Add 'mkinitcpio-pkcs11/' from commit '84be5ba124dae2db0f64a3d5570fb6daba73eed2'

git-subtree-dir: mkinitcpio-pkcs11
git-subtree-mainline: e92177a32cb23deded7fbbfc9722083ff46403f5
git-subtree-split: 84be5ba124dae2db0f64a3d5570fb6daba73eed2

5 files changed, 76 insertions, 0 deletions

diff --git a/mkinitcpio-pkcs11/.SRCINFO b/mkinitcpio-pkcs11/.SRCINFO
new file mode 100644
index 0000000..1810e67
--- /dev/null
+++ b/mkinitcpio-pkcs11/.SRCINFO
@@ -0,0 +1,16 @@
+pkgbase = mkinitcpio-pkcs11
+	pkgdesc = Install pkcs11 in early boot (systemd cryptsetyp.target) using pcscd.socket
+	pkgver = 0.3
+	pkgrel = 1
+	arch = any
+	depends = ccid
+	depends = opensc
+	depends = pcsclite
+	depends = p11-kit
+	depends = gnutls
+	source = pkcs11_install
+	source = opensc.module
+	sha256sums = 0c62dd5eb978268ed13be851b9ac46dee9aaa52c655061da5ece4c69ab4ff8f7
+	sha256sums = fea71e2e2c1853bba034106d4eb40646a787ed900fef883e09d38dcb29675db4
+
+pkgname = mkinitcpio-pkcs11
diff --git a/mkinitcpio-pkcs11/.gitignore b/mkinitcpio-pkcs11/.gitignore
new file mode 100644
index 0000000..37d234f
--- /dev/null
+++ b/mkinitcpio-pkcs11/.gitignore
@@ -0,0 +1,4 @@
+*.pkg.tar.xz
+*.pkg.tar.zst
+pkg/
+src/
diff --git a/mkinitcpio-pkcs11/PKGBUILD b/mkinitcpio-pkcs11/PKGBUILD
new file mode 100644
index 0000000..d75729a
--- /dev/null
+++ b/mkinitcpio-pkcs11/PKGBUILD
@@ -0,0 +1,16 @@
+pkgname=mkinitcpio-pkcs11
+pkgver=0.3
+pkgrel=1
+pkgdesc='Install pkcs11 in early boot (systemd cryptsetyp.target) using pcscd.socket'
+depends=('ccid' 'opensc' 'pcsclite' 'p11-kit' 'gnutls')
+arch=('any')
+source=('pkcs11_install' 'opensc.module')
+sha256sums=(
+  '0c62dd5eb978268ed13be851b9ac46dee9aaa52c655061da5ece4c69ab4ff8f7'
+  'fea71e2e2c1853bba034106d4eb40646a787ed900fef883e09d38dcb29675db4'
+)
+
+package() {
+    install -D -m644 "pkcs11_install" "$pkgdir/usr/lib/initcpio/install/pkcs11"
+    install -D -m644 "opensc.module" "$pkgdir/etc/pkcs11/modules/opensc.module"
+}
diff --git a/mkinitcpio-pkcs11/opensc.module b/mkinitcpio-pkcs11/opensc.module
new file mode 100644
index 0000000..fd1c1d9
--- /dev/null
+++ b/mkinitcpio-pkcs11/opensc.module
@@ -0,0 +1 @@
+module: opensc-pkcs11.so
diff --git a/mkinitcpio-pkcs11/pkcs11_install b/mkinitcpio-pkcs11/pkcs11_install
new file mode 100644
index 0000000..0643423
--- /dev/null
+++ b/mkinitcpio-pkcs11/pkcs11_install
@@ -0,0 +1,39 @@
+#!/bin/bash
+
+build() {
+
+    # CCID
+    add_file /etc/libccid_Info.plist
+    add_file /etc/reader.conf.d/libccidtwin
+    add_file /usr/lib/pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist
+    add_binary /usr/lib/pcsc/drivers/ifd-ccid.bundle/Contents/Linux/libccid.so
+    add_binary /usr/lib/pcsc/drivers/serial/libccidtwin.so
+
+    # OPENSC
+    add_file /etc/opensc.conf
+    add_binary /usr/lib/opensc-pkcs11.so
+    add_binary /usr/lib/pkcs11/opensc-pkcs11.so
+
+    # PCSCLITE
+    add_binary /usr/lib/libpcsclite.so
+
+    # PCSCD at boot before cryptsetup
+    add_systemd_unit pcscd.service
+    add_systemd_unit pcscd.socket
+    add_symlink /usr/lib/systemd/system/cryptsetup.target.wants/pcscd.socket ../pcscd.socket
+
+    # MISC
+    add_binary /usr/bin/p11tool
+    add_file /etc/pkcs11/modules/opensc.module
+
+}
+
+help() {
+    cat <<HELPEOF
+Add and early start (ie before cryptsetup) the pcscd socket service. This
+allow cryptsetup "pkcs11-uri=auto" to find yubikey piv based token. Required
+package are: ccid opensc and pcsclite. Use with systemd and sd-encrypt hook.
+HELPEOF
+}
+
+# vim: set ft=sh ts=4 sw=4 et: