#
# Demo smartcard ZSK generation script
#
if [ -z "$DOMAIN" ]; then echo "You must \"export DOMAIN=yourdomain\" first"; exit 1; fi
export PKCS11_LIBRARY_PATH="/opt/dccom/lib/opensc-pkcs11.so"
read -s -p "HSM PIN: " PKCS11_LIBRARY_PIN
echo ""
export PKCS11_LIBRARY_PIN
cnt=1
while [ $cnt -le 2 ]; do
  echo "Generating 1024 bit RSA SHA256 ZSK"
  dnssec-keygen -a 8 -b 1024 $DOMAIN.
  cnt=$(( $cnt + 1 ))
done
echo "Run \"cardshow\" to see keys on smartcard"
#
# end
#