blob: 900d0aa4e50a804b6be37371970386737fd8edea (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
|
post_install() {
/sbin/ldconfig
PATH=$PATH:/opt/cprocsp/sbin/amd64
# lsb-cprocsp-rdr-64
cpconfig -ini '\config\apppath' -add string libcapi10.so /opt/cprocsp/lib/amd64/libcapi10.so
cpconfig -ini '\config\apppath' -add string librdrfat12.so /opt/cprocsp/lib/amd64/librdrfat12.so
cpconfig -ini '\config\apppath' -add string librdrdsrf.so /opt/cprocsp/lib/amd64/librdrdsrf.so
cpconfig -ini '\config\apppath' -add string libcpui.so /opt/cprocsp/lib/amd64/libcpui.so
cpconfig -ini '\config\apppath' -add string libcurl.so /usr/lib/libcurl.so
cpconfig -ini '\config\apppath' -add string mount_flash.sh /opt/cprocsp/sbin/amd64/mount_flash.sh
cpconfig -ini '\config\KeyDevices\FLASH' -add string DLL librdrfat12.so
cpconfig -ini '\config\KeyDevices\FLASH' -add string Script mount_flash.sh
cpconfig -ini '\config\KeyDevices\FLASH' -add long Group 1
cpconfig -ini '\config\KeyDevices\FLASH\PNP FLASH\Default' -add string Name 'All FLASH readers'
cpconfig -ini '\config\KeyDevices\FLASH\PNP FLASH\Default\Name' -delparam
#TODO: пока cpconfig не умеет регистрировать считыватель, если он групповой. команда снизу не работает, хотя должна.
#cpconfig -hardware reader -add FLASH -name FLASH
cpconfig -hardware rndm -add CPSD -name 'CPSD RNG' -level 3 > /dev/null
cpconfig -ini '\config\Random\CPSD\Default' -add string '/db1/kis_1' /var/opt/cprocsp/dsrf/db1/kis_1
cpconfig -ini '\config\Random\CPSD\Default' -add string '/db2/kis_1' /var/opt/cprocsp/dsrf/db2/kis_1
cpconfig -license -view > /dev/null 2> /dev/null
test $? = 0 || cpconfig -license -set 5050U-C0037-EKP59-NAXWV-WMCWE
# lsb-cprocsp-kc1-64
cpconfig -ini '\config\apppath' -add string librdrrndmbio_tui.so /opt/cprocsp/lib/amd64/librdrrndmbio_tui.so
cpconfig -ini '\config\apppath' -add string libcsp.so /opt/cprocsp/lib/amd64/libcsp.so
cpconfig -ini '\config\Random\Bio_tui' -add string DLL librdrrndmbio_tui.so
cpconfig -hardware reader -add hdimage -name 'HDD key storage' > /dev/null
cpconfig -hardware rndm -add bio_tui -name 'Text bio random' -level 5 > /dev/null
cpconfig -defprov -setdef -provtype 75 -provname 'Crypto-Pro GOST R 34.10-2001 KC1 CSP'
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2001 KC1 CSP' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2001 KC1 CSP' -add string 'Function Table Name' CPCSP_GetFunctionTable
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2001 KC1 CSP' -add long Type 75
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2001 Cryptographic Service Provider' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2001 Cryptographic Service Provider' -add string 'Function Table Name' CPCSP_GetFunctionTable
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2001 Cryptographic Service Provider' -add long Type 75
cpconfig -defprov -setdef -provtype 80 -provname 'Crypto-Pro GOST R 34.10-2012 KC1 CSP'
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 KC1 CSP' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 KC1 CSP' -add string 'Function Table Name' CPCSP_GetFunctionTable
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 KC1 CSP' -add long Type 80
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 Cryptographic Service Provider' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 Cryptographic Service Provider' -add string 'Function Table Name' CPCSP_GetFunctionTable
