BitMaster/cesboastra_lic_srv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3 Commits 1 Branch 0 Tags
main
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
BitMaster Admin 03231fc154 Update readme.md
2023-12-11 05:59:16 +00:00
readme.md
Update readme.md
2023-12-11 05:59:16 +00:00

readme.md

How to make your Astra Cesbo license server

1. Install the required packages

apt install opensc-pkcs11 libpam-pkcs11 openssl opensc make build-essential libpkcs11-helper1 libpkcs11-helper1-dev libengine-gost-openssl1.1 -y

apt install composer php7.4 php7.4-cli php7.4-curl php7.4-fpm php7.4-gd php7.4-json php7.4-mbstring php7.4-mysql php7.4-snmp php7.4-xml php7.4-zip -y

wget https://dist.opendnssec.org/source/softhsm-2.3.0.tar.gz
tar -zxvf softhsm-2.3.0.tar.gz
cd softhsm-2.3.0
./configure
make
make install

git clone https://github.com/gamringer/php-pkcs11
cd php-pkcs11
phpize

make
make install

2. We set up our config files according to what we will use and what we need

vi /etc/softhsm/softhsm.conf
vi /etc/softhsm/softhsm2.conf
vi /etc/opensc/opensc-pkcs11.conf
vi /etc/opensc/opensc.conf
vi /etc/opensc/opensc-pkcs11.conf

3. We generate a certificate and create a virtual slot and add a token

openssl req -new -x509 -subj "/CN=MyCertTEST" -engine pkcs11 -keyform engine -key "pkcs11object=mykey1;pin-value=mysecret1" -outform der -out mycert.der

pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so -l -k --key-type rsa:2048 --id 4142 --label mykey1 --pin mysecret1

softhsm2-util --init-token --slot 0 --label "Astra WorldOfTV" --pin 1234 --so-pin 1234

We check if the virtual slot is created

➜ ~ pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so --list-slots
Available slots:
Slot 0 (0x45a3cef9): SoftHSM slot ID 0x45a3cef9
token label : Astra WorldofTV
token manufacturer : SoftHSM project
token model : SoftHSM v2
token flags : login required, rng, token initialized, PIN initialized, other flags=0x20
hardware version : 2.2
firmware version : 2.2
serial num : c604edf445a3cef9
pin min/max : 4/255
Slot 1 (0x1): SoftHSM slot ID 0x1

4. The script that will check the licenses

<?php
header('Content-Type: text/plain; charset=utf-8');
header('Connection: keep-alive');
$g = '+400';
$today = date("D, j M Y H:i:s",strtotime($g));  
$today = str_replace("AM","",str_replace("","",str_replace('','',$today)));
$test = " GMT";
header('Date: '.$today.''.$test.'');


$module = "/usr/lib/softhsm/libsofthsm2.so"; 
$slot = "0"; 
$pin = "1234"; 
$message = $_GET['media']; 
 
$pkcs11 = new \pkcs11($module); 
$pkcs11->login($slot, $pin); 
$privateKey = $pkcs11->findPrivateKey("CN=My Certificate"); 
 
$signature = $pkcs11->sign($privateKey, $message); 
//echo "Signature: " . bin2hex($signature) . "\n"; 

sleep(1);
  
     echo '{
  "email": "test@gmail.com()",
  "message": "OK",
  "id": "e49d90",
  "type": 4,
  "epass": "$key",
  "expire": 1680566400
 }';

?>
Reference in New Issue View Git Blame Copy Permalink
Description
How to make your Astra Cesbo license server
Readme 28 KiB