diff options
-rw-r--r-- | .SRCINFO | 16 | ||||
-rw-r--r-- | .gitignore | 5 | ||||
-rw-r--r-- | PKGBUILD | 67 | ||||
-rw-r--r-- | cades_linux_amd64.tar.gz | 0 | ||||
-rw-r--r-- | cryptopro-csp-k1.install | 550 | ||||
-rw-r--r-- | linux-amd64.tgz | 0 |
6 files changed, 512 insertions, 126 deletions
@@ -1,11 +1,11 @@ pkgbase = cryptopro-csp-k1 - pkgdesc = CryptoPro CSP 4.0 - pkgver = 4.0.9963 - pkgrel = 0 + pkgdesc = CryptoPro CSP 5.0 + pkgver = 5.0.12900 + pkgrel = 3 url = https://cryptopro.ru/products/cryptopro-csp install = cryptopro-csp-k1.install arch = x86_64 - license = proprietary + license = unknown makedepends = libarchive depends = glibc depends = gcc-libs @@ -19,11 +19,9 @@ pkgbase = cryptopro-csp-k1 depends = libxml2 depends = ccid depends = acsccid + optdepends = rutoken-plugin: Rutoken PKCS11 keys support options = !strip - source = linux-amd64.tgz - source = cades_linux_amd64.tar.gz - md5sums = eba649ae2c974a8c9d0cd69d2b508ae7 - md5sums = d3fbcb7a42f390657771f23712f64750 + source = linux-amd64.tgz::local://linux-amd64.tgz + sha256sums = 075c0198eb6e5bcdcec0758f1c6e4d1203fdd789ae71fadb80c478fcbe3f2c01 pkgname = cryptopro-csp-k1 - diff --git a/.gitignore b/.gitignore new file mode 100644 index 000000000000..175c1f0dba7f --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +src/ +pkg/ +*.pkg.tar.zst +*.tar.gz +*.tgz
\ No newline at end of file @@ -1,15 +1,39 @@ # Maintainer: Platon Pronko < platon7pronko at gmail dot com > +# README +# +# Ru +# == +# Тиражирование и распространение СКЗИ является деятельностью +# лицензируемой ФСБ России. Каждый экземпляр СКЗИ должен иметь +# индивидуальный номер учета. Т.е. анонимный доступ невозможен. +# AUR не выполняет оба этих пункта. Поэтому перед выполнением makepkg +# необходимо скачивать СКЗИ самостоятельно с сайта производителя. Ссылка: +# +# https://cryptopro.ru/sites/default/files/private/csp/50/12900/linux-amd64.tgz +# +# Данный PKGBUILD старается следовать последней не-сертифицированной версии CSP (не RC). +# +# En +# == +# This PKGBUILD does not automatically download CSP archive because +# accessing it requires logging in. Please download the archive manually +# and place alongside the PKGBUILD before building. Link: +# +# https://cryptopro.ru/sites/default/files/private/csp/50/12900/linux-amd64.tgz +# +# This PKGBUILD tracks the latest not-certified version of CSP (not RC). + pkgname="cryptopro-csp-k1" -pkgver=4.0.9963 -# pkgver is not allowed to contain forward slashes -_pkgver_patch="5" +pkgver=5.0.12900 +pkgrel=3 +_pkgver_patch="7" +_cades_version="2.0.14892" _pkgver="$pkgver-$_pkgver_patch" -pkgrel=0 -pkgdesc='CryptoPro CSP 4.0' +pkgdesc='CryptoPro CSP 5.0' arch=('x86_64') url='https://cryptopro.ru/products/cryptopro-csp' -license=('proprietary') +license=('unknown') depends=( 'glibc' 'gcc-libs' @@ -24,17 +48,16 @@ depends=( 'ccid' 'acsccid' ) +optdepends=( + 'rutoken-plugin: Rutoken PKCS11 keys support' +) makedepends=( 'libarchive' ) source=( - 'linux-amd64.tgz' - 'cades_linux_amd64.tar.gz' -) -md5sums=( - 'eba649ae2c974a8c9d0cd69d2b508ae7' - 'd3fbcb7a42f390657771f23712f64750' + 'linux-amd64.tgz::local://linux-amd64.tgz' # download from https://cryptopro.ru/sites/default/files/private/csp/50/12900/linux-amd64.tgz ) +sha256sums=('075c0198eb6e5bcdcec0758f1c6e4d1203fdd789ae71fadb80c478fcbe3f2c01') install=cryptopro-csp-k1.install options=(!strip) @@ -45,18 +68,26 @@ package() { bsdtar -xf "lsb-cprocsp-kc1-64-${_pkgver}.x86_64.rpm" -C "$pkgdir" bsdtar -xf "lsb-cprocsp-capilite-64-${_pkgver}.x86_64.rpm" -C "$pkgdir" bsdtar -xf "lsb-cprocsp-ca-certs-${_pkgver}.noarch.rpm" -C "$pkgdir" + bsdtar -xf "lsb-cprocsp-pkcs11-64-${_pkgver}.x86_64.rpm" -C "$pkgdir" bsdtar -xf "cprocsp-rdr-gui-gtk-64-${_pkgver}.x86_64.rpm" -C "$pkgdir" bsdtar -xf "cprocsp-rdr-pcsc-64-${_pkgver}.x86_64.rpm" -C "$pkgdir" - bsdtar -xf "cprocsp-rdr-jacarta-64-3.6.408.695-4.x86_64.rpm" -C "$pkgdir" - - cd "$srcdir/cades_linux_amd64" - bsdtar -xf "cprocsp-pki-2.0.0-amd64-cades.rpm" -C "$pkgdir" - bsdtar -xf "cprocsp-pki-2.0.0-amd64-plugin.rpm" -C "$pkgdir" + bsdtar -xf "cprocsp-rdr-jacarta-64-${_pkgver}.x86_64.rpm" -C "$pkgdir" + bsdtar -xf "cprocsp-rdr-rutoken-64-${_pkgver}.x86_64.rpm" -C "$pkgdir" + bsdtar -xf "cprocsp-rdr-cpfkc-64-${_pkgver}.x86_64.rpm" -C "$pkgdir" + bsdtar -xf "cprocsp-rdr-cryptoki-64-${_pkgver}.x86_64.rpm" -C "$pkgdir" + bsdtar -xf "cprocsp-cptools-gtk-64-${_pkgver}.x86_64.rpm" -C "$pkgdir" + bsdtar -xf "cprocsp-rdr-cloud-64-${_pkgver}.x86_64.rpm" -C "$pkgdir" + bsdtar -xf "lsb-cprocsp-devel-${_pkgver}.noarch.rpm" -C "$pkgdir" + bsdtar -xf "cprocsp-curl-64-${_pkgver}.x86_64.rpm" -C "$pkgdir" + + # browser plugin + bsdtar -xf "cprocsp-pki-cades-64-${_cades_version}-1.amd64.rpm" -C "$pkgdir" + bsdtar -xf "cprocsp-pki-plugin-64-${_cades_version}-1.amd64.rpm" -C "$pkgdir" rm -r "$pkgdir/etc/init.d/" - mv "$pkgdir/tmp/" "$pkgdir/opt/cprocsp/tmp/" rm -r "$pkgdir/usr/lib64/" mkdir -p "$pkgdir/etc/ld.so.conf.d/" echo "/opt/cprocsp/lib/amd64" > "$pkgdir/etc/ld.so.conf.d/cryptopro-csp-k1.conf" + echo "/usr/lib/mozilla/plugins" >> "$pkgdir/etc/ld.so.conf.d/cryptopro-csp-k1.conf" } diff --git a/cades_linux_amd64.tar.gz b/cades_linux_amd64.tar.gz deleted file mode 100644 index e69de29bb2d1..000000000000 --- a/cades_linux_amd64.tar.gz +++ /dev/null diff --git a/cryptopro-csp-k1.install b/cryptopro-csp-k1.install index f05fd42b7f5f..aaea98a37a0d 100644 --- a/cryptopro-csp-k1.install +++ b/cryptopro-csp-k1.install @@ -5,107 +5,229 @@ post_install() { # lsb-cprocsp-rdr-64 cpconfig -ini '\config\apppath' -add string libcapi10.so /opt/cprocsp/lib/amd64/libcapi10.so cpconfig -ini '\config\apppath' -add string librdrfat12.so /opt/cprocsp/lib/amd64/librdrfat12.so - cpconfig -ini '\config\apppath' -add string librdrrdr.so /opt/cprocsp/lib/amd64/librdrrdr.so - cpconfig -ini '\config\apppath' -add string librdrrndm.so /opt/cprocsp/lib/amd64/librdrrndm.so cpconfig -ini '\config\apppath' -add string librdrdsrf.so /opt/cprocsp/lib/amd64/librdrdsrf.so cpconfig -ini '\config\apppath' -add string libcpui.so /opt/cprocsp/lib/amd64/libcpui.so cpconfig -ini '\config\apppath' -add string libcurl.so /usr/lib/libcurl.so cpconfig -ini '\config\apppath' -add string mount_flash.sh /opt/cprocsp/sbin/amd64/mount_flash.sh cpconfig -ini '\config\KeyDevices\FLASH' -add string DLL librdrfat12.so cpconfig -ini '\config\KeyDevices\FLASH' -add string Script mount_flash.sh - cpconfig -hardware reader -add FLASH -name FLASH - cpconfig -hardware rndm -add CPSD -name 'КПИМ' -level 3 > /dev/null + cpconfig -ini '\config\KeyDevices\FLASH' -add long Group 1 + cpconfig -ini '\config\KeyDevices\FLASH\PNP FLASH\Default' -add string Name 'All FLASH readers' + cpconfig -ini '\config\KeyDevices\FLASH\PNP FLASH\Default\Name' -delparam + #TODO: пока cpconfig не умеет регистрировать считыватель, если он групповой. команда снизу не работает, хотя должна. + #cpconfig -hardware reader -add FLASH -name FLASH + cpconfig -hardware rndm -add CPSD -name 'CPSD RNG' -level 3 > /dev/null cpconfig -ini '\config\Random\CPSD\Default' -add string '/db1/kis_1' /var/opt/cprocsp/dsrf/db1/kis_1 cpconfig -ini '\config\Random\CPSD\Default' -add string '/db2/kis_1' /var/opt/cprocsp/dsrf/db2/kis_1 cpconfig -license -view > /dev/null 2> /dev/null - test $? = 0 || cpconfig -license -set 4040E-G0037-EK8R3-C6K4U-HCXQG + trial_lic=5050N-40030-01BT7-2MA83-QF3T0 + cpconfig -license -view > /dev/null 2> /dev/null + test $? -eq 0 || test -n "$CPCSP_NO_DEMO_LICENSE" || cpconfig -license -set "$trial_lic" -use_expired || { + curr_lic=`cpconfig -ini '\license\ProductID\{50F91F80-D397-437C-B0C8-62128DE3B55E}\ProductID' -view` + if test "$curr_lic" = '4040E-G0037-EK8R3-C6K4U-HCXQG'; then + cpconfig -ini '\license\ProductID\{50F91F80-D397-437C-B0C8-62128DE3B55E}' -add string ProductID "$trial_lic" + fi + } # lsb-cprocsp-kc1-64 cpconfig -ini '\config\apppath' -add string librdrrndmbio_tui.so /opt/cprocsp/lib/amd64/librdrrndmbio_tui.so cpconfig -ini '\config\apppath' -add string libcsp.so /opt/cprocsp/lib/amd64/libcsp.so cpconfig -ini '\config\Random\Bio_tui' -add string DLL librdrrndmbio_tui.so - cpconfig -hardware reader -add hdimage -name 'Структура дискеты на жестком диске' > /dev/null - cpconfig -hardware rndm -add bio_tui -name 'Биологический текстовый' -level 5 > /dev/null + cpconfig -hardware reader -add hdimage -name 'HDD key storage' > /dev/null + cpconfig -hardware rndm -add bio_tui -name 'Text bio random' -level 5 > /dev/null + cpconfig -defprov -setdef -provtype 75 -provname 'Crypto-Pro GOST R 34.10-2001 KC1 CSP' cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2001 KC1 CSP' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2001 KC1 CSP' -add string 'Function Table Name' CPCSP_GetFunctionTable cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2001 KC1 CSP' -add long Type 75 + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2001 Cryptographic Service Provider' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2001 Cryptographic Service Provider' -add string 'Function Table Name' CPCSP_GetFunctionTable cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2001 Cryptographic Service Provider' -add long Type 75 + cpconfig -defprov -setdef -provtype 80 -provname 'Crypto-Pro GOST R 34.10-2012 KC1 CSP' cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 KC1 CSP' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 KC1 CSP' -add string 'Function Table Name' CPCSP_GetFunctionTable cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 KC1 CSP' -add long Type 80 + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 Cryptographic Service Provider' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 Cryptographic Service Provider' -add string 'Function Table Name' CPCSP_GetFunctionTable cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 Cryptographic Service Provider' -add long Type 80 + cpconfig -defprov -setdef -provtype 81 -provname 'Crypto-Pro GOST R 34.10-2012 KC1 Strong CSP' cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 KC1 Strong CSP' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 KC1 Strong CSP' -add string 'Function Table Name' CPCSP_GetFunctionTable cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 KC1 Strong CSP' -add long Type 81 + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 Strong Cryptographic Service Provider' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 Strong Cryptographic Service Provider' -add string 'Function Table Name' CPCSP_GetFunctionTable cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 Strong Cryptographic Service Provider' -add long Type 81 + + cpconfig -defprov -setdef -provtype 1 -provname 'Crypto-Pro RSA Cryptographic Service Provider' + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro RSA Cryptographic Service Provider' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro RSA Cryptographic Service Provider' -add string 'Function Table Name' CPCSP_GetFunctionTable + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro RSA Cryptographic Service Provider' -add long Type 1 + cpconfig -ini '\config\parameters\Crypto-Pro RSA Cryptographic Service Provider' -add long KeyTimeValidityControlMode 128 + + cpconfig -defprov -setdef -provtype 16 -provname 'Crypto-Pro ECDSA and AES KC1 CSP' + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro ECDSA and AES KC1 CSP' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro ECDSA and AES KC1 CSP' -add string 'Function Table Name' CPCSP_GetFunctionTable + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro ECDSA and AES KC1 CSP' -add long Type 16 + cpconfig -ini '\config\parameters\Crypto-Pro ECDSA and AES KC1 CSP' -add long KeyTimeValidityControlMode 128 + + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro ECDSA and AES CSP' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro ECDSA and AES CSP' -add string 'Function Table Name' CPCSP_GetFunctionTable + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro ECDSA and AES CSP' -add long Type 16 + cpconfig -ini '\config\parameters\Crypto-Pro ECDSA and AES CSP' -add long KeyTimeValidityControlMode 128 + + cpconfig -defprov -setdef -provtype 24 -provname 'Crypto-Pro Enhanced RSA and AES KC1 CSP' + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro Enhanced RSA and AES KC1 CSP' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro Enhanced RSA and AES KC1 CSP' -add string 'Function Table Name' CPCSP_GetFunctionTable + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro Enhanced RSA and AES KC1 CSP' -add long Type 24 + cpconfig -ini '\config\parameters\Crypto-Pro Enhanced RSA and AES KC1 CSP' -add long KeyTimeValidityControlMode 128 + + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro Enhanced RSA and AES CSP' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro Enhanced RSA and AES CSP' -add string 'Function Table Name' CPCSP_GetFunctionTable + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro Enhanced RSA and AES CSP' -add long Type 24 + cpconfig -ini '\config\parameters\Crypto-Pro Enhanced RSA and AES CSP' -add long KeyTimeValidityControlMode 128 + + cpconfig -defprov -setdef -provtype 32 -provname 'Crypto-Pro Curve25519 and AES KC1 CSP' + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro