bin/abrmdcontainer/create_primary.sh - onap/aaf/sshsm - Gitiles

 #!/bin/sh

 # Utility Script to create a primary key
 # Uses TCTI as device
 # It takes three arguments, a STORAGE HANDLE, the RH_OWNER Password and the KEY PASSWORD
 SRKHANDLE=$1
 O_PASSWORD=$2
 KEY_PASSWORD=$3

 # TPM Startup
 echo "tpm2_startup --clear -T device --verbose"
 tpm2_startup --clear -T device --verbose
 if [ $? -ne 0 ]; then echo; echo -e "${RED}Error, Exit.";
 error=$(echo "TPM Startup failed"); flag="0";
 echo "flag:${flag}" >> ${WORKDIR}/tpm_status.yaml;
 echo "error:${error}" >> ${WORKDIR}/tpm_status.yaml;
 exit 1;
 fi
 echo ""

 #Check if Primary Key already exists
 echo "tpm2_readpublic -H ${SRKHANDLE} --opu out_primary_public -T device --verbose"
 tpm2_readpublic -H ${SRKHANDLE} --opu out_primary_public -T device -V

 if [ $? -ne 0 ]; then echo; echo -e "${YELLOW} Primary Key does not exist, creating...";
     rm -f PrimaryKeyBlob
     echo "tpm2_createprimary -P ${O_PASSWORD} -K ${KEY_PASSWORD} -H o -g 0x000B
         -G 0x0001 -T device -V -C PrimaryKeyBlob"

     tpm2_createprimary -P ${O_PASSWORD} -K ${KEY_PASSWORD} -H o -g 0x000B \
         -G 0x0001 -T device -V -C PrimaryKeyBlob

     if [ $? -ne 0 ]; then echo; echo -e "${RED}Error, Exit.";
         error=$(echo "Error: TPM create Primary key failed");
         echo "$error"; flag="0";
         echo "flag:${flag}" >> ${WORKDIR}/tpm_status.yaml;
         echo "error:${error}" >> ${WORKDIR}/tpm_status.yaml;
         exit 1;
     fi
     echo ""


     #Store Primary Key in TPMs NV RAM
     echo "tpm2_evictcontrol -A o -c ./PrimaryKeyBlob -S ${SRKHANDLE}
         -T device -V -P ${O_PASSWORD}"

     tpm2_evictcontrol -A o -c ./PrimaryKeyBlob -S ${SRKHANDLE} \
         -T device -V -P ${O_PASSWORD}

     if [ $? -ne 0 ]; then echo; echo -e "${RED}Error, Exit.";
     error=$(echo "Error: Inserting Primary Key failed");
     echo "$error"; flag="0";
     echo "flag:${flag}" >> ${WORKDIR}/tpm_status.yaml;
     echo "errror:${error}" >> ${WORKDIR}/tpm_status.yaml;
     rm -f PrimaryKeyBlob
     exit 1;
     fi
     echo ""
     rm -f PrimaryKeyBlob
 fi

 #END
	#!/bin/sh

	# Utility Script to create a primary key
	# Uses TCTI as device
	# It takes three arguments, a STORAGE HANDLE, the RH_OWNER Password and the KEY PASSWORD
	SRKHANDLE=$1
	O_PASSWORD=$2
	KEY_PASSWORD=$3

	# TPM Startup
	echo "tpm2_startup --clear -T device --verbose"
	tpm2_startup --clear -T device --verbose
	if [ $? -ne 0 ]; then echo; echo -e "${RED}Error, Exit.";
	error=$(echo "TPM Startup failed"); flag="0";
	echo "flag:${flag}" >> ${WORKDIR}/tpm_status.yaml;
	echo "error:${error}" >> ${WORKDIR}/tpm_status.yaml;
	exit 1;
	fi
	echo ""

	#Check if Primary Key already exists
	echo "tpm2_readpublic -H ${SRKHANDLE} --opu out_primary_public -T device --verbose"
	tpm2_readpublic -H ${SRKHANDLE} --opu out_primary_public -T device -V

	if [ $? -ne 0 ]; then echo; echo -e "${YELLOW} Primary Key does not exist, creating...";
	rm -f PrimaryKeyBlob
	echo "tpm2_createprimary -P ${O_PASSWORD} -K ${KEY_PASSWORD} -H o -g 0x000B
	-G 0x0001 -T device -V -C PrimaryKeyBlob"

	tpm2_createprimary -P ${O_PASSWORD} -K ${KEY_PASSWORD} -H o -g 0x000B \
	-G 0x0001 -T device -V -C PrimaryKeyBlob

	if [ $? -ne 0 ]; then echo; echo -e "${RED}Error, Exit.";
	error=$(echo "Error: TPM create Primary key failed");
	echo "$error"; flag="0";
	echo "flag:${flag}" >> ${WORKDIR}/tpm_status.yaml;
	echo "error:${error}" >> ${WORKDIR}/tpm_status.yaml;
	exit 1;
	fi
	echo ""


	#Store Primary Key in TPMs NV RAM
	echo "tpm2_evictcontrol -A o -c ./PrimaryKeyBlob -S ${SRKHANDLE}
	-T device -V -P ${O_PASSWORD}"

	tpm2_evictcontrol -A o -c ./PrimaryKeyBlob -S ${SRKHANDLE} \
	-T device -V -P ${O_PASSWORD}

	if [ $? -ne 0 ]; then echo; echo -e "${RED}Error, Exit.";
	error=$(echo "Error: Inserting Primary Key failed");
	echo "$error"; flag="0";
	echo "flag:${flag}" >> ${WORKDIR}/tpm_status.yaml;
	echo "errror:${error}" >> ${WORKDIR}/tpm_status.yaml;
	rm -f PrimaryKeyBlob
	exit 1;
	fi
	echo ""
	rm -f PrimaryKeyBlob
	fi

	#END