kmscfg.pl revision 4f14b0f29aa144cc03efdde5508ae126ae197acf
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#
# This program initializes the private data needed to initialize
# the PKCS#11 KMS provider (/usr/lib/security/pkcs11_kms.so.1) in
# the Solaris Cryptographic Framework.
#
# It takes the following options:
# [-p Profile Name]
# [-a Agent ID]
# [-i Agent Address]
# [-t Transaction Timeout]
# [-f Failover Limit]
# [-d Discovery Frequency]
# [-?]
#
use strict;
use warnings;
use locale;
sub fatal {
print STDERR @_;
exit(1);
}
sub usage {
"\t[-p[rofile] Profile Name] The name of the KMA profile to use.\n" .
"\t[-a[gent] Agent ID] The KMA agent ID.\n" .
"\t[-i[paddr] Agent Address] Address of the KMA\n" .
"\t[-t[imeout] Transaction Timeout] Transaction timeout period (integer)\n" .
"\t[-f[ailover] Failover Limit] Maximum failover limit (integer)\n" .
"\t[-d[iscovery] Discovery Freq] Frequency to attempt KMA discovery\n");
exit(1);
}
sub get_input {
my $resp;
if (length($default)) {
print "$prompt [$default]: ";
} else {
print "$prompt: ";
}
if (length($default)) {
}
return $resp;
}
my (%opt);
my $TOKENDIR;
if (exists($ENV{KMSTOKEN_DIR})) {
} else {
my $name = getpwuid($<);
}
my $cfgfile = "$TOKENDIR/kmstoken.cfg";
if ( ! -d $TOKENDIR ) {
}
if (-f $cfgfile) {
my $ans;
gettext("already exists,\n" .
"do you want to overwrite it (Y/n)? ");
if (length($ans)) {
exit(0);
}
}
}
if (!exists($opt{'p'})) {
if (!length($profile)) {
}
} else {
}
if (!exists($opt{'a'})) {
if (!length($agentid)) {
}
} else {
}
if (!exists($opt{'i'})) {
if (!length($address)) {
}
} else {
}
if (!exists($opt{'t'})) {
$timeout = 10;
} else {
}
if (!exists($opt{'f'})) {
$failover = 3;
} else {
}
if (!exists($opt{'d'})) {
$discovery = 10;
} else {
}
# Save the old one
if (-f $cfgfile) {
rename($cfgfile, "$cfgfile.old");
}
my $FH;
open($FH, ">$cfgfile");
print $FH "#\n# Profile Name\n#\n$profile\n";
print $FH "#\n# Agent ID\n#\n$agentid\n";
print $FH "#\n# KMA Address\n#\n$address\n";
print $FH "#\n# Transaction Timeout\n#\n$timeout\n";
print $FH "#\n# Failover Limit\n#\n$failover\n";
print $FH "#\n# Discovery Frequency\n#\n$discovery\n";
print $FH "#\n# Security Mode\n#\n1\n";
close ($FH);
exit(0);