From 0982fcb2e5ae334790851fa8ff7cf65281842ad1 Mon Sep 17 00:00:00 2001

From: Moritz Maxeiner <moritz@ucworks.org>

Date: Thu, 30 Mar 2017 14:17:05 +0200

Subject: [PATCH] crypt-gpg: Rework setup for CCID smartcard support

---

 modules.d/91crypt-gpg/module-setup.sh | 46 ++++++++++++++++++++++++++---------

 1 file changed, 35 insertions(+), 11 deletions(-)

diff --git a/modules.d/91crypt-gpg/module-setup.sh b/modules.d/91crypt-gpg/module-setup.sh

index 1323a181..bb34676f 100755

--- a/modules.d/91crypt-gpg/module-setup.sh

+++ b/modules.d/91crypt-gpg/module-setup.sh

@@ -5,10 +5,11 @@

 check() {

     require_binaries gpg || return 1

-    if [ -f "${initdir}/root/crypt-public-key.gpg" ]; then

-        require_binaries gpg-agent || return 1

-        require_binaries gpg-connect-agent || return 1

-        require_binaries /usr/libexec/scdaemon || return 1

+    if sc_requested; then

+        if ! sc_supported; then

+            dwarning "crypt-gpg: GnuPG >= 2.1 with scdaemon and libusb required for ccid smartcard support"

+            return 1

+        fi

     fi

     return 255

@@ -24,14 +25,37 @@ install() {

     inst_multiple gpg

     inst "$moddir/crypt-gpg-lib.sh" "/lib/dracut-crypt-gpg-lib.sh"

-    local gpgMajorVersion="$(gpg --version | sed -n 1p | sed -n -r -e 's|.* ([0-9]*).*|\1|p')"

-    local gpgMinorVersion="$(gpg --version | sed -n 1p | sed -n -r -e 's|.* [0-9]*\.([0-9]*).*|\1|p')"

-    if [ "${gpgMajorVersion}" -ge 2 ] && [ "${gpgMinorVersion}" -ge 1 ] && [ -f /etc/dracut.conf.d/crypt-public-key.gpg ]; then

+    if sc_requested; then

         inst_multiple gpg-agent

         inst_multiple gpg-connect-agent

-        inst_multiple /usr/libexec/scdaemon || derror "crypt-gpg: gnugpg with scdaemon required for smartcard support in the initramfs"

-        cp "/etc/dracut.conf.d/crypt-public-key.gpg" "${initdir}/root/"

-    elif [ -f /etc/dracut.conf.d/crypt-public-key.gpg ]; then

-        dwarning "crypt-gpg: gnupg >= 2.1 required for smartcard support in the initramfs"

+        inst_multiple /usr/libexec/scdaemon

+        cp "$(sc_public_key)" "${initdir}/root/"

+    fi

+}

+

+sc_public_key() {

+    echo -n "/etc/dracut.conf.d/crypt-public-key.gpg"

+}

+

+# CCID Smartcard support requires GnuPG >= 2.1 with scdaemon and libusb

+sc_supported() {

+    local gpgMajor="$(gpg --version | sed -n 1p | sed -n -r -e 's|.* ([0-9]*).*|\1|p')"

+    local gpgMinor="$(gpg --version | sed -n 1p | sed -n -r -e 's|.* [0-9]*\.([0-9]*).*|\1|p')"

+    if [[ "${gpgMajor}" -gt 2 || "${gpgMajor}" -eq 2 && "${gpgMinor}" -ge 1 ]] && \

+       require_binaries gpg-agent &&

+       require_binaries gpg-connect-agent &&

+       require_binaries /usr/libexec/scdaemon &&

+       (ldd /usr/libexec/scdaemon | grep libusb > /dev/null); then

+        return 0

+    else

+        return 1

+    fi

+}

+

+sc_requested() {

+    if [ -f "$(sc_public_key)" ]; then

+        return 0

+    else

+        return 1

     fi

 }