embox

1
#!/usr/bin/env bash
2

3
# libnss3-dev, libnss3-tools, libcacard-dev packages are required
4
# to run properly
5

6
FAKE_SMARTCARD="fake_smartcard.img"
7

8
if [ -d $FAKE_SMARTCARD ]; then
9
	echo "$FAKE_SMARTCARD found."
10
else
11
	echo "$FAKE_SMARTCARD not found. A new one will be created now..."
12
	(
13
	    # It's taken from QEMU's docs/ccid.txt
14
	    mkdir $FAKE_SMARTCARD
15
	    cd $FAKE_SMARTCARD || { echo "Failed to cd to $FAKE_SMARTCARD"; exit 1; }
16
	    certutil -N -d sql:"$PWD"
17
	    certutil -S -d sql:"$PWD" -s "CN=Fake Smart Card CA" -x -t TC,TC,TC -n fake-smartcard-ca
18
	    certutil -S -d sql:"$PWD" -t ,, -s "CN=John Doe" -n id-cert -c fake-smartcard-ca
19
	    certutil -S -d sql:"$PWD" -t ,, -s "CN=John Doe (signing)" --nsCertType smime -n signing-cert -c fake-smartcard-ca
20
	    certutil -S -d sql:"$PWD" -t ,, -s "CN=John Doe (encryption)" --nsCertType sslClient -n encryption-cert -c fake-smartcard-ca
21
	) || {
22
	    # In case of fail just exit and do not remove $FAKE_SMARTCARD
23
	    # to allow to conduct investigation
24
	    exit 1
25
	}
26

27
fi
28

29
./scripts/qemu/auto_qemu \
30
	-device usb-ccid \
31
	-device ccid-card-emulated,backend=certificates,db=sql:$FAKE_SMARTCARD,cert1=id-cert,cert2=signing-cert,cert3=encryption-cert \
32
	"$@"
33