1195a1a762
* Decipher command * Smartcard presence test
75 lines
2.1 KiB
Bash
Executable file
75 lines
2.1 KiB
Bash
Executable file
#!/bin/sh
|
|
|
|
set -e
|
|
|
|
PREREQ="cryptroot"
|
|
|
|
prereqs()
|
|
{
|
|
echo "$PREREQ"
|
|
}
|
|
|
|
case "$1" in
|
|
prereqs)
|
|
prereqs
|
|
exit 0
|
|
;;
|
|
esac
|
|
|
|
. /usr/share/initramfs-tools/hook-functions
|
|
. /lib/cryptsetup/functions
|
|
|
|
if [ ! -x "$DESTDIR/lib/cryptsetup/scripts/decrypt_pkcs" ] || [ ! -f "$TABFILE" ]; then
|
|
exit 0
|
|
fi
|
|
|
|
# Fetching local parameters
|
|
if [ -f /etc/default/decrypt_pkcs ] ; then
|
|
. /etc/default/decrypt_pkcs
|
|
fi
|
|
DECIPHER_COMMAND=${DECIPHER_COMMAND:-/usr/bin/pkcs15-crypt}
|
|
SMARTCARD_PRESENCE_COMMAND=${SMARTCARD_PRESENCE_COMMAND:-/usr/bin/opensc-tool}
|
|
|
|
# Hooks for loading smartcard reading software into the initramfs
|
|
copy_keys() {
|
|
crypttab_parse_options
|
|
if [ "${CRYPTTAB_OPTION_keyscript-}" = "/lib/cryptsetup/scripts/decrypt_pkcs" ]; then
|
|
if [ -f "$CRYPTTAB_KEY" ]; then
|
|
[ -f "$DESTDIR$CRYPTTAB_KEY" ] || copy_file keyfile "$CRYPTTAB_KEY" || RV=$?
|
|
else
|
|
cryptsetup_message "ERROR: Target $CRYPTTAB_NAME has a non-existing key file $CRYPTTAB_KEY"
|
|
RV=1
|
|
fi
|
|
fi
|
|
}
|
|
|
|
RV=0
|
|
#copy default key
|
|
crypttab_foreach_entry copy_keys
|
|
#copy all users keys
|
|
#mkdir -p "$DESTDIR/etc/keys"
|
|
#cp /etc/keys/pass*.enc "$DESTDIR/etc/keys/"
|
|
|
|
# Install directories needed by smartcard reading daemon, command, and
|
|
# key-script
|
|
mkdir -p -- "$DESTDIR/etc/opensc" "$DESTDIR/usr/lib/pcsc" "$DESTDIR/var/run" "$DESTDIR/tmp" "$DESTDIR/etc/default"
|
|
|
|
# Install pcscd daemon, drivers, conf file
|
|
copy_exec /usr/sbin/pcscd
|
|
LIBC_DIR="$(ldd /usr/sbin/pcscd | sed -nr 's#.* => (/lib.*)/libc\.so\.[0-9.-]+ \(0x[[:xdigit:]]+\)$#\1#p')"
|
|
find -L "$LIBC_DIR" "/usr$LIBC_DIR" -maxdepth 1 \( -name 'libgcc_s.*' -o -name 'libusb-*.so*' -o -name 'libpcsclite.so*' \) -type f | while read so; do
|
|
copy_exec "$so"
|
|
done
|
|
|
|
cp -rt "$DESTDIR/usr/lib" /usr/lib/pcsc
|
|
cp -t "$DESTDIR/etc" /etc/reader.conf || true
|
|
cp -t "$DESTDIR/etc" /etc/libccid_Info.plist
|
|
|
|
# Install opensc commands and conf file
|
|
copy_exec /usr/bin/opensc-tool
|
|
copy_exec $SMARTCARD_PRESENCE_COMMAND
|
|
copy_exec $DECIPHER_COMMAND
|
|
cp -t "$DESTDIR/etc/opensc" /etc/opensc/opensc.conf
|
|
cp -t "$DESTDIR/etc/default" /etc/default/decrypt_pkcs
|
|
|
|
exit $RV
|