embox
1#!/usr/bin/env bash
2
3# libnss3-dev, libnss3-tools, libcacard-dev packages are required
4# to run properly
5
6FAKE_SMARTCARD="fake_smartcard.img"
7
8if [ -d $FAKE_SMARTCARD ]; then
9echo "$FAKE_SMARTCARD found."
10else
11echo "$FAKE_SMARTCARD not found. A new one will be created now..."
12(
13# It's taken from QEMU's docs/ccid.txt
14mkdir $FAKE_SMARTCARD
15cd $FAKE_SMARTCARD || { echo "Failed to cd to $FAKE_SMARTCARD"; exit 1; }
16certutil -N -d sql:"$PWD"
17certutil -S -d sql:"$PWD" -s "CN=Fake Smart Card CA" -x -t TC,TC,TC -n fake-smartcard-ca
18certutil -S -d sql:"$PWD" -t ,, -s "CN=John Doe" -n id-cert -c fake-smartcard-ca
19certutil -S -d sql:"$PWD" -t ,, -s "CN=John Doe (signing)" --nsCertType smime -n signing-cert -c fake-smartcard-ca
20certutil -S -d sql:"$PWD" -t ,, -s "CN=John Doe (encryption)" --nsCertType sslClient -n encryption-cert -c fake-smartcard-ca
21) || {
22# In case of fail just exit and do not remove $FAKE_SMARTCARD
23# to allow to conduct investigation
24exit 1
25}
26
27fi
28
29./scripts/qemu/auto_qemu \
30-device usb-ccid \
31-device ccid-card-emulated,backend=certificates,db=sql:$FAKE_SMARTCARD,cert1=id-cert,cert2=signing-cert,cert3=encryption-cert \
32"$@"
33