diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 17:44:13 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 17:44:13 +0000 |
commit | 1103cc2d299a0f29631f9f5322d93efcca8098c7 (patch) | |
tree | 656763a55c9de10b1de70761e3d0b8d44056af1d /debian/scripts/decrypt_gnupg-sc | |
parent | Adding upstream version 2:2.3.7. (diff) | |
download | cryptsetup-debian.tar.xz cryptsetup-debian.zip |
Adding debian version 2:2.3.7-1+deb11u1.debian/2%2.3.7-1+deb11u1debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/scripts/decrypt_gnupg-sc')
-rw-r--r-- | debian/scripts/decrypt_gnupg-sc | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/debian/scripts/decrypt_gnupg-sc b/debian/scripts/decrypt_gnupg-sc new file mode 100644 index 0000000..84eb62c --- /dev/null +++ b/debian/scripts/decrypt_gnupg-sc @@ -0,0 +1,44 @@ +#!/bin/sh + +if [ -d "/cryptroot/gnupghome" ]; then + export GNUPGHOME="/cryptroot/gnupghome" +fi + +run_gpg() { + gpg --no-options --trust-model=always "$@" +} +decrypt_gpg () { + local console _ + if ! GPG_TTY="$(tty)"; then + read console _ </proc/consoles + GPG_TTY="/dev/$console" + fi + export GPG_TTY + + if ! run_gpg --decrypt -- "$1"; then + return 1 + fi + return 0 +} + +# `gpg-connect-agent LEARN /bye` is another (lighter) way, but it's +# harder to retrieve the return code +if ! run_gpg --batch --quiet --no-tty --card-status >/dev/null; then + echo "Please insert OpenPGP SmartCard..." >&2 + until run_gpg --batch --quiet --no-tty --card-status; do + sleep 1 + done >/dev/null 2>&1 +fi + +if [ ! -x /usr/bin/gpg ]; then + echo "$0: /usr/bin/gpg is not available" >&2 + exit 1 +fi + +if [ -z "$1" ] || [ ! -f "$1" ]; then + echo "$0: missing key as argument" >&2 + exit 1 +fi + +decrypt_gpg "$1" +exit $? |