@@ -231,35 +231,6 @@ signing_get_root_cert() {
echo "${cert_name}"
}
-# signing_import_cert_chain_from_pem <role> <pem>
-#
-# Import a certificate *chain* from a PEM file to a role.
-# (e.g. multiple ones concatenated in one file)
-#
-# Due to limitations in the toolchain:
-# signing class -> softhsm -> 'extract-cert'
-# the input certificate is split into a sequentially numbered list of roles,
-# starting at <role>_1
-#
-# (The limitations are the conversion step from x509 to a plain .der, and
-# extract-cert expecting a x509 and then producing only plain .der again)
-signing_import_cert_chain_from_pem() {
- local role="${1}"
- local pem="${2}"
- local i=1
-
- cat "${pem}" | \
- while openssl x509 -inform pem -outform der -out ${B}/temp_${i}.der; do
- signing_import_define_role "${role}_${i}"
- signing_pkcs11_tool --type cert \
- --write-object ${B}/temp_${i}.der \
- --label "${role}_${i}"
- rm ${B}/temp_${i}.der
- echo "imported ${pem} under role: ${role}_${i}"
- i=$(awk "BEGIN {print $i+1}")
- done
-}
-
# signing_import_cert_from_pem <cert_name> <pem>
#
# Import a certificate from PEM file to a cert_name.