summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2015-07-03 01:08:21 -0500
committerTimothy Pearson <kb9vqf@pearsoncomputing.net>2015-07-03 01:08:21 -0500
commita87c27c80800fdd1d5313eb37b4c304615144cfb (patch)
treeedf6e302e958df32b20817feaca2d0306a3061b8
parent1dab477659e78c3118051c37840e3473e6403ce3 (diff)
downloadsmartcardauth-a87c27c8.tar.gz
smartcardauth-a87c27c8.zip
Add option to clear LUKS key from card
-rwxr-xr-xusr/bin/setupcard.sh16
1 files changed, 16 insertions, 0 deletions
diff --git a/usr/bin/setupcard.sh b/usr/bin/setupcard.sh
index dc052a0..34e9c4b 100755
--- a/usr/bin/setupcard.sh
+++ b/usr/bin/setupcard.sh
@@ -675,6 +675,16 @@ function loadlukskey {
fi
}
+function clearlukskey {
+ echo "Clearing LUKS key..."
+ authenticatecard "AUT1"
+ if [[ $authenticated = "1" ]]; then
+ dd if=/dev/zero of=$SECURE_DIRECTORY/smart.key.blank bs=255 count=1
+ update_file "10 01" "$SECURE_DIRECTORY/smart.key.blank"
+ rm -f $SECURE_DIRECTORY/smart.key.blank
+ fi
+}
+
function loadusername {
echo "Loading username..."
authenticatecard "AUT1"
@@ -744,6 +754,7 @@ while [[ 1 -eq 1 ]]; do
FALSE "Import LUKS encryption key from file to system" \
FALSE "Get LUKS encryption key from Smart Card [File 1001]" \
FALSE "Load LUKS encryption key into Smart Card [File 1001]" \
+ FALSE "Clear LUKS encryption key from Smart Card [File 1001]" \
FALSE "Load username into Smart Card [File 1002]" \
FALSE "Load password into Smart Card [File 1003]" \
FALSE "Update Smart Card Transport Keys [AUT1-AUT3]" \
@@ -759,6 +770,7 @@ while [[ 1 -eq 1 ]]; do
FALSE "Import LUKS encryption key from file to system" \
FALSE "Get LUKS encryption key from Smart Card [File 1001]" \
FALSE "Load LUKS encryption key into Smart Card [File 1001]" \
+ FALSE "Clear LUKS encryption key from Smart Card [File 1001]" \
FALSE "Load username into Smart Card [File 1002]" \
FALSE "Load password into Smart Card [File 1003]" \
FALSE "Update Smart Card Transport Keys [AUT1-AUT3]" \
@@ -822,6 +834,10 @@ while [[ 1 -eq 1 ]]; do
loadlukskey
fi
+ if [[ $selection = "Clear LUKS encryption key from Smart Card [File 1001]" ]]; then
+ clearlukskey
+ fi
+
if [[ $selection = "Load username into Smart Card [File 1002]" ]]; then
loadusername
fi