diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 08:06:26 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 08:06:26 +0000 |
commit | fd888e850cf413955483bfb993aeeea5ea611289 (patch) | |
tree | 6148fed3d1f30272c48403f4cdefa59c2b7e1513 /debian/scripts/decrypt_opensc | |
parent | Adding upstream version 2:2.6.1. (diff) | |
download | cryptsetup-fd888e850cf413955483bfb993aeeea5ea611289.tar.xz cryptsetup-fd888e850cf413955483bfb993aeeea5ea611289.zip |
Adding debian version 2:2.6.1-4~deb12u2.debian/2%2.6.1-4_deb12u2debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/scripts/decrypt_opensc')
-rw-r--r-- | debian/scripts/decrypt_opensc | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/debian/scripts/decrypt_opensc b/debian/scripts/decrypt_opensc new file mode 100644 index 0000000..b06fc98 --- /dev/null +++ b/debian/scripts/decrypt_opensc @@ -0,0 +1,46 @@ +#!/bin/sh + +# Why not use "openct-tool rwait" instead of polling opensc-tool exit status? +# Well openct daemon has to be running which interferes with pcscd since both +# implement reader drivers, my particular CCID reader (SCM SCR331-LC1) doesn't +# work with the CCID driver in openct, however it does work with pcscd. + +# Why not use "opensc-tool --wait" instead of polling opensc-tool exit status? +# Although opensc-tool --help reports that there is a --wait option, it doesn't +# seem to be implemented. + +check_card() { + cardfound=0 + + if /usr/bin/opensc-tool -n >/dev/null 2>&1; then + cardfound=1 + fi +} + +wait_card() { + check_card + if [ $cardfound = 0 ] ; then + echo "Waiting for Smart Card..." >&2 + tries=0 + while [ $cardfound = 0 ] && [ $tries -lt 60 ] ; do + sleep 1 + check_card + tries=$(($tries + 1)) + done + if [ $cardfound = 0 ] ; then + echo 'Failed to find Smart Card card!' >&2 + exit 1 + fi + fi +} + +wait_card +if [ -x /bin/plymouth ] && plymouth --ping; then + # Get pin number from plymouth + /usr/bin/pkcs15-crypt --decipher --input "$1" --pkcs1 --raw \ + --pin "$(plymouth ask-for-password --prompt "Enter pin for $CRYPTTAB_NAME: ")" +else + # Get pin number from console + /usr/bin/pkcs15-crypt --decipher --input "$1" --pkcs1 --raw </dev/console 2>/dev/console +fi +exit $? |