Curve25519 and AES KC1 CSP' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro Curve25519 and AES KC1 CSP' -add string 'Function Table Name' CPCSP_GetFunctionTable + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro Curve25519 and AES KC1 CSP' -add long Type 32 + cpconfig -ini '\config\parameters\Crypto-Pro Curve25519 and AES KC1 CSP' -add long KeyTimeValidityControlMode 128 + + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro Curve25519 and AES CSP' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro Curve25519 and AES CSP' -add string 'Function Table Name' CPCSP_GetFunctionTable + cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro Curve25519 and AES CSP' -add long Type 32 + cpconfig -ini '\config\parameters\Crypto-Pro Curve25519 and AES CSP' -add long KeyTimeValidityControlMode 128 + cpconfig -ini '\cryptography\Defaults\Provider Types\Type 075' -add string 'TypeName' "GOST R 34.10-2001 Signature with Diffie-Hellman Key Exchange" cpconfig -ini '\cryptography\Defaults\Provider Types\Type 080' -add string 'TypeName' "GOST R 34.10-2012 (256) Signature with Diffie-Hellman Key Exchange" cpconfig -ini '\cryptography\Defaults\Provider Types\Type 081' -add string 'TypeName' "GOST R 34.10-2012 (512) Signature with Diffie-Hellman Key Exchange" + cpconfig -ini '\cryptography\Defaults\Provider Types\Type 001' -add string 'TypeName' "RSA Full (Signature and Key Exchange)" + cpconfig -ini '\cryptography\Defaults\Provider Types\Type 016' -add string 'TypeName' "ECDSA Full and AES" + cpconfig -ini '\cryptography\Defaults\Provider Types\Type 024' -add string 'TypeName' "RSA Full and AES" + cpconfig -ini '\cryptography\Defaults\Provider Types\Type 032' -add string 'TypeName' "Curve25519 Full and AES" # lsb-cprocsp-capilite-64 + cpconfig -ini '\config\apppath' -add string libssp.so /opt/cprocsp/lib/amd64/libssp.so cpconfig -ini '\config\apppath' -add string libcapi20.so /opt/cprocsp/lib/amd64/libcapi20.so # create several local machine stores if they don't exist /opt/cprocsp/bin/amd64/certmgr -list -crl -store mMy > /dev/null 2>&1 /opt/cprocsp/bin/amd64/certmgr -list -crl -store mCryptoProTrustedStore > /dev/null 2>&1 - # update all stores to Windows-compatible format. we don't want to silence - # stderr because user should be notified about errors - find '/var/opt/cprocsp/users/' -name '*.sto' -type f \ - -exec /opt/cprocsp/bin/amd64/certmgr -updatestore -crl -file {} \; > /dev/null - find '/var/opt/cprocsp/users/' -name '*.sto' -type f \ - -exec /opt/cprocsp/bin/amd64/certmgr -updatestore -cert -file {} \; > /dev/null + /opt/cprocsp/bin/amd64/csptest -keyset -verifycontext > /dev/null 2>&1 + if test $? -eq 0; then + # create several local machine stores if they don't exist + /opt/cprocsp/bin/amd64/certmgr -list -crl -store mMy > /dev/null 2>&1 + /opt/cprocsp/bin/amd64/certmgr -list -crl -store mCryptoProTrustedStore > /dev/null 2>&1 + + # update all stores to Windows-compatible format. we don't want to silence + # stderr because user should be notified about errors + find '/var/opt/cprocsp/users/' -name '*.sto' -type f \ + -exec /opt/cprocsp/bin/amd64/certmgr -updatestore -crl -file {} \; > /dev/null + find '/var/opt/cprocsp/users/' -name '*.sto' -type f \ + -exec /opt/cprocsp/bin/amd64/certmgr -updatestore -cert -file {} \; > /dev/null + cpinstance > /dev/null 2>&1 + else + printf "Warning: functioning provider is required.\n" + printf "Will not configure/upgrade certificate stores.\n" + printf "Setup CryptoPro CSP and reinstall.\n" + fi # lsb-cprocsp-ca-certs - ls -d /var/opt/cprocsp/tmpcerts/root/* \ - | xargs -n 1 /opt/cprocsp/bin/amd64/certmgr -install -store mroot -file 1>/dev/null \ - || printf "Failed to install root certificates!\n" - ls -d /var/opt/cprocsp/tmpcerts/ca/* \ - | xargs -n 1 /opt/cprocsp/bin/amd64/certmgr -install -store mca -file 1>/dev/null \ - || printf "Failed to install intermediate certificates!\n" + /opt/cprocsp/bin/amd64/csptest -keyset -verifycontext > /dev/null 2>&1 + if test $? -eq 0; then + ls -d /var/opt/cprocsp/tmpcerts/root/* \ + | xargs -n 1 /opt/cprocsp/bin/amd64/certmgr -install -store mroot -file 1>/dev/null \ + || printf "Failed to install root certificates!\n" + ls -d /var/opt/cprocsp/tmpcerts/ca/* \ + | xargs -n 1 /opt/cprocsp/bin/amd64/certmgr -install -store mca -file 1>/dev/null \ + || printf "Failed to install intermediate certificates!\n" + else + printf "Warning: functioning provider is required.\n" + printf "Will not configure/upgrade certificate stores.\n" + printf "Setup CryptoPro CSP and reinstall.\n" + fi + + # lsb-cprocsp-pkcs11-64 + cpconfig -ini '\config\apppath' -add string libcppkcs11.so /opt/cprocsp/lib/amd64/libcppkcs11.so + cpconfig -ini '\config\PKCS11' -enum section 2>/dev/null | grep -q '^slot0$' + if [ "$?" -eq "1" ]; then + cpconfig -ini '\config\PKCS11\slot0' -add string "ProvGOST" "" + cpconfig -ini '\config\PKCS11\slot0' -add string "Firefox" "" + cpconfig -ini '\config\PKCS11\slot0' -add string "reader" "" + fi # cprocsp-rdr-gui-gtk-64 cpconfig -ini '\config\apppath' -add string librdrrndmbio_gui_fgtk.so /opt/cprocsp/lib/amd64/librdrrndmbio_gui_fgtk.so cpconfig -ini '\config\apppath' -add string libxcpui.so /opt/cprocsp/lib/amd64/libfgcpui.so cpconfig -ini '\config\apppath' -add string xcpui_app /opt/cprocsp/sbin/amd64/xcpui_app - cpconfig -ini '\config\apppath' -add string fgtk_rndm_app /opt/cprocsp/sbin/amd64/fgtk_rndm_app cpconfig -ini '\config\Random\Bio_gui' -add string DLL librdrrndmbio_gui_fgtk.so - cpconfig -hardware rndm -add bio_gui -name 'rndm GUI gtk+2.0' -level 4 > /dev/null + cpconfig -hardware rndm -add bio_gui -name 'rndm GUI GTK' -level 4 >/dev/null 2>/dev/null + + # cprocsp-rdr-pcsc-64 + cpconfig -ini '\config\parameters' -add long dynamic_readers 1 + cpconfig -ini '\config\parameters' -add long dynamic_rdr_refresh_ms 1500 + + if test -z '#' ; then + cpconfig -ini '\config\apppath' -add string libpcsclite.so /System/Library/Frameworks/PCSC.framework/PCSC + else + check_libpcsclite_compatibility() { + command -v file > /dev/null 2>&1 || return 0 + is64arch=0 + is64arch=1 + is64lib=0 + if test -z '' ; then + file -L "${libpcsclite}" | grep '64-bit' > /dev/null 2>&1 + else + file "${libpcsclite}" | grep '64-bit' > /dev/null 2>&1 + fi + test "$?" -eq 0 && is64lib=1 + test "${is64arch}" -eq "${is64lib}" && return 0 + return 1 + } + search_dirs=`echo /lib* /usr/lib* /usr/local/lib* /opt/CPcvpn-*/lib* /opt/sfw/lib* | xargs -n1 | grep -v '*' | xargs` + ld_cmd="ldconfig -p ; find ${search_dirs} -name \*libpcsclite\*" + #ld_cmd='ldconfig -r' + #ld_cmd="find ${search_dirs} -name \*libpcsclite\*" + libpcsclite_checked='manually_set_path_to_libpcsclite.so' + for libpcsclite in `eval "${ld_cmd}" | grep '/libpcsclite.