blob: a545c56ff365647d7859e4bdc67e6eceb2d421b9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
#!/bin/sh
verbose=
password_file=
run=1
# read the options
TEMP=`getopt -o f:nv --long help -n 'lunasa-del.sh' -- "$@"`
eval set -- "$TEMP"
# extract options and their arguments into variables.
while true ; do
case "$1" in
-f)
password_file=$2
shift 2
;;
--help)
echo "Usage: lunasa-del.sh <prefix> -f <password file> [OPTIONS]"
echo
echo "Options:"
echo " -f <password file> File containing LunaSA password."
echo " -n Dry run. Do not delete objects."
echo " -v Run in verbose mode."
echo " --help Show help message."
exit 0
;;
-n)
run=
shift
;;
-v)
verbose=1
shift
;;
--)
shift
break
;;
*)
echo "Error: invalid option $1" >&2
echo "Run lunasa-del.sh --help for help." >&2
exit 1
;;
esac
done
prefix=$1
if [ "$verbose" != "" ]
then
echo "prefix: $prefix"
fi
if [ "$prefix" == "" ]
then
echo "Error: missing prefix" >&2
echo "Run lunasa-del.sh --help for help." >&2
exit 1
fi
if [ "$verbose" != "" ]
then
echo "password file: $password_file"
fi
if [ "$password_file" == "" ]
then
echo "Error: missing password file" >&2
echo "Run lunasa-del.sh --help for help." >&2
exit 1
fi
password="`cat $password_file`"
if [ "$verbose" != "" ]
then
echo "run: $run"
fi
echo "Searching for objects with prefix: $prefix"
/usr/safenet/lunaclient/bin/cmu list -display handle,id,label -class certificate -password "$password" | while read cert
do
label=$(echo $cert | cut -d' ' -f3 | cut -d= -f2)
if [[ "$label" == "$prefix"* ]]
then
echo "object: $label"
id=$(echo $cert | cut -d' ' -f2 | cut -d= -f2)
echo " - id: $id"
certHandle=$(echo $cert | cut -d' ' -f1 | cut -d= -f2)
echo " - certificate: $certHandle"
if [ "$run" == "1" ]
then
/usr/safenet/lunaclient/bin/cmu delete -handle $certHandle -force -password $password
fi
publicKey=$(/usr/safenet/lunaclient/bin/cmu list -display handle -id $id -class public -password $password)
publicKeyHandle=$(echo $publicKey | cut -d' ' -f1 | cut -d= -f2)
echo " - public key: $publicKeyHandle"
if [ "$run" == "1" ]
then
/usr/safenet/lunaclient/bin/cmu delete -handle $publicKeyHandle -force -password $password
fi
privateKey=$(/usr/safenet/lunaclient/bin/cmu list -display handle -id $id -class private -password $password)
privateKeyHandle=$(echo $privateKey | cut -d' ' -f1 | cut -d= -f2)
echo " - private key: $privateKeyHandle"
if [ "$run" == "1" ]
then
/usr/safenet/lunaclient/bin/cmu delete -handle $privateKeyHandle -force -password $password
fi
fi
done
|