3 files changed, 64 insertions, 0 deletions

diff --git a/external/meta-updater/recipes-support/softhsm-testtoken/files/createtoken.service b/external/meta-updater/recipes-support/softhsm-testtoken/files/createtoken.service
new file mode 100644
index 00000000..23317b90
--- /dev/null
+++ b/external/meta-updater/recipes-support/softhsm-testtoken/files/createtoken.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Create a mock smartcard for testing
+Before=aktualizr.service
+RequiredBy=aktualizr.service
+
+[Service]
+RestartSec=10
+Restart=on-failure
+ExecStart=/usr/bin/createtoken.sh
+
+[Install]
+WantedBy=aktualizr.service
diff --git a/external/meta-updater/recipes-support/softhsm-testtoken/files/createtoken.sh b/external/meta-updater/recipes-support/softhsm-testtoken/files/createtoken.sh
new file mode 100644
index 00000000..fa4569d9
--- /dev/null
+++ b/external/meta-updater/recipes-support/softhsm-testtoken/files/createtoken.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+if pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so -O; then
+	# The token has already been initialized, exit
+	exit 0
+fi
+
+if ! ls /var/sota/import/pkey.pem /var/sota/import/client.pem; then
+	# Key/certificate pair is not present, repeat
+	exit 1
+fi
+
+mkdir -p /var/lib/softhsm/tokens
+softhsm2-util --init-token --slot 0 --label "Virtual token" --pin 1234 --so-pin 1234
+
+openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in /var/sota/import/pkey.pem -out /var/sota/import/pkey.p8
+softhsm2-util --import /var/sota/import/pkey.p8 --label "pkey" --id 02 --token 'Virtual token' --pin 1234
+openssl x509 -outform der -in /var/sota/import/client.pem -out /var/sota/import/client.der
+pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so --id 1 --write-object /var/sota/import/client.der --type cert --login --pin 1234
+
+# Import UPTANE keypair if it exists
+if [ -f /var/sota/import/ecukey.pem ]; then
+	openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in /var/sota/import/ecukey.pem -out /var/sota/import/ecukey.p8
+	softhsm2-util --import /var/sota/import/ecukey.p8 --label "uptanekey" --id 03 --token 'Virtual token' --pin 1234
+fi
+
+exit 0
diff --git a/external/meta-updater/recipes-support/softhsm-testtoken/softhsm-testtoken.bb b/external/meta-updater/recipes-support/softhsm-testtoken/softhsm-testtoken.bb
new file mode 100644
index 00000000..58b521c3
--- /dev/null
+++ b/external/meta-updater/recipes-support/softhsm-testtoken/softhsm-testtoken.bb
@@ -0,0 +1,25 @@
+SUMMARY = "Mock smartcard for aktualizr"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+
+inherit systemd
+
+RDEPENDS_${PN} = "softhsm libp11 openssl-bin"
+DEPENDS_append = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', ' systemd', '', d)}"
+
+
+SRC_URI = "file://createtoken.service \
+	   file://createtoken.sh"
+
+SYSTEMD_SERVICE_${PN} = "createtoken.service"
+
+do_install() {
+  install -d ${D}${systemd_unitdir}/system
+  install -m 0644 ${WORKDIR}/createtoken.service ${D}${systemd_unitdir}/system/createtoken.service
+  install -d ${D}${bindir}
+  install -m 0744 ${WORKDIR}/createtoken.sh ${D}${bindir}/createtoken.sh
+}
+
+FILES_${PN} = "${bindir}/createtoken.sh \
+	       ${systemd_unitdir}/system/createtoken.service"
+