*so' | awk '{print $NF}' | xargs` ; do + if check_libpcsclite_compatibility ; then + libpcsclite_checked="${libpcsclite}" + break + fi + done + cpconfig -ini '\config\apppath' -add string libpcsclite.so "${libpcsclite_checked}" + fi - # cprocsp-rdr-pgsc-64 cpconfig -ini '\config\apppath' -add string libpcsclite.so libpcsclite.so.1 cpconfig -ini '\config\apppath' -add string librdrpcsc.so /opt/cprocsp/lib/amd64/librdrpcsc.so cpconfig -ini '\config\apppath' -add string librdrric.so /opt/cprocsp/lib/amd64/librdrric.so cpconfig -ini '\config\KeyDevices\PCSC' -add string DLL librdrpcsc.so cpconfig -ini '\config\KeyDevices\PCSC' -add long Group 1 cpconfig -ini '\config\KeyDevices\PCSC\PNP PCSC\Default' -add string Name 'All PC/SC readers' + cpconfig -ini '\config\KeyDevices\PCSC\PNP PCSC\Default\Name' -delparam cpconfig -ini '\config\KeyCarriers\OSCAR' -add string DLL librdrric.so cpconfig -ini '\config\KeyCarriers\OSCAR2' -add string DLL librdrric.so cpconfig -ini '\config\KeyCarriers\TRUST' -add string DLL librdrric.so cpconfig -ini '\config\KeyCarriers\TRUSTS' -add string DLL librdrric.so cpconfig -ini '\config\KeyCarriers\TRUSTD' -add string DLL librdrric.so - cpconfig -hardware media -add oscar -name 'Оскар' > /dev/null + cpconfig -hardware media -add oscar -name 'Oscar' > /dev/null cpconfig -hardware media -configure oscar -add hex atr 0000000000000043525950544f5052 cpconfig -hardware media -configure oscar -add hex mask 00000000000000ffffffffffffffff cpconfig -hardware media -configure oscar -add string folders 0B00 - cpconfig -hardware media -add oscar2 -connect CSP -name 'Оскар CSP 2.0' > /dev/null - cpconfig -hardware media -configure oscar2 -connect CSP -add hex atr 000000000000004350435350010102 - cpconfig -hardware media -configure oscar2 -connect CSP -add hex mask 00000000000000ffffffffffffffff - cpconfig -hardware media -configure oscar2 -connect CSP -add string folders 0B00 - cpconfig -hardware media -configure oscar2 -connect CSP -add long size_1 60 - cpconfig -hardware media -configure oscar2 -connect CSP -add long size_2 70 - cpconfig -hardware media -configure oscar2 -connect CSP -add long size_4 60 - cpconfig -hardware media -configure oscar2 -connect CSP -add long size_5 70 - cpconfig -hardware media -configure oscar2 -connect CSP -add long size_6 62 - cpconfig -hardware media -add oscar2 -connect KChannel -name 'Канал К' > /dev/null + cpconfig -hardware media -add oscar2 -name 'Oscar CSP 2.0' > /dev/null + cpconfig -hardware media -configure oscar2 -add hex atr 000000000000004350435350010102 + cpconfig -hardware media -configure oscar2 -add hex mask 00000000000000ffffffffffffffff + cpconfig -hardware media -configure oscar2 -add string folders 0B00 + cpconfig -hardware media -configure oscar2 -add long size_1 60 + cpconfig -hardware media -configure oscar2 -add long size_2 70 + cpconfig -hardware media -configure oscar2 -add long size_4 60 + cpconfig -hardware media -configure oscar2 -add long size_5 70 + cpconfig -hardware media -configure oscar2 -add long size_6 62 + cpconfig -hardware media -add oscar2 -connect KChannel -name 'Channel K' > /dev/null cpconfig -hardware media -configure oscar2 -connect KChannel -add hex atr 000000000000004350435350010101 cpconfig -hardware media -configure oscar2 -connect KChannel -add hex mask 00000000000000ffffffffffffffff cpconfig -hardware media -configure oscar2 -connect KChannel -add string folders 0B00 @@ -115,17 +237,17 @@ post_install() { cpconfig -hardware media -configure oscar2 -connect KChannel -add long size_5 36 cpconfig -hardware media -configure oscar2 -connect KChannel -add long size_6 62 - cpconfig -hardware media -add TRUST -name 'Magistra' > /dev/null + cpconfig -hardware media -add TRUST -name 'Foros (Magistra)' > /dev/null cpconfig -hardware media -configure TRUST -add hex atr 3b9e00008031c0654d4700000072f7418107 cpconfig -hardware media -configure TRUST -add hex mask ffff0000ffffffffffff300000ffffffffff cpconfig -hardware media -configure TRUST -add string folders "A\\B\\C\\D\\E\\F\\G\\H" - cpconfig -hardware media -add TRUSTS -name 'Magistra SocCard' > /dev/null + cpconfig -hardware media -add TRUSTS -name 'Foros SocCard' > /dev/null cpconfig -hardware media -configure TRUSTS -add hex atr 3b9a00008031c0610072f7418107 cpconfig -hardware media -configure TRUSTS -add hex mask ffff0000ffffffff30ffffffffff cpconfig -hardware media -configure TRUSTS -add string folders "A\\B\\C\\D" - cpconfig -hardware media -add TRUSTD -name 'Magistra Debug' > /dev/null + cpconfig -hardware media -add TRUSTD -name 'Foros Debug' > /dev/null cpconfig -hardware media -configure TRUSTD -add hex atr 3b9800008031c072f7418107 cpconfig -hardware media -configure TRUSTD -add hex mask ffff0000ffffffffffffffff cpconfig -hardware media -configure TRUSTD -add string folders "A\\B\\C\\D\\E\\F\\G\\H" @@ -157,12 +279,32 @@ post_install() { ccid_reg.sh -add $pList 0x0A89 0x0060 "Aktiv Co., ProgramPark Rutoken Magistra - CP" ccid_reg.sh -add $pList 0x072f 0x90de "ACS Token - CP" ccid_reg.sh -add $pList 0x24dc 0x0102 "ARDS ZAO JaCarta LT - CP" + ccid_reg.sh -add $pList 0x2fb0 0x0002 "Infocrypt Token++ - CP" + ccid_reg.sh -add $pList 0x2fb0 0x0004 "Infocrypt Token++ - CP" + ccid_reg.sh -add $pList 0x2fb0 0x0006 "Infocrypt Token++ lite - CP" + ccid_reg.sh -add $pList 0x2fb0 0x0008 "Infocrypt Token++ lite - CP" + ccid_reg.sh -add $pList 0x2fb0 0x003a "Infocrypt Token++ - CP" + ccid_reg.sh -add $pList 0x2022 0x078a "Infocrypt HWDSSL DEVICE - CP" + ccid_reg.sh -add $pList 0x2022 0x016c "Infocrypt HWDSSL DEVICE - CP" + ccid_reg.sh -add $pList 0x2022 0x0172 "Infocrypt HWDSSL DEVICE - CP" + ccid_reg.sh -add $pList 0x2022 0x0226 "Infocrypt HWDSSL DEVICE - CP" + ccid_reg.sh -add $pList 0x2fb0 0x078a "Infocrypt HWDSSL DEVICE - CP" + ccid_reg.sh -add $pList 0x2fb0 0x016c "Infocrypt HWDSSL DEVICE - CP" + ccid_reg.sh -add $pList 0x2fb0 0x0172 "Infocrypt HWDSSL DEVICE - CP" + ccid_reg.sh -add $pList 0x2fb0 0x0226 "Infocrypt HWDSSL DEVICE - CP" ccid_reg.sh -add $pList 0x2a0c 0x0001 "MultiSoft ltd. SCR2 - CP" + ccid_reg.sh -add $pList 0x2a0c 0x0002 "SKZI ANGARA - CP" + ccid_reg.sh -add $pList 0x23a0 0x0008 "BIFIT ANGARA - CP" ccid_reg.sh -add $pList 0x1fc9 0x7479 "ISBC ESMART reader - CP" ccid_reg.sh -add $pList 0x2ce4 0x7479 "ESMART Token - CP" - ccid_reg.sh -add $pList 0x2fb0 0x0006 "Infocrypt Token++ lite" - ccid_reg.sh -add $pList 0x2fb0 0x0008 "Infocrypt Token++ lite" - ccid_reg.sh -add $pList 0x2fb0 0x003a "Infocrypt Token++ lite" + ccid_reg.sh -add $pList 0x24DC 0x0101 "Aladdin R.D. JaCarta" + ccid_reg.sh -add $pList 0x24DC 0x0402 "Aladdin R.D. JaCarta" + ccid_reg.sh -add $pList 0x24DC 0x0406 "Aladdin JaCarta SF GOST" + ccid_reg.sh -add $pList 0x24DC 0x0409 "Aladdin JaCarta-2 SF" + ccid_reg.sh -add $pList 0x24DC 0x040D "Aladdin JaCarta SF" + ccid_reg.sh -add $pList 0x24DC 0x04FF "Aladdin JaCarta SF GOST" + ccid_reg.sh -add $pList 0x24DC 0x100F "Aladdin R.D. JaCarta Flash" + ccid_reg.sh -add $pList 0x0529 0x0620 "eToken PRO Java 72K OS755" done fi fi @@ -170,74 +312,278 @@ post_install() { fi # cprocsp-rdr-jacarta-64 - cpconfig -ini '\config\apppath' -add string librdrjacarta.so.3.6.408 /opt/cprocsp/lib/amd64/librdrjacarta.so.3.6.408 - cpconfig -ini '\config\KeyDevices\PCSC\AKS ifdh 00 00\Default' -add string Name "AKS ifdh 0" - cpconfig -ini '\config\KeyDevices\PCSC\AKS ifdh 01 00\Default' -add string Name "AKS ifdh 1" - cpconfig -ini '\config\KeyDevices\PCSC\ARDS JaCarta 00 00\Default' -add string Name "ARDS JaCarta 0" - cpconfig -ini '\config\KeyDevices\PCSC\ARDS JaCarta 01 00\Default' -add string Name "ARDS JaCarta 1" - cpconfig -ini '\config\KeyDevices\PCSC\Aladdin eToken PRO USB 72K Java 00 00\Default' -add string Name "Aladdin Token JC 0" - cpconfig -ini '\config\KeyDevices\PCSC\Aladdin eToken PRO USB 72K Java 01 00\Default' -add string Name "Aladdin Token JC 1" - cpconfig -ini '\config\KeyDevices\PCSC\ARDS ZAO JaCarta LT 00 00\Default' -add string Name "ARDS JaCarta LT 0" - cpconfig -ini '\config\KeyDevices\PCSC\ARDS ZAO JaCarta LT 01 00\Default' -add string Name "ARDS JaCarta LT 1" - cpconfig -ini '\config\KeyDevices\PCSC\ARDS ZAO JaCarta Flash 00 00\Default' -add string Name "ARDS JaCarta Flash 0" - cpconfig -ini '\config\KeyDevices\PCSC\ARDS ZAO JaCarta Flash 01 00\Default' -add string Name "ARDS JaCarta Flash 1" - cpconfig -ini '\config\KeyCarriers\eToken_PRO16' -add string DLL librdrjacarta.so.3.6.408 - cpconfig -ini '\config\KeyCarriers\eToken_PRO32' -add string DLL librdrjacarta.so.3.6.408 - cpconfig -ini '\config\KeyCarriers\eToken_PRO_M420' -add string DLL librdrjacarta.so.3.6.408 - cpconfig -ini '\config\KeyCarriers\eToken_PRO_M420B' -add string DLL librdrjacarta.so.3.6.408 - cpconfig -ini '\config\KeyCarriers\eToken_JAVA_10' -add string DLL librdrjacarta.so.3.6.408 - cpconfig -ini '\config\KeyCarriers\eToken_JAVA_10B' -add string DLL librdrjacarta.so.3.6.408 - cpconfig -ini '\config\KeyCarriers\JaCarta' -add string DLL librdrjacarta.so.3.6.408 - cpconfig -ini '\config\KeyCarriers\JaCarta_LT' -add string DLL librdrjacarta.so.3.6.408 - cpconfig -hardware media -add eToken_PRO16 -name 'etoken_pro16' >&- - cpconfig -hardware media -configure eToken_PRO16 -add hex atr 3be200ffc11031fe55c8029c - cpconfig -hardware media -configure eToken_PRO16 -add hex mask ffffffffffffffffffffffff - cpconfig -hardware media -configure eToken_PRO16 -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09" - cpconfig -hardware media -add eToken_PRO32 -name 'etoken_pro32' >&- - cpconfig -hardware media -configure eToken_PRO32 -add hex atr 3bf29800ffc11031fe55c80315 - cpconfig -hardware media -configure eToken_PRO32 -add hex mask ffffffffffffffffffffffffff - cpconfig -hardware media -configure eToken_PRO32 -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09" - cpconfig -hardware media -add eToken_PRO_M420 -name 'etoken_pro_m420' >&- - cpconfig -hardware media -configure eToken_PRO_M420 -add hex atr 3bf2180000c10a31fe55c80600 - cpconfig -hardware media -configure eToken_PRO_M420 -add hex mask ffffffff00ffffffffffffff00 - cpconfig -hardware media -configure eToken_PRO_M420 -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09" - cpconfig -hardware media -add eToken_PRO_M420B -name 'etoken_pro_m420b' >&- - cpconfig -hardware media -configure eToken_PRO_M420B -add hex atr 3bf2180002c10a31fe58c80975 - cpconfig -hardware media -configure eToken_PRO_M420B -add hex mask ffffffffffffffffffffffffff - cpconfig -hardware media -configure eToken_PRO_M420B -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09" - cpconfig -hardware media -add eToken_JAVA_10 -name 'etoken_java_10' >&- - cpconfig -hardware media -configure eToken_JAVA_10 -add hex atr 3bd518008131fe7d8073c82110f4 - cpconfig -hardware media -configure eToken_JAVA_10 -add hex mask ffffffffffffffffffffffffffff - cpconfig -hardware media -configure eToken_JAVA_10 -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09" - cpconfig -hardware media -add eToken_JAVA_10B -name 'etoken_java_10b' >&- - cpconfig -hardware media -configure eToken_JAVA_10B -add hex atr 3bd5180081313a7d8073c8211030 - cpconfig -hardware media -configure eToken_JAVA_10B -add hex mask ffffffffffffffffffffffffffff - cpconfig -hardware media -configure eToken_JAVA_10B -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09" - cpconfig -hardware media -add JaCarta -name 'jacarta' >&- - cpconfig -hardware media -configure JaCarta -add hex atr 3bdc18ff8191fe1fc38073c821136601061159000128 - cpconfig -hardware media -configure JaCarta -add hex mask ffffffffffffffffffffffffffffffffffffffffffff - cpconfig -hardware media -configure JaCarta -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09" - cpconfig -hardware media -add JaCarta_LT -name 'jacarta_lt' >&- - cpconfig -hardware media -configure JaCarta_LT -add hex atr 3bdc18ff8111fe8073c82113660106013080018d - cpconfig -hardware media -configure JaCarta_LT -add hex mask ffffffffffffffffffffffffffffffffffffffff - cpconfig -hardware media -configure JaCarta_LT -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09" - - bash /opt/cprocsp/tmp/PLIST-csp/Linux/update_all_plists.sh - - # cprocsp-pki-2.0.0-amd64-cades + LIBNAME=librdrjacarta + + cpconfig -ini '\config\apppath' -add string $LIBNAME.so /opt/cprocsp/lib/amd64/$LIBNAME.so + + NAME="jacarta" + cpconfig -ini "\config\KeyCarriers\\$NAME" -add string DLL $LIBNAME.so + cpconfig -hardware media -add $NAME -name 'Aladdin R.D. JaCarta' > /dev/null + cpconfig -hardware media -configure $NAME -add hex atr 3bdc18ff8191fe1fc38073c821136601061159000128 + cpconfig -hardware media -configure $NAME -add hex mask ffffffffffffffffffffffffffffffffffffffffffff + cpconfig -hardware media -configure $NAME -add string folders 'CC00\CC01\CC02\CC03\CC04\CC05\CC06\CC07\CC08\CC09' + + NAME="jacarta_lt" + cpconfig -ini "\config\KeyCarriers\\$NAME" -add string DLL $LIBNAME.so + cpconfig -hardware media -add $NAME -name 'Aladdin R.D. JaCarta LT' > /dev/null + cpconfig -hardware media -configure $NAME -add hex atr 3bdc18ff8111fe8073c82113660106013080018d + cpconfig -hardware media -configure $NAME -add hex mask ffffffffffffffffffffffffffffffffffffffff + cpconfig -hardware media -configure $NAME -add string folders 'CC00\CC01\CC02\CC03\CC04\CC05\CC06\CC07\CC08\CC09' + + NAME="eToken_JAVA_10" + cpconfig -ini "\config\KeyCarriers\\$NAME" -add string DLL $LIBNAME.so + cpconfig -hardware media -add $NAME -name 'Aladdin R.D. eToken Java' > /dev/null + cpconfig -hardware media -configure $NAME -add hex atr 3bd518008131fe7d8073c82110f4 + cpconfig -hardware media -configure $NAME -add hex mask ffffffffffffffffffffffffffff + cpconfig -hardware media -configure $NAME -add string folders 'CC00\CC01\CC02\CC03\CC04\CC05\CC06\CC07\CC08\CC09' + + NAME="eToken_JAVA_10b" + cpconfig -ini "\config\KeyCarriers\\$NAME" -add string DLL $LIBNAME.so + cpconfig -hardware media -add $NAME -name 'Aladdin R.D. eToken Java' > /dev/null + cpconfig -hardware media -configure $NAME -add hex atr 3bd5180081313a7d8073c8211030 + cpconfig -hardware media -configure $NAME -add hex mask ffffffffffffffffffffffffffff + cpconfig -hardware media -configure $NAME -add string folders 'CC00\CC01\CC02\CC03\CC04\CC05\CC06\CC07\CC08\CC09' + + NAME="eToken_PRO16" + cpconfig -ini "\config\KeyCarriers\\$NAME" -add string DLL $LIBNAME.so + cpconfig -hardware media -add $NAME -name 'Aladdin R.D. eToken Pro 16K' > /dev/null + cpconfig -hardware media -configure $NAME -add hex atr 3be200ffc11031fe55c8029c + cpconfig -hardware media -configure $NAME -add hex mask ffffffffffffffffffffffff + cpconfig -hardware media -configure $NAME -add string folders 'CC00\CC01\CC02\CC03\CC04\CC05\CC06\CC07\CC08\CC09' + + NAME="eToken_PRO32" + cpconfig -ini "\config\KeyCarriers\\$NAME" -add string DLL $LIBNAME.so + cpconfig -hardware media -add $NAME -name 'Aladdin R.D. eToken Pro 32K' > /dev/null + cpconfig -hardware media -configure $NAME -add hex atr 3bf29800ffc11031fe55c80315 + cpconfig -hardware media -configure $NAME -add hex mask ffffffffffffffffffffffffff + cpconfig -hardware media -configure $NAME -add string folders 'CC00\CC01\CC02\CC03\CC04\CC05\CC06\CC07\CC08\CC09' + + NAME="eToken_PRO_M420" + cpconfig -ini "\config\KeyCarriers\\$NAME" -add string DLL $LIBNAME.so + cpconfig -hardware media -add $NAME -name 'Aladdin R.D. eToken Pro M420' > /dev/null + cpconfig -hardware media -configure $NAME -add hex atr 3bf2180000c10a31fe55c80600 + cpconfig -hardware media -configure $NAME -add hex mask ffffffff00ffffffffffffff00 + cpconfig -hardware media -configure $NAME -add string folders 'CC00\CC01\CC02\CC03\CC04\CC05\CC06\CC07\CC08\CC09' + + NAME="eToken_PRO_M420B" + cpconfig -ini "\config\KeyCarriers\\$NAME" -add string DLL $LIBNAME.so + cpconfig -hardware media -add $NAME -name 'Aladdin R.D. eToken Pro M420b' > /dev/null + cpconfig -hardware media -configure $NAME -add hex atr 3bf2180002c10a31fe58c80975 + cpconfig -hardware media -configure $NAME -add hex mask ffffffffffffffffffffffffff + cpconfig -hardware media -configure $NAME -add string folders 'CC00\CC01\CC02\CC03\CC04\CC05\CC06\CC07\CC08\CC09' + + # cprocsp-rdr-rutoken-64 + cpconfig -ini '\config\apppath' -add string librdrrutoken.so /opt/cprocsp/lib/amd64/librdrrutoken.so + + cpconfig -ini '\config\KeyCarriers\RutokenECP' -add string DLL librdrrutoken.so + cpconfig -hardware media -add RutokenECP -name 'Rutoken ECP' > /dev/null + cpconfig -hardware media -configure RutokenECP -add hex atr 3b8b015275746f6b656e20445320c1 + cpconfig -hardware media -configure RutokenECP -add hex mask ffffffffffffffffffffffffffffff + cpconfig -hardware media -configure RutokenECP -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800" + cpconfig -hardware media -configure RutokenECP -add long size_1 60 + cpconfig -hardware media -configure RutokenECP -add long size_2 70 + cpconfig -hardware media -configure RutokenECP -add long size_3 8 + cpconfig -hardware media -configure RutokenECP -add long size_4 60 + cpconfig -hardware media -configure RutokenECP -add long size_5 70 + cpconfig -hardware media -configure RutokenECP -add long size_6 300 + cpconfig -hardware media -configure RutokenECP -add long size_7 8 + + cpconfig -ini '\config\KeyCarriers\RutokenFkcOld' -add string DLL librdrrutoken.so + cpconfig -hardware media -add RutokenFkcOld -name 'CryptoPro Rutoken' > /dev/null + cpconfig -hardware media -configure RutokenFkcOld -add hex atr 3b8b015275746f6b656e20454350a0 + cpconfig -hardware media -configure RutokenFkcOld -add hex mask ffffffffffffffffffffffffffffff + cpconfig -hardware media -configure RutokenFkcOld -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800" + cpconfig -hardware media -configure RutokenFkcOld -add long size_1 60 + cpconfig -hardware media -configure RutokenFkcOld -add long size_2 70 + cpconfig -hardware media -configure RutokenFkcOld -add long size_3 8 + cpconfig -hardware media -configure RutokenFkcOld -add long size_4 60 + cpconfig -hardware media -configure RutokenFkcOld -add long size_5 70 + cpconfig -hardware media -configure RutokenFkcOld -add long size_6 300 + cpconfig -hardware media -configure RutokenFkcOld -add long size_7 8 + + cpconfig -ini '\config\KeyCarriers\RutokenECPSC' -add string DLL librdrrutoken.so + cpconfig -hardware media -add RutokenECPSC -name 'Rutoken ECP SC' > /dev/null + cpconfig -hardware media -configure RutokenECPSC -add hex atr 3b9c96005275746f6b656e4543507363 + cpconfig -hardware media -configure RutokenECPSC -add hex mask ffffffffffffffffffffffffffffffff + cpconfig -hardware media -configure RutokenECPSC -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800" + cpconfig -hardware media -configure RutokenECPSC -add long size_1 60 + cpconfig -hardware media -configure RutokenECPSC -add long size_2 70 + cpconfig -hardware media -configure RutokenECPSC -add long size_3 8 + cpconfig -hardware media -configure RutokenECPSC -add long size_4 60 + cpconfig -hardware media -configure RutokenECPSC -add long size_5 70 + cpconfig -hardware media -configure RutokenECPSC -add long size_6 300 + cpconfig -hardware media -configure RutokenECPSC -add long size_7 8 + + cpconfig -ini '\config\KeyCarriers\RutokenLiteSC2' -add string DLL librdrrutoken.so + cpconfig -hardware media -add RutokenLiteSC2 -name 'Rutoken Lite SC' > /dev/null + cpconfig -hardware media -configure RutokenLiteSC2 -add hex atr 3b9e96005275746f6b656e4c697465534332 + cpconfig -hardware media -configure RutokenLiteSC2 -add hex mask ffffffffffffffffffffffffffffffffffff + cpconfig -hardware media -configure RutokenLiteSC2 -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800" + cpconfig -hardware media -configure RutokenLiteSC2 -add long size_1 60 + cpconfig -hardware media -configure RutokenLiteSC2 -add long size_2 70 + cpconfig -hardware media -configure RutokenLiteSC2 -add long size_3 8 + cpconfig -hardware media -configure RutokenLiteSC2 -add long size_4 60 + cpconfig -hardware media -configure RutokenLiteSC2 -add long size_5 70 + cpconfig -hardware media -configure RutokenLiteSC2 -add long size_6 300 + cpconfig -hardware media -configure RutokenLiteSC2 -add long size_7 8 + + cpconfig -ini '\config\KeyCarriers\RutokenLite' -add string DLL librdrrutoken.so + cpconfig -hardware media -add RutokenLite -name 'Rutoken lite' > /dev/null + cpconfig -hardware media -configure RutokenLite -add hex atr 3b8b015275746f6b656e6c697465c2 + cpconfig -hardware media -configure RutokenLite -add hex mask ffffffffffffffffffffffffffffff + cpconfig -hardware media -configure RutokenLite -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800" + cpconfig -hardware media -configure RutokenLite -add long size_1 60 + cpconfig -hardware media -configure RutokenLite -add long size_2 70 + cpconfig -hardware media -configure RutokenLite -add long size_3 8 + cpconfig -hardware media -configure RutokenLite -add long size_4 60 + cpconfig -hardware media -configure RutokenLite -add long size_5 70 + cpconfig -hardware media -configure RutokenLite -add long size_6 300 + cpconfig -hardware media -configure RutokenLite -add long size_7 8 + + cpconfig -ini '\config\KeyCarriers\Rutoken' -add string DLL librdrrutoken.so + cpconfig -hardware media -add Rutoken -name 'Rutoken S' > /dev/null + cpconfig -hardware media -configure Rutoken -add hex atr 3b6f00ff00567275546f6b6e73302000009000 + cpconfig -hardware media -configure Rutoken -add hex mask ffffffffffffffffffffffffffffffffffffff + cpconfig -hardware media -configure Rutoken -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000" + cpconfig -hardware media -configure Rutoken -add long size_1 60 + cpconfig -hardware media -configure Rutoken -add long size_2 70 + cpconfig -hardware media -configure Rutoken -add long size_3 8 + cpconfig -hardware media -configure Rutoken -add long size_4 60 + cpconfig -hardware media -configure Rutoken -add long size_5 70 + cpconfig -hardware media -configure Rutoken -add long size_6 300 + cpconfig -hardware media -configure Rutoken -add long size_7 8 + + cpconfig -ini '\config\KeyCarriers\RutokenPinpad' -add string DLL librdrrutoken.so + cpconfig -hardware media -add RutokenPinpad -name 'Rutoken PinPad' > /dev/null + cpconfig -hardware media -configure RutokenPinpad -add hex atr 3B8B01527450494E5061642020329C + cpconfig -hardware media -configure RutokenPinpad -add hex mask ffffffffffffffffffffffffffffff + cpconfig -hardware media -configure RutokenPinpad -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800" + + #cpconfig -hardware reader -add "Aktiv Rutoken ECP 00 00" -name 'Rutoken ECP 0' + #cpconfig -hardware reader -add "Aktiv Rutoken ECP 01 00" -name 'Rutoken ECP 1' + #cpconfig -hardware reader -add "Aktiv Rutoken lite 00 00" -name 'Rutoken lite 0' + #cpconfig -hardware reader -add "Aktiv Rutoken lite 01 00" -name 'Rutoken lite 1' + #cpconfig -hardware reader -add "Aktiv Co. Rutoken S 00 00" -name 'Rutoken S 0' + #cpconfig -hardware reader -add "Aktiv Co. Rutoken S 01 00" -name 'Rutoken S 1' + #cpconfig -hardware reader -add "Aktiv Rutoken Magistra 00 00" -name 'Rutoken Magistra 0' + #cpconfig -hardware reader -add "Aktiv Rutoken Magistra 01 00" -name 'Rutoken Magistra 1' + + cpconfig -ini '\config\KeyCarriers\RutokenECPM' -add string DLL librdrrutoken.so + cpconfig -hardware media -add RutokenECPM -name 'Rutoken ECP 2151' > /dev/null + cpconfig -hardware media -configure RutokenECPM -add hex atr 3B18967275746F6B656E6D + cpconfig -hardware media -configure RutokenECPM -add hex mask ffffffffffffffffffffff + cpconfig -hardware media -configure RutokenECPM -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800" + cpconfig -hardware media -configure RutokenECPM -add long size_1 60 + cpconfig -hardware media -configure RutokenECPM -add long size_2 70 + cpconfig -hardware media -configure RutokenECPM -add long size_3 3072 + cpconfig -hardware media -configure RutokenECPM -add long size_4 60 + cpconfig -hardware media -configure RutokenECPM -add long size_5 70 + cpconfig -hardware media -configure RutokenECPM -add long size_6 300 + cpconfig -hardware media -configure RutokenECPM -add long size_7 8 + + cpconfig -ini '\config\KeyCarriers\RutokenECPMSC' -add string DLL librdrrutoken.so + cpconfig -hardware media -add RutokenECPMSC -name 'Rutoken ECP 2151 SC' > /dev/null + cpconfig -hardware media -configure RutokenECPMSC -add hex atr 3B1A967275746F6B656E6D7363 + cpconfig -hardware media -configure RutokenECPMSC -add hex mask ffffffffffffffffffffffffff + cpconfig -hardware media -configure RutokenECPMSC -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800" + cpconfig -hardware media -configure RutokenECPMSC -add long size_1 60 + cpconfig -hardware media -configure RutokenECPMSC -add long size_2 70 + cpconfig -hardware media -configure RutokenECPMSC -add long size_3 3072 + cpconfig -hardware media -configure RutokenECPMSC -add long size_4 60 + cpconfig -hardware media -configure RutokenECPMSC -add long size_5 70 + cpconfig -hardware media -configure RutokenECPMSC -add long size_6 300 + cpconfig -hardware media -configure RutokenECPMSC -add long size_7 8 + + cpconfig -ini '\config\KeyCarriers\RutokenNFC' -add string DLL librdrrutoken.so + cpconfig -hardware media -add RutokenNFC -name 'Rutoken NFC' > /dev/null + + cpconfig -hardware media -configure RutokenNFC -connect Default -add hex atr 3B9C968011405275746F6B656E4543507363C0 + cpconfig -hardware media -configure RutokenNFC -connect Default -add hex mask fffffefffffffffffffffffffffffffffffffe + cpconfig -hardware media -configure RutokenNFC -connect Default -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800" + cpconfig -hardware media -configure RutokenNFC -connect Default -add long size_1 60 + cpconfig -hardware media -configure RutokenNFC -connect Default -add long size_2 70 + cpconfig -hardware media -configure RutokenNFC -connect Default -add long size_3 3072 + cpconfig -hardware media -configure RutokenNFC -connect Default -add long size_4 60 + cpconfig -hardware media -configure RutokenNFC -connect Default -add long size_5 70 + cpconfig -hardware media -configure RutokenNFC -connect Default -add long size_6 300 + cpconfig -hardware media -configure RutokenNFC -connect Default -add long size_7 8 + + # cprocsp-rdr-cpfkc + cpconfig -ini '\config\apppath' -add string librdrcpfkc.so /opt/cprocsp/lib/amd64/librdrcpfkc.so + cpconfig -ini '\config\KeyCarriers\rutokenfkc' -add string DLL librdrcpfkc.so + cpconfig -ini '\config\KeyCarriers\rutokenfkc_nfc' -add string DLL librdrcpfkc.so + cpconfig -ini '\config\KeyCarriers\smartparkfkc' -add string DLL librdrcpfkc.so + cpconfig -hardware media -add rutokenfkc -name 'rutokenfkc' > /dev/null + cpconfig -hardware media -configure rutokenfkc -connect Default -add hex atr 3b8b015275746f6b656e20445320c1 + cpconfig -hardware media -configure rutokenfkc -connect Default -add hex mask ffffffffffffffffffffffffffffff + cpconfig -hardware media -configure rutokenfkc -connect Default -add string Name 'Rutoken FKC' + cpconfig -hardware media -add rutokenfkc_nfc -name 'rutokenfkc_nfc' > /dev/null + cpconfig -hardware media -configure rutokenfkc_nfc -connect Default -add hex atr 3B88800152745343778183206A + cpconfig -hardware media -configure rutokenfkc_nfc -connect Default -add hex mask ffffffffffffffffffffffffff + cpconfig -hardware media -configure rutokenfkc_nfc -connect Default -add string Name 'Rutoken FKC NFC' + cpconfig -hardware media -configure rutokenfkc_nfc -connect Contact -add hex atr 3B9C968011405275746F6B656E4543507363C0 + cpconfig -hardware media -configure rutokenfkc_nfc -connect Contact -add hex mask fffffefffffffffffffffffffffffffffffffe + cpconfig -hardware media -configure rutokenfkc_nfc -connect Contact -add string Name 'Rutoken FKC NFC' + cpconfig -hardware media -add smartparkfkc -name 'smartparkfkc' > /dev/null + cpconfig -hardware media -configure smartparkfkc -connect Default -add hex atr 00000000534D4152545041524B20464B43 + cpconfig -hardware media -configure smartparkfkc -connect Default -add hex mask 00000000ffffffffffffffffffffffffff + cpconfig -hardware media -configure smartparkfkc -connect Default -add string Name 'SmartPark FKC' + cpconfig -hardware media -configure smartparkfkc -connect Combi -add hex atr 3B9E00008031C0654D4700000272F7418107 + cpconfig -hardware media -configure smartparkfkc -connect Combi -add hex mask FFFF0000FFFFFFFFFFFF300002FFFFFFFFFF + cpconfig -hardware media -configure smartparkfkc -connect Combi -add string Name 'SmartPark FKC Combi' + + # cprocsp-rdr-cryptoki + cpconfig -ini '\config\apppath' -add string librdrcryptoki.so /opt/cprocsp/lib/amd64/librdrcryptoki.so + cpconfig -ini '\config\KeyDevices\cryptoki_rutoken' -add long Group 1 + cpconfig -ini '\config\KeyDevices\cryptoki_rutoken' -add string DLL librdrcryptoki.so + cpconfig -ini '\config\KeyDevices\cryptoki_rutoken\PNP cryptoki\Default' -add string pkcs11_dll librtpkcs11ecp.so + cpconfig -ini '\config\KeyDevices\cryptoki_esmart' -add long Group 1 + cpconfig -ini '\config\KeyDevices\cryptoki_esmart' -add string DLL librdrcryptoki.so + cpconfig -ini '\config\KeyDevices\cryptoki_esmart\PNP cryptoki\Default' -add string pkcs11_dll libisbc_pkcs11_main.so + cpconfig -ini '\config\KeyDevices\cryptoki_jacarta' -add long Group 1 + cpconfig -ini '\config\KeyDevices\cryptoki_jacarta' -add string DLL librdrcryptoki.so + cpconfig -ini '\config\KeyDevices\cryptoki_jacarta\PNP cryptoki\Default' -add string pkcs11_dll libjcPKCS11-2.so + cpconfig -ini '\config\debug' -add long cryptoki 1 + + # cprocsp-rdr-cloud-64 + cpconfig -ini '\config\apppath' -add string librdrcloud.so /opt/cprocsp/lib/amd64/librdrcloud.so + cpconfig -ini '\config\KeyDevices\Cloud' -add string DLL librdrcloud.so + cpconfig -ini '\config\KeyDevices\Cloud' -add string AuthApp /opt/cprocsp/sbin/amd64/oauthapp + cpconfig -hardware reader -add Cloud > /dev/null + cpconfig -ini '\config\debug' -add long cloud 1 + /sbin/ldconfig -f /etc/ld.so.conf + + # cprocsp-curl-64 + if test -f "/opt/cprocsp/sbin/amd64/cpconfig"; then + PATH=$PATH:/opt/cprocsp/sbin/amd64 + libcurl_so_backup=`cpconfig -ini '\config\apppath\libcurl.so' -view 2> /dev/null` + status="$?" + if test "${status}" -eq 0 ; then + cpconfig -ini '\config\apppath\backup' -add string libcurl.so "${libcurl_so_backup}" + fi + cpconfig -ini '\config\apppath' -add string libcurl.so /opt/cprocsp/lib/amd64/libcpcurl.so + query_status=`cpconfig -ini '\local\query_success' -view 2> /dev/null` + status="$?" + if test "${status}" -ne 0 || test "${query_status}" -ne "1"; then + cpinstance > /dev/null 2>&1 + fi + fi + /sbin/ldconfig -f /etc/ld.so.conf + + # cprocsp-pki-cades-64 /opt/cprocsp/bin/amd64/ocsputil license -s 0A202-U0030-00ECW-RRLMF-UU2WK /opt/cprocsp/bin/amd64/tsputil license -s TA200-G0030-00ECW-RRLNE-BTDVV cpconfig -ini '\config\apppath' -add string libcades.so /opt/cprocsp/lib/amd64/libcades.so.2 cpconfig -ini '\config\apppath' -add string libpkivalidator.so /opt/cprocsp/lib/amd64/libpkivalidator.so.2 cpconfig -ini '\config\apppath' -add string librevprov.so /opt/cprocsp/lib/amd64/librevprov.so.2 - cpconfig -ini '\config\policy\OIDs' -add string '{A4CC781E-04E9-425C-AAFD-1D74DA8DFAF6}' 'libpkivalidator.so OCSPSigningImpl' - cpconfig -ini '\config\policy\OIDs' -add string '{AF74EE92-A059-492F-9B4B-EAD239B22A1B}' 'libpkivalidator.so TimestampSigningImpl' - cpconfig -ini '\config\policy\OIDs' -add string '{B52FF66F-13A5-402C-B958-A3A6B5300FB6}' 'libpkivalidator.so SignatureImpl' + cpconfig -ini '\config\policy\OIDs' -add string '{A4CC781E-04E9-425C-AAFD-1D74DA8DFAF6}' 'libpkivalidator.so CertDllVerifyOCSPSigningCertificateChainPolicy' + cpconfig -ini '\config\policy\OIDs' -add string '{AF74EE92-A059-492F-9B4B-EAD239B22A1B}' 'libpkivalidator.so CertDllVerifyTimestampSigningCertificateChainPolicy' + cpconfig -ini '\config\policy\OIDs' -add string '{B52FF66F-13A5-402C-B958-A3A6B5300FB6}' 'libpkivalidator.so CertDllVerifySignatureCertificateChainPolicy' cpconfig -ini '\config\policy\OIDs' -add string '5' 'libpkivalidator.so BasicConstraintsImpl' - cpconfig -ini '\config\OID\EncodingType 1\CertDllVerifyRevocation\DEFAULT' -add string 'DLL' 'librevprov.so' + cpconfig -ini '\cryptography\OID\EncodingType 1\CertDllVerifyRevocation\DEFAULT' -add string 'DLL' 'librevprov.so' - # cprocsp-pki-2.0.0-amd64-plugin + # cprocsp-pki-plugin-64 cpconfig -ini '\config\apppath' -add string libnpcades.so /opt/cprocsp/lib/amd64/libnpcades.so.2 [ -d /usr/lib/mozilla/plugins ] && cp -rvf /opt/cprocsp/lib/amd64/libnpcades.so.2.0.0 /usr/lib/mozilla/plugins/libnpcades.so @@ -263,4 +609,10 @@ post_install() { fi done + echo "Enable pcscd daemon for smart card support (for example etoken or rutoken):" + echo systemctl enable --now pcscd } + +post_upgrade() { + post_install +}
\ No newline at end of file diff --git a/linux-amd64.tgz b/linux-amd64.tgz deleted file mode 100644 index e69de29bb2d1..000000000000 --- a/linux-amd64.tgz +++ /dev/null |