + exit 1 + ;; + esac +done + +if [[ "$verbose" != "" ]] +then + echo "password file: $password_file" +fi + +if [[ "$password_file" == "" ]] +then + echo "Error: missing password file" >&2 + echo "Run lunasa-del.sh --help for help." >&2 + exit 1 +fi + +password="`cat $password_file`" + +/usr/safenet/lunaclient/bin/cmu list -display handle,id,class,label -password "$password" |