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 Cryptographic Service Provider' -add long Type 80
cpconfig -defprov -setdef -provtype 81 -provname 'Crypto-Pro GOST R 34.10-2012 KC1 Strong CSP'
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 KC1 Strong CSP' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 KC1 Strong CSP' -add string 'Function Table Name' CPCSP_GetFunctionTable
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 KC1 Strong CSP' -add long Type 81
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 Strong Cryptographic Service Provider' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 Strong Cryptographic Service Provider' -add string 'Function Table Name' CPCSP_GetFunctionTable
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro GOST R 34.10-2012 Strong Cryptographic Service Provider' -add long Type 81
cpconfig -defprov -setdef -provtype 1 -provname 'Crypto-Pro RSA Cryptographic Service Provider'
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro RSA Cryptographic Service Provider' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro RSA Cryptographic Service Provider' -add string 'Function Table Name' CPCSP_GetFunctionTable
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro RSA Cryptographic Service Provider' -add long Type 1
cpconfig -ini '\config\parameters\Crypto-Pro RSA Cryptographic Service Provider' -add long KeyTimeValidityControlMode 128
cpconfig -defprov -setdef -provtype 16 -provname 'Crypto-Pro ECDSA and AES CSP'
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro ECDSA and AES CSP' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro ECDSA and AES CSP' -add string 'Function Table Name' CPCSP_GetFunctionTable
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro ECDSA and AES CSP' -add long Type 16
cpconfig -ini '\config\parameters\Crypto-Pro ECDSA and AES CSP' -add long KeyTimeValidityControlMode 128
cpconfig -defprov -setdef -provtype 24 -provname 'Crypto-Pro Enhanced RSA and AES CSP'
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro Enhanced RSA and AES CSP' -add string 'Image Path' /opt/cprocsp/lib/amd64/libcsp.so
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro Enhanced RSA and AES CSP' -add string 'Function Table Name' CPCSP_GetFunctionTable
cpconfig -ini '\cryptography\Defaults\Provider\Crypto-Pro Enhanced RSA and AES CSP' -add long Type 24
cpconfig -ini '\config\parameters\Crypto-Pro Enhanced RSA and AES CSP' -add long KeyTimeValidityControlMode 128
cpconfig -ini '\cryptography\Defaults\Provider Types\Type 075' -add string 'TypeName' "GOST R 34.10-2001 Signature with Diffie-Hellman Key Exchange"
cpconfig -ini '\cryptography\Defaults\Provider Types\Type 080' -add string 'TypeName' "GOST R 34.10-2012 (256) Signature with Diffie-Hellman Key Exchange"
cpconfig -ini '\cryptography\Defaults\Provider Types\Type 081' -add string 'TypeName' "GOST R 34.10-2012 (512) Signature with Diffie-Hellman Key Exchange"
cpconfig -ini '\cryptography\Defaults\Provider Types\Type 001' -add string 'TypeName' "RSA Full (Signature and Key Exchange)"
cpconfig -ini '\cryptography\Defaults\Provider Types\Type 016' -add string 'TypeName' "ECDSA Full and AES"
cpconfig -ini '\cryptography\Defaults\Provider Types\Type 024' -add string 'TypeName' "RSA Full and AES"
# lsb-cprocsp-capilite-64
cpconfig -ini '\config\apppath' -add string libssp.so /opt/cprocsp/lib/amd64/libssp.so
