Initial commit

4 files changed, 74 insertions, 0 deletions

diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 000000000000..6b68e031d4fa
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,12 @@
+pkgbase = mkinitcpio-pkcs11
+	pkgdesc = Install pkcs11 in early boot (systemd cryptsetyp.target) using pcscd.socket
+	pkgver = 0.1
+	pkgrel = 1
+	arch = any
+	depends = ccid
+	depends = opensc
+	depends = pcsclite
+	source = pkcs11_install
+	sha256sums = 12ab776de8c225ca7fff411ab1a5a5998936d624aa95777a191f8b38de104d43
+
+pkgname = mkinitcpio-pkcs11
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 000000000000..7446231ea20b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+*.pkg.tar.xz
+lighthouse/
+pkg/
+src/
diff --git a/PKGBUILD b/PKGBUILD
new file mode 100644
index 000000000000..bb7f55e45982
--- /dev/null
+++ b/PKGBUILD
@@ -0,0 +1,12 @@
+pkgname=mkinitcpio-pkcs11
+pkgver=0.1
+pkgrel=1
+pkgdesc='Install pkcs11 in early boot (systemd cryptsetyp.target) using pcscd.socket'
+depends=('ccid' 'opensc' 'pcsclite')
+arch=('any')
+source=('pkcs11_install')
+sha256sums=('12ab776de8c225ca7fff411ab1a5a5998936d624aa95777a191f8b38de104d43')
+
+package() {
+    install -D -m644 "pkcs11_install" "$pkgdir/usr/bin/initcpio/pkcs11"
+}
diff --git a/pkcs11_install b/pkcs11_install
new file mode 100644
index 000000000000..d69385a7cf87
--- /dev/null
+++ b/pkcs11_install
@@ -0,0 +1,46 @@
+#!/bin/bash
+
+build() {
+
+    # CCID
+    add_file /etc/libccid_Info.plist
+    add_file /etc/reader.conf.d/libccidtwin
+    add_file /usr/lib/pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist
+    add_binary /usr/lib/pcsc/drivers/ifd-ccid.bundle/Contents/Linux/libccid.so
+    add_binary /usr/lib/pcsc/drivers/serial/libccidtwin.so
+
+    # OPENSC
+    add_file /etc/opensc.conf
+    add_binary /usr/lib/libopensc.so.8
+    add_binary /usr/lib/libopensc.so.8.0.0
+    add_binary /usr/lib/opensc-pkcs11.so
+    add_binary /usr/lib/pkcs11/opensc-pkcs11.so
+
+    # PCSCLITE
+    add_binary /usr/lib/libpcsclite.so
+    add_binary /usr/lib/libpcsclite.so.1
+    add_binary /usr/lib/libpcsclite.so.1.0.0
+
+
+    # PCSCD at boot before cryptsetup
+    add_systemd_unit pcscd.service
+    add_systemd_unit pcscd.socket
+    add_symlink /usr/lib/systemd/system/cryptsetup.target.wants/pcscd.socket ../pcscd.socket
+
+    # MISC
+    add_binary /usr/bin/p11tool
+    # cat /etc/pkcs11/modules/opensc.module
+    # module: opensc-pkcs11.so
+    add_file /etc/pkcs11/modules/opensc.module
+
+}
+
+help() {
+    cat <<HELPEOF
+Add and early start (ie before cryptsetup) the pcscd socket service. This
+allow cryptsetup "pkcs11-uri=auto" to find yubikey piv based token. Required
+package are: ccid opensc and pcsclite. Use with systemd and sd-encrypt hook.
+HELPEOF
+}
+
+# vim: set ft=sh ts=4 sw=4 et: