blob: 8f5837d20ea553310f7eb0ffa02dabda1f57b7a1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
#!/bin/sh
verbose=
password_file=
run=1
# read the options
TEMP=`getopt -o f:nv --long help -n 'lunasa-del' -- "$@"`
eval set -- "$TEMP"
# extract options and their arguments into variables.
while true ; do
case "$1" in
-f)
password_file=$2
shift 2
;;
--help)
echo "Usage: lunasa-del <prefix> -f <password file> [OPTIONS]"
echo
echo "Options:"
echo " -f <password file> File containing LunaSA password."
echo " -n Dry run. Do not delete objects."
echo " -v Run in verbose mode."
echo " --help Show help message."
exit 0
;;
-n)
run=
shift
;;
-v)
verbose=1
shift
;;
--)
shift
break
;;
*)
echo "Error: invalid option $1" >&2
echo "Run lunasa-del --help for help." >&2
exit 1
;;
esac
done
prefix=$1
if [[ "$verbose" != "" ]]
then
echo "prefix: $prefix"
fi
if [[ "$prefix" == "" ]]
then
echo "Error: missing prefix" >&2
echo "Run lunasa-del --help for help." >&2
exit 1
fi
if [[ "$verbose" != "" ]]
then
echo "password file: $password_file"
fi
if [[ "$password_file" == "" ]]
then
echo "Error: missing password file" >&2
echo "Run lunasa-del --help for help." >&2
exit 1
fi
password="`cat $password_file`"
if [[ "$verbose" != "" ]]
then
echo "run: $run"
fi
echo "Searching for objects with prefix: $prefix"
/usr/safenet/lunaclient/bin/cmu list -display handle,id,label -class certificate -password $password | while read cert
do
label=$(echo $cert | sed 's/^.*label=\(.*\)$/\1/')
if [[ "$verbose" != "" ]]
then
echo "object: $label"
fi
if [[ "$label" == "$prefix"* ]]
then
echo "deleting object: $label"
id=$(echo $cert | sed 's/^.*id=\([^ ]*\).*$/\1/')
echo " - id: $id"
certHandle=$(echo $cert | sed 's/^handle=\([^ ]*\).*$/\1/')
echo " - certificate: $certHandle"
if [[ "$run" == "1" ]]
then
/usr/safenet/lunaclient/bin/cmu delete -handle $certHandle -force -password $password
fi
publicKey=$(/usr/safenet/lunaclient/bin/cmu list -display handle -id $id -class public -password $password)
publicKeyHandle=$(echo $publicKey | sed 's/^handle=\([^ ]*\).*$/\1/')
if [[ "$publicKeyHandle" != "" ]]
then
echo " - public key: $publicKeyHandle"
if [[ "$run" == "1" ]]
then
/usr/safenet/lunaclient/bin/cmu delete -handle $publicKeyHandle -force -password $password
fi
fi
privateKey=$(/usr/safenet/lunaclient/bin/cmu list -display handle -id $id -class private -password $password)
privateKeyHandle=$(echo $privateKey | sed 's/^handle=\([^ ]*\).*$/\1/')
if [[ "$privateKeyHandle" != "" ]]
then
echo " - private key: $privateKeyHandle"
if [[ "$run" == "1" ]]
then
/usr/safenet/lunaclient/bin/cmu delete -handle $privateKeyHandle -force -password $password
fi
fi
fi
done
|