cpconfig -ini '\config\apppath' -add string libcapi20.so /opt/cprocsp/lib/amd64/libcapi20.so
# create several local machine stores if they don't exist
/opt/cprocsp/bin/amd64/certmgr -list -crl -store mMy > /dev/null 2>&1
/opt/cprocsp/bin/amd64/certmgr -list -crl -store mCryptoProTrustedStore > /dev/null 2>&1
/opt/cprocsp/bin/amd64/csptest -keyset -verifycontext > /dev/null 2>&1
if test $? -eq 0; then
# create several local machine stores if they don't exist
/opt/cprocsp/bin/amd64/certmgr -list -crl -store mMy > /dev/null 2>&1
/opt/cprocsp/bin/amd64/certmgr -list -crl -store mCryptoProTrustedStore > /dev/null 2>&1
# update all stores to Windows-compatible format. we don't want to silence
# stderr because user should be notified about errors
find '/var/opt/cprocsp/users/' -name '*.sto' -type f \
-exec /opt/cprocsp/bin/amd64/certmgr -updatestore -crl -file {} \; > /dev/null
find '/var/opt/cprocsp/users/' -name '*.sto' -type f \
-exec /opt/cprocsp/bin/amd64/certmgr -updatestore -cert -file {} \; > /dev/null
else
printf "Warning: functioning provider is required.\n"
printf "Will not configure/upgrade certificate stores.\n"
printf "Setup CryptoPro CSP and reinstall.\n"
fi
# lsb-cprocsp-ca-certs
/opt/cprocsp/bin/amd64/csptest -keyset -verifycontext > /dev/null 2>&1
if test $? -eq 0; then
ls -d /var/opt/cprocsp/tmpcerts/root/* \
| xargs -n 1 /opt/cprocsp/bin/amd64/certmgr -install -store mroot -file 1>/dev/null \
|| printf "Failed to install root certificates!\n"
ls -d /var/opt/cprocsp/tmpcerts/ca/* \
| xargs -n 1 /opt/cprocsp/bin/amd64/certmgr -install -store mca -file 1>/dev/null \
|| printf "Failed to install intermediate certificates!\n"
else
printf "Warning: functioning provider is required.\n"
printf "Will not configure/upgrade certificate stores.\n"
printf "Setup CryptoPro CSP and reinstall.\n"
fi
# cprocsp-rdr-gui-gtk-64
cpconfig -ini '\config\apppath' -add string librdrrndmbio_gui_fgtk.so /opt/cprocsp/lib/amd64/librdrrndmbio_gui_fgtk.so
cpconfig -ini '\config\apppath' -add string libxcpui.so /opt/cprocsp/lib/amd64/libfgcpui.so
cpconfig -ini '\config\apppath' -add string xcpui_app /opt/cprocsp/sbin/amd64/xcpui_app
cpconfig -ini '\config\Random\Bio_gui' -add string DLL librdrrndmbio_gui_fgtk.so
cpconfig -hardware rndm -add bio_gui -name 'rndm GUI gtk+2.0' -level 4 >/dev/null 2>/dev/null
# cprocsp-rdr-pcsc-64
cpconfig -ini '\config\parameters' -add long dynamic_readers 1
cpconfig -ini '\config\parameters' -add long dynamic_rdr_refresh_ms 1500
if test -z '#' ; then
cpconfig -ini '\config\apppath' -add string libpcsclite.so /System/Library/Frameworks/PCSC.framework/PCSC
else
check_libpcsclite_compatibility() {
command -v file > /dev/null 2>&1 || return 0
is64arch=0
is64arch=1
is64lib=0
if test -z '' ; then
file -L "${libpcsclite}" | grep '64-bit' > /dev/null 2>&1
else
file "${libpcsclite}" | grep '64-bit' > /dev/null 2>&1
fi
test "$?" -eq 0 && is64lib=1
test "${is64arch}" -eq "${is64lib}" && return 0
return 1
}
search_dirs=`echo /lib* /usr/lib* /usr/local/lib* /opt/CPcvpn-*/lib* /opt/sfw/lib* | xargs -n1 | grep -v '*' | xargs`
ld_cmd="ldconfig -p ; find ${search_dirs} -name \*libpcsclite\*"
#ld_cmd='ldconfig -r'
#ld_cmd="find ${search_dirs} -name \*libpcsclite\*"
libpcsclite_checked='manually_set_path_to_libpcsclite.so'
for libpcsclite in `eval "${ld_cmd}" | grep '/libpcsclite.*so' | awk '{print $NF}' | xargs` ; do
if check_libpcsclite_compatibility ; then
libpcsclite_checked="${libpcsclite}"
break
fi
done
cpconfig -ini '\config\apppath' -add string libpcsclite.so "${libpcsclite_checked}"
fi
cpconfig -ini '\config\apppath' -add string libpcsclite.so libpcsclite.so.1
cpconfig -ini '\config\apppath' -add string librdrpcsc.so /opt/cprocsp/lib/amd64/librdrpcsc.so
cpconfig -ini '\config\apppath' -add string librdrric.so /opt/cprocsp/lib/amd64/librdrric.so
cpconfig -ini '\config\KeyDevices\PCSC' -add string DLL librdrpcsc.so
cpconfig -ini '\config\KeyDevices\PCSC' -add long Group 1
cpconfig -ini '\config\KeyDevices\PCSC\PNP PCSC\Default' -add string Name 'All PC/SC readers'
cpconfig -ini '\config\KeyDevices\PCSC\PNP PCSC\Default\Name' -delparam
cpconfig -ini '\config\KeyCarriers\OSCAR' -add string DLL librdrric.so
cpconfig -ini '\config\KeyCarriers\OSCAR2' -add string DLL librdrric.so
cpconfig -ini '\config\KeyCarriers\TRUST' -add string DLL librdrric.so
cpconfig -ini '\config\KeyCarriers\TRUSTS' -add string DLL librdrric.so
cpconfig -ini '\config\KeyCarriers\TRUSTD' -add string DLL librdrric.so
cpconfig -hardware media -add oscar -name 'Oscar' > /dev/null
cpconfig -hardware media -configure oscar -add hex atr 0000000000000043525950544f5052
cpconfig -hardware media -configure oscar -add hex mask 00000000000000ffffffffffffffff
cpconfig -hardware media -configure oscar -add string folders 0B00
cpconfig -hardware media -add oscar2 -name 'Oscar CSP 2.0' > /dev/null
cpconfig -hardware media -configure oscar2 -add hex atr 000000000000004350435350010102
cpconfig -hardware media -configure oscar2 -add hex mask 00000000000000ffffffffffffffff
cpconfig -hardware media -configure oscar2 -add string folders 0B00
cpconfig -hardware media -configure oscar2 -add long size_1 60
cpconfig -hardware media -configure oscar2 -add long size_2 70
cpconfig -hardware media -configure oscar2 -add long size_4 60
cpconfig -hardware media -configure oscar2 -add long size_5 70
cpconfig -hardware media -configure oscar2 -add long size_6 62
cpconfig -hardware media -add oscar2 -connect KChannel -name 'Channel K' > /dev/null
cpconfig -hardware media -configure oscar2 -connect KChannel -add hex atr 000000000000004350435350010101
cpconfig -hardware media -configure oscar2 -connect KChannel -add hex mask 00000000000000ffffffffffffffff
cpconfig -hardware media -configure oscar2 -connect KChannel -add string folders 0B00
cpconfig -hardware media -configure oscar2 -connect KChannel -add long size_1 56
cpconfig -hardware media -configure oscar2 -connect KChannel -add long size_2 36
cpconfig -hardware media -configure oscar2 -connect KChannel -add long size_4 56
cpconfig -hardware media -configure oscar2 -connect KChannel -add long size_5 36
cpconfig -hardware media -configure oscar2 -connect KChannel -add long size_6 62
cpconfig -hardware media -add TRUST -name 'Foros (Magistra)' > /dev/null
cpconfig -hardware media -configure TRUST -add hex atr 3b9e00008031c0654d4700000072f7418107
cpconfig -hardware media -configure TRUST -add hex mask ffff0000ffffffffffff300000ffffffffff
cpconfig -hardware media -configure TRUST -add string folders "A\\B\\C\\D\\E\\F\\G\\H"
cpconfig -hardware media -add TRUSTS -name 'Foros SocCard' > /dev/null
cpconfig -hardware media -configure TRUSTS -add hex atr 3b9a00008031c0610072f7418107
cpconfig -hardware media -configure TRUSTS -add hex mask ffff0000ffffffff30ffffffffff
cpconfig -hardware media -configure TRUSTS -add string folders "A\\B\\C\\D"
cpconfig -hardware media -add TRUSTD -name 'Foros Debug' > /dev/null
cpconfig -hardware media -configure TRUSTD -add hex atr 3b9800008031c072f7418107
cpconfig -hardware media -configure TRUSTD -add hex mask ffff0000ffffffffffffffff
cpconfig -hardware media -configure TRUSTD -add string folders "A\\B\\C\\D\\E\\F\\G\\H"
not_solaris=1
if test ! -z "$not_solaris"; then
search_dirs=''
for d in `echo /usr/lib*/pcsc /usr/local/lib*/pcsc /usr/libexec/SmartCardServices/*`; do
if echo $d|grep -v '*'; then
search_dirs="$d $search_dirs";
fi;
done
if test ! -z "$search_dirs"; then
folder=`find -L $search_dirs -name "*ccid.bundle"`
if test ! -z "$folder"; then
pList_files=`find -L $folder -name "Info.plist"`
if test ! -z "$pList_files"; then
for pList in $pList_files; do
ccid_reg.sh -add $pList 0x072F 0x90CC "ACS ACR 38U-CCID - CP"
ccid_reg.sh -add $pList 0x072F 0x1204 "ACS ACR101 ICC Reader - CP"
ccid_reg.sh -add $pList 0x072F 0x8201 "ACS APG8201 PINhandy 1 - CP"
ccid_reg.sh -add $pList 0x072F 0x8202 "ACS APG8201 USB Reader - CP"
ccid_reg.sh -add $pList 0x072F 0x90DB "ACS CryptoMate64 - CP"
ccid_reg.sh -add $pList 0x0483 0xACD1 "Ancud Crypton SCR/RNG - CP"
ccid_reg.sh -add $pList 0x0A89 0x0025 "Aktiv Rutoken lite - CP"
ccid_reg.sh -add $pList 0x0A89 0x0030 "Aktiv Rutoken ECP - CP"
ccid_reg.sh -add $pList 0x0A89 0x0080 "Aktiv PINPad Ex - CP"
ccid_reg.sh -add $pList 0x0A89 0x0081 "Aktiv PINPad In - CP"
ccid_reg.sh -add $pList 0x0A89 0x0060 "Aktiv Co., ProgramPark Rutoken Magistra - CP"
ccid_reg.sh -add $pList 0x072f 0x90de "ACS Token - CP"
ccid_reg.sh -add $pList 0x24dc 0x0102 "ARDS ZAO JaCarta LT - CP"
ccid_reg.sh -add $pList 0x2fb0 0x0002 "Infocrypt Token++ - CP"
ccid_reg.sh -add $pList 0x2fb0 0x0004 "Infocrypt Token++ - CP"
ccid_reg.sh -add $pList 0x2fb0 0x0006 "Infocrypt Token++ lite - CP"
ccid_reg.sh -add $pList 0x2fb0 0x0008 "Infocrypt Token++ lite - CP"
ccid_reg.sh -add $pList 0x2fb0 0x003a "Infocrypt Token++ lite - CP"
ccid_reg.sh -add $pList 0x2022 0x078a "Infocrypt HWDSSL DEVICE - CP"
ccid_reg.sh -add $pList 0x2022 0x016c "Infocrypt HWDSSL DEVICE - CP"
ccid_reg.sh -add $pList 0x2022 0x0172 "Infocrypt HWDSSL DEVICE - CP"
ccid_reg.sh -add $pList 0x2022 0x0226 "Infocrypt HWDSSL DEVICE - CP"
ccid_reg.sh -add $pList 0x2fb0 0x078a "Infocrypt HWDSSL DEVICE - CP"
ccid_reg.sh -add $pList 0x2fb0 0x016c "Infocrypt HWDSSL DEVICE - CP"
ccid_reg.sh -add $pList 0x2fb0 0x0172 "Infocrypt HWDSSL DEVICE - CP"
ccid_reg.sh -add $pList 0x2fb0 0x0226 "Infocrypt HWDSSL DEVICE - CP"
ccid_reg.sh -add $pList 0x2a0c 0x0001 "MultiSoft ltd. SCR2 - CP"
ccid_reg.sh -add $pList 0x23a0 0x0008 "BIFIT ANGARA - CP"
ccid_reg.sh -add $pList 0x1fc9 0x7479 "ISBC ESMART reader - CP"
ccid_reg.sh -add $pList 0x2ce4 0x7479 "ESMART Token - CP"
ccid_reg.sh -add $pList 0x04d8 0x003f "zis-group PRIVATE Security System Key - CP"
done
fi
fi
fi
fi
# cprocsp-rdr-jacarta-64
cpconfig -ini '\config\apppath' -add string librdrjacarta.so.5.0.0 /opt/cprocsp/lib/amd64/librdrjacarta.so.5.0.0
cpconfig -ini '\config\KeyCarriers\eToken_PRO16' -add string DLL librdrjacarta.so.5.0.0
cpconfig -ini '\config\KeyCarriers\eToken_PRO32' -add string DLL librdrjacarta.so.5.0.0
cpconfig -ini '\config\KeyCarriers\eToken_PRO_M420' -add string DLL librdrjacarta.so.5.0.0
cpconfig -ini '\config\KeyCarriers\eToken_PRO_M420B' -add string DLL librdrjacarta.so.5.0.0
cpconfig -ini '\config\KeyCarriers\eToken_JAVA_10' -add string DLL librdrjacarta.so.5.0.0
cpconfig -ini '\config\KeyCarriers\eToken_JAVA_10B' -add string DLL librdrjacarta.so.5.0.0
cpconfig -ini '\config\KeyCarriers\JaCarta' -add string DLL librdrjacarta.so.5.0.0
cpconfig -ini '\config\KeyCarriers\JaCarta_LT' -add string DLL librdrjacarta.so.5.0.0
cpconfig -hardware media -add eToken_PRO16 -name 'Aladdin R.D. eToken Pro 16K' > /dev/null
cpconfig -hardware media -configure eToken_PRO16 -add hex atr 3be200ffc11031fe55c8029c
cpconfig -hardware media -configure eToken_PRO16 -add hex mask ffffffffffffffffffffffff
cpconfig -hardware media -configure eToken_PRO16 -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09"
cpconfig -hardware media -add eToken_PRO32 -name 'Aladdin R.D. eToken Pro 32K' > /dev/null
cpconfig -hardware media -configure eToken_PRO32 -add hex atr 3bf29800ffc11031fe55c80315
cpconfig -hardware media -configure eToken_PRO32 -add hex mask ffffffffffffffffffffffffff
cpconfig -hardware media -configure eToken_PRO32 -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09"
cpconfig -hardware media -add eToken_PRO_M420 -name 'Aladdin R.D. eToken Pro M420' > /dev/null
cpconfig -hardware media -configure eToken_PRO_M420 -add hex atr 3bf2180000c10a31fe55c80600
cpconfig -hardware media -configure eToken_PRO_M420 -add hex mask ffffffff00ffffffffffffff00
cpconfig -hardware media -configure eToken_PRO_M420 -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09"
cpconfig -hardware media -add eToken_PRO_M420B -name 'Aladdin R.D. eToken Pro M420b' > /dev/null
cpconfig -hardware media -configure eToken_PRO_M420B -add hex atr 3bf2180002c10a31fe58c80975
cpconfig -hardware media -configure eToken_PRO_M420B -add hex mask ffffffffffffffffffffffffff
cpconfig -hardware media -configure eToken_PRO_M420B -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09"
cpconfig -hardware media -add eToken_JAVA_10 -name 'Aladdin R.D. eToken Java v1.0' > /dev/null
cpconfig -hardware media -configure eToken_JAVA_10 -add hex atr 3bd518008131fe7d8073c82110f4
cpconfig -hardware media -configure eToken_JAVA_10 -add hex mask ffffffffffffffffffffffffffff
cpconfig -hardware media -configure eToken_JAVA_10 -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09"
cpconfig -hardware media -add eToken_JAVA_10B -name 'Aladdin R.D. eToken Java v1.0b' > /dev/null
cpconfig -hardware media -configure eToken_JAVA_10B -add hex atr 3bd5180081313a7d8073c8211030
cpconfig -hardware media -configure eToken_JAVA_10B -add hex mask ffffffffffffffffffffffffffff
cpconfig -hardware media -configure eToken_JAVA_10B -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09"
cpconfig -hardware media -add JaCarta -name 'Aladdin R.D. JaCarta' > /dev/null
cpconfig -hardware media -configure JaCarta -add hex atr 3bdc18ff8191fe1fc38073c821136601061159000128
cpconfig -hardware media -configure JaCarta -add hex mask ffffffffffffffffffffffffffffffffffffffffffff
cpconfig -hardware media -configure JaCarta -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09"
cpconfig -hardware media -add JaCarta_LT -name 'Aladdin R.D. JaCarta LT' > /dev/null
cpconfig -hardware media -configure JaCarta_LT -add hex atr 3bdc18ff8111fe8073c82113660106013080018d
