aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--mkinitcpio-pkcs11/.SRCINFO16
-rw-r--r--mkinitcpio-pkcs11/.gitignore4
-rw-r--r--mkinitcpio-pkcs11/PKGBUILD16
-rw-r--r--mkinitcpio-pkcs11/opensc.module1
-rw-r--r--mkinitcpio-pkcs11/pkcs11_install39
5 files changed, 76 insertions, 0 deletions
diff --git a/mkinitcpio-pkcs11/.SRCINFO b/mkinitcpio-pkcs11/.SRCINFO
new file mode 100644
index 0000000..1810e67
--- /dev/null
+++ b/mkinitcpio-pkcs11/.SRCINFO
@@ -0,0 +1,16 @@
+pkgbase = mkinitcpio-pkcs11
+ pkgdesc = Install pkcs11 in early boot (systemd cryptsetyp.target) using pcscd.socket
+ pkgver = 0.3
+ pkgrel = 1
+ arch = any
+ depends = ccid
+ depends = opensc
+ depends = pcsclite
+ depends = p11-kit
+ depends = gnutls
+ source = pkcs11_install
+ source = opensc.module
+ sha256sums = 0c62dd5eb978268ed13be851b9ac46dee9aaa52c655061da5ece4c69ab4ff8f7
+ sha256sums = fea71e2e2c1853bba034106d4eb40646a787ed900fef883e09d38dcb29675db4
+
+pkgname = mkinitcpio-pkcs11
diff --git a/mkinitcpio-pkcs11/.gitignore b/mkinitcpio-pkcs11/.gitignore
new file mode 100644
index 0000000..37d234f
--- /dev/null
+++ b/mkinitcpio-pkcs11/.gitignore
@@ -0,0 +1,4 @@
+*.pkg.tar.xz
+*.pkg.tar.zst
+pkg/
+src/
diff --git a/mkinitcpio-pkcs11/PKGBUILD b/mkinitcpio-pkcs11/PKGBUILD
new file mode 100644
index 0000000..d75729a
--- /dev/null
+++ b/mkinitcpio-pkcs11/PKGBUILD
@@ -0,0 +1,16 @@
+pkgname=mkinitcpio-pkcs11
+pkgver=0.3
+pkgrel=1
+pkgdesc='Install pkcs11 in early boot (systemd cryptsetyp.target) using pcscd.socket'
+depends=('ccid' 'opensc' 'pcsclite' 'p11-kit' 'gnutls')
+arch=('any')
+source=('pkcs11_install' 'opensc.module')
+sha256sums=(
+ '0c62dd5eb978268ed13be851b9ac46dee9aaa52c655061da5ece4c69ab4ff8f7'
+ 'fea71e2e2c1853bba034106d4eb40646a787ed900fef883e09d38dcb29675db4'
+)
+
+package() {
+ install -D -m644 "pkcs11_install" "$pkgdir/usr/lib/initcpio/install/pkcs11"
+ install -D -m644 "opensc.module" "$pkgdir/etc/pkcs11/modules/opensc.module"
+}
diff --git a/mkinitcpio-pkcs11/opensc.module b/mkinitcpio-pkcs11/opensc.module
new file mode 100644
index 0000000..fd1c1d9
--- /dev/null
+++ b/mkinitcpio-pkcs11/opensc.module
@@ -0,0 +1 @@
+module: opensc-pkcs11.so
diff --git a/mkinitcpio-pkcs11/pkcs11_install b/mkinitcpio-pkcs11/pkcs11_install
new file mode 100644
index 0000000..0643423
--- /dev/null
+++ b/mkinitcpio-pkcs11/pkcs11_install
@@ -0,0 +1,39 @@
+#!/bin/bash
+
+build() {
+
+ # CCID
+ add_file /etc/libccid_Info.plist
+ add_file /etc/reader.conf.d/libccidtwin
+ add_file /usr/lib/pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist
+ add_binary /usr/lib/pcsc/drivers/ifd-ccid.bundle/Contents/Linux/libccid.so
+ add_binary /usr/lib/pcsc/drivers/serial/libccidtwin.so
+
+ # OPENSC
+ add_file /etc/opensc.conf
+ add_binary /usr/lib/opensc-pkcs11.so
+ add_binary /usr/lib/pkcs11/opensc-pkcs11.so
+
+ # PCSCLITE
+ add_binary /usr/lib/libpcsclite.so
+
+ # PCSCD at boot before cryptsetup
+ add_systemd_unit pcscd.service
+ add_systemd_unit pcscd.socket
+ add_symlink /usr/lib/systemd/system/cryptsetup.target.wants/pcscd.socket ../pcscd.socket
+
+ # MISC
+ add_binary /usr/bin/p11tool
+ add_file /etc/pkcs11/modules/opensc.module
+
+}
+
+help() {
+ cat <<HELPEOF
+Add and early start (ie before cryptsetup) the pcscd socket service. This
+allow cryptsetup "pkcs11-uri=auto" to find yubikey piv based token. Required
+package are: ccid opensc and pcsclite. Use with systemd and sd-encrypt hook.
+HELPEOF
+}
+
+# vim: set ft=sh ts=4 sw=4 et:
generated by cgit v1.2.3-70-g09d2 (git 2.49.0) at 2025-05-03 19:17:32 +0000