Skip to content

Instantly share code, notes, and snippets.

@malys

malys/hsm.sh

Last active October 16, 2018 07:12
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save malys/d7996ce8c914289a4ab9bec387bb5f8a to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save malys/d7996ce8c914289a4ab9bec387bb5f8a to your computer and use it in GitHub Desktop.
Download ZIP
[HSM] Utilities #hsm#c2p#bull#cryptography
Raw
hsm.sh
#!/usr/bin/env bash
# C2P Bull Wrapper
shopt -s extglob
usage() {
{
echo -e "
usage:
\033[0;1;37m$(basename ${0})\033[0m <level-1 command> [<command args>]
Helper commands provided by the script
\033[0;1;37mkey\033[0m | \033[0;1;37mkeypair\033[0m provide functions to manage and list key or keypair on the HSM
\033[0;1;37mlog\033[0m open the \033[0;1;37mp11_logs.txt\033[0m file in your favorite editor
\033[0;1;37mconf-c2p\033[0m open the \033[0;1;37mc2p.xml\033[0m configuration file for editing
\033[0;1;37mconf-p11\033[0m open the \033[0;1;37mpkcs11.conf\033[0m configuration file for editing
\033[0;1;37mvar\033[0m display environment variables value
\033[0;1;37mhelp\033[0m display this help message
Tools provided by bull
\033[0;1;37madmin\033[0m | \033[0;1;37mc2padmin\033[0m launch the tool
\033[0;1;37mca\033[0m | \033[0;1;37minstallca\033[0m launch the tool
\033[0;1;37mp11\033[0m | \033[0;1;37mp11tool\033[0m launch the tool
\033[0;1;37msrv\033[0m | \033[0;1;37mpkcs11srvr\033[0m launch the tool
"
} >&2
}
keyUsage() {
{
echo -e "
usage:
\033[0;1;37m$(basename ${0}) key\033[0m <command> [options]
commands:
\033[0;1;37mmk\033[0m [<mk-options>] generate a new key
mk-options:
-keyalg (aes | des | des2 | des3)
-keysize size
-alias alias
-id ident
\033[0;1;37mls\033[0m list all keys
\033[0;1;37mrm\033[0m (-alias | -id) delete a key
options:
-verbose
-debug
-dump
-quiet
default key is \033[0;1;37mAES192\033[0m
"
} >&2
}
keypairUsage() {
{
echo -e "
usage:
\033[0;1;37m$(basename ${0}) keypair\033[0m <command> [options]
commands:
\033[0;1;37mmk\033[0m [<mk-options>] generate a new keypair
mk-options:
-keysize size
-alias alias
-id ident
\033[0;1;37mls\033[0m list all keys
\033[0;1;37mrm\033[0m (-alias | -id) delete a key
options:
-verbose
-debug
-dump
-quiet
default key is \033[0;1;37mRSA1024\033[0m
"
} >&2
}
displayVars() {
{
# https://www.systutorials.com/docs/linux/man/5-pkcs11.conf/
TMP_RE1=${C2P_CONF//\\//}
TMP_RE2=${PKCS11_CONF//\\//}
echo -e "
C2P_CONF : ${TMP_RE1:-<not set>}
PKCS11_CONF : ${TMP_RE2:-<not set>}
"
} >&2
}
__exec() {
############### CHANGE THESE VARIABLE IF NEEDED ###############
local bull_c2p_prog_path="$(dirname "$C2P_CONF")/api/bin/"
local bull_c2p_data_path="$(dirname "$C2P_CONF")/data"
###############################################################
local c2padmin="${bull_c2p_prog_path}/c2padmin.exe"
local installca="${bull_c2p_prog_path}/installca.exe"
local p11tool="${bull_c2p_prog_path}/p11tool.exe"
local pkcs11srvr="${bull_c2p_prog_path}/pkcs11srvr.exe"
local pkcs11c2pdll="$(dirname "$C2P_CONF")/api/dll/pkcs11c2p.dll"
local open_cmd=start
if [ "$(uname -o)" == "Cygwin" ]; then
open_cmd=cygstart
# The dll is installed in windows
pkcs11c2pdll=$(cygpath --windows "${bull_c2p_prog_path}/pkcs11c2p.dll")
fi
local tool=""
local command=${1}
shift
case ${command} in
c2padmin)
tool="${c2padmin}"
;;
installca)
tool="${installca}"
;;
p11tool)
tool="${p11tool}"
;;
pkcs11srvr)
tool="${pkcs11srvr}"
;;
open)
local what=${1}
shift
case $what in
log)
${open_cmd} "$(dirname "$C2P_CONF")/p11.log"
;;
conf-c2p)
${open_cmd} "${C2P_CONF}"
;;
conf-p11)
${open_cmd} "${PKCS11_CONF}"
;;
esac
return
;;
esac
if [ "${tool}" != "" ]; then
#set -x
"${tool}" -shared "${pkcs11c2pdll}" ${@}
#set +x
fi
}
keyCommand() {
local command=${1}
shift
case ${command} in
mk | gen | new)
__exec ${p11tool} -genkey -usage scw ${@}
;;
ls | list)
__exec ${p11tool} -list -verbose ${@}
;;
rm | del)
__exec ${p11tool} -delete ${@}
;;
--help|help)
keyUsage
;;
*)
echo "bad key command: " ${command}
keyUsage
exit 1
;;
esac
}
keypairCommand() {
local command=${1}
shift
case ${command} in
mk | gen | new)
__exec ${p11tool} -genkeypair -keyalg rsa -usage client ${@}
;;
ls | list)
__exec ${p11tool} -list -verbose ${@}
;;
rm | del)
__exec ${p11tool} -delete ${@}
;;
--help|help)
keypairUsage
;;
*)
echo "bad keypair command: " ${command}
keypairUsage
exit 1
;;
esac
}
cpadminCommand() {
__exec ${c2padmin} ${@}
}
installcaCommand() {
__exec ${installca} ${@}
}
p11toolCommand() {
__exec ${p11tool} ${@}
}
p11toolsrvrCommand() {
__exec pkcs11srvr ${@}
}
helpCommand() {
local command=${1}
shift
case ${command} in
key)
keyUsage
;;
keypair)
keypairUsage
;;
*)
usage
exit 1
;;
esac
}
main() {
local command=${1}
shift
case ${command} in
key)
keyCommand ${@}
;;
keypair)
keypairCommand ${@}
;;
log)
__exec open log
;;
conf-c2p)
__exec open conf-c2p
;;
conf-p11)
__exec open conf-p11
;;
var)
displayVars
;;
c2padmin | admin)
cpadminCommand ${@}
;;
installca | ca)
installcaCommand ${@}
;;
p11tool | p11)
p11toolCommand ${@}
;;
pkcs11srvr | srv)
p11toolsrvrCommand ${@}
;;
--help|help)
helpCommand ${@}
;;
*)
echo "bad command: " ${command}
usage
exit 1
;;
esac
}
main ${@}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment