crypt-gpg: Rework setup for CCID smartcard support

author Moritz Maxeiner <moritz@ucworks.org>

Thu, 30 Mar 2017 12:17:05 +0000 (14:17 +0200)

committer Moritz Maxeiner <moritz@ucworks.org>

Thu, 30 Mar 2017 12:17:05 +0000 (14:17 +0200)
author Moritz Maxeiner <moritz@ucworks.org>
Thu, 30 Mar 2017 12:17:05 +0000 (14:17 +0200)
committer Moritz Maxeiner <moritz@ucworks.org>
Thu, 30 Mar 2017 12:17:05 +0000 (14:17 +0200)
diff --git a/modules.d/91crypt-gpg/module-setup.sh b/modules.d/91crypt-gpg/module-setup.sh

index 1323a1810cc3bfd703fee7285ecf6d25e9f1a82a..bb34676f3ce5f451249eeb6251ca078a703c8b77 100755 (executable)
--- a/modules.d/91crypt-gpg/module-setup.sh
+++ b/modules.d/91crypt-gpg/module-setup.sh
@@ -5,10 +5,11 @@
  check() {
      require_binaries gpg || return 1
  
-    if [ -f "${initdir}/root/crypt-public-key.gpg" ]; then
-        require_binaries gpg-agent || return 1
-        require_binaries gpg-connect-agent || return 1
-        require_binaries /usr/libexec/scdaemon || return 1
+    if sc_requested; then
+        if ! sc_supported; then
+            dwarning "crypt-gpg: GnuPG >= 2.1 with scdaemon and libusb required for ccid smartcard support"
+            return 1
+        fi
      fi
  
      return 255
@@ -24,14 +25,37 @@ install() {
      inst_multiple gpg
      inst "$moddir/crypt-gpg-lib.sh" "/lib/dracut-crypt-gpg-lib.sh"
  
-    local gpgMajorVersion="$(gpg --version | sed -n 1p | sed -n -r -e 's|.* ([0-9]*).*|\1|p')"
-    local gpgMinorVersion="$(gpg --version | sed -n 1p | sed -n -r -e 's|.* [0-9]*\.([0-9]*).*|\1|p')"
-    if [ "${gpgMajorVersion}" -ge 2 ] && [ "${gpgMinorVersion}" -ge 1 ] && [ -f /etc/dracut.conf.d/crypt-public-key.gpg ]; then
+    if sc_requested; then
          inst_multiple gpg-agent
          inst_multiple gpg-connect-agent
-        inst_multiple /usr/libexec/scdaemon || derror "crypt-gpg: gnugpg with scdaemon required for smartcard support in the initramfs"
-        cp "/etc/dracut.conf.d/crypt-public-key.gpg" "${initdir}/root/"
-    elif [ -f /etc/dracut.conf.d/crypt-public-key.gpg ]; then
-        dwarning "crypt-gpg: gnupg >= 2.1 required for smartcard support in the initramfs"
+        inst_multiple /usr/libexec/scdaemon
+        cp "$(sc_public_key)" "${initdir}/root/"
+    fi
+}
+
+sc_public_key() {
+    echo -n "/etc/dracut.conf.d/crypt-public-key.gpg"
+}
+
+# CCID Smartcard support requires GnuPG >= 2.1 with scdaemon and libusb
+sc_supported() {
+    local gpgMajor="$(gpg --version | sed -n 1p | sed -n -r -e 's|.* ([0-9]*).*|\1|p')"
+    local gpgMinor="$(gpg --version | sed -n 1p | sed -n -r -e 's|.* [0-9]*\.([0-9]*).*|\1|p')"
+    if [[ "${gpgMajor}" -gt 2 || "${gpgMajor}" -eq 2 && "${gpgMinor}" -ge 1 ]] && \
+       require_binaries gpg-agent &&
+       require_binaries gpg-connect-agent &&
+       require_binaries /usr/libexec/scdaemon &&
+       (ldd /usr/libexec/scdaemon | grep libusb > /dev/null); then
+        return 0
+    else
+        return 1
+    fi
+}
+
+sc_requested() {
+    if [ -f "$(sc_public_key)" ]; then
+        return 0
+    else
+        return 1
      fi
  }
author	Moritz Maxeiner <moritz@ucworks.org>
	Thu, 30 Mar 2017 12:17:05 +0000 (14:17 +0200)
committer	Moritz Maxeiner <moritz@ucworks.org>
	Thu, 30 Mar 2017 12:17:05 +0000 (14:17 +0200)