cpconfig -hardware media -configure JaCarta_LT -add hex mask ffffffffffffffffffffffffffffffffffffffff
cpconfig -hardware media -configure JaCarta_LT -add string folders "CC00\\CC01\\CC02\\CC03\\CC04\\CC05\\CC06\\CC07\\CC08\\CC09"
bash /opt/cprocsp/tmp/PLIST-csp/Linux/update_all_plists.sh >/dev/null 2>&1
# cprocsp-rdr-rutoken-64
cpconfig -ini '\config\apppath' -add string librdrrutoken.so /opt/cprocsp/lib/amd64/librdrrutoken.so
cpconfig -ini '\config\KeyCarriers\RutokenECP' -add string DLL librdrrutoken.so
cpconfig -hardware media -add RutokenECP -name 'Rutoken ECP' > /dev/null
cpconfig -hardware media -configure RutokenECP -add hex atr 3b8b015275746f6b656e20445320c1
cpconfig -hardware media -configure RutokenECP -add hex mask ffffffffffffffffffffffffffffff
cpconfig -hardware media -configure RutokenECP -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800"
cpconfig -hardware media -configure RutokenECP -add long size_1 60
cpconfig -hardware media -configure RutokenECP -add long size_2 70
cpconfig -hardware media -configure RutokenECP -add long size_3 8
cpconfig -hardware media -configure RutokenECP -add long size_4 60
cpconfig -hardware media -configure RutokenECP -add long size_5 70
cpconfig -hardware media -configure RutokenECP -add long size_6 300
cpconfig -hardware media -configure RutokenECP -add long size_7 8
cpconfig -ini '\config\KeyCarriers\RutokenFkcOld' -add string DLL librdrrutoken.so
cpconfig -hardware media -add RutokenFkcOld -name 'CryptoPro Rutoken' > /dev/null
cpconfig -hardware media -configure RutokenFkcOld -add hex atr 3b8b015275746f6b656e20454350a0
cpconfig -hardware media -configure RutokenFkcOld -add hex mask ffffffffffffffffffffffffffffff
cpconfig -hardware media -configure RutokenFkcOld -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800"
cpconfig -hardware media -configure RutokenFkcOld -add long size_1 60
cpconfig -hardware media -configure RutokenFkcOld -add long size_2 70
cpconfig -hardware media -configure RutokenFkcOld -add long size_3 8
cpconfig -hardware media -configure RutokenFkcOld -add long size_4 60
cpconfig -hardware media -configure RutokenFkcOld -add long size_5 70
cpconfig -hardware media -configure RutokenFkcOld -add long size_6 300
cpconfig -hardware media -configure RutokenFkcOld -add long size_7 8
cpconfig -ini '\config\KeyCarriers\RutokenECPSC' -add string DLL librdrrutoken.so
cpconfig -hardware media -add RutokenECPSC -name 'Rutoken ECP SC' > /dev/null
cpconfig -hardware media -configure RutokenECPSC -add hex atr 3b9c96005275746f6b656e4543507363
cpconfig -hardware media -configure RutokenECPSC -add hex mask ffffffffffffffffffffffffffffffff
cpconfig -hardware media -configure RutokenECPSC -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800"
cpconfig -hardware media -configure RutokenECPSC -add long size_1 60
cpconfig -hardware media -configure RutokenECPSC -add long size_2 70
cpconfig -hardware media -configure RutokenECPSC -add long size_3 8
cpconfig -hardware media -configure RutokenECPSC -add long size_4 60
cpconfig -hardware media -configure RutokenECPSC -add long size_5 70
cpconfig -hardware media -configure RutokenECPSC -add long size_6 300
cpconfig -hardware media -configure RutokenECPSC -add long size_7 8
cpconfig -ini '\config\KeyCarriers\RutokenLiteSC2' -add string DLL librdrrutoken.so
cpconfig -hardware media -add RutokenLiteSC2 -name 'Rutoken Lite SC' > /dev/null
cpconfig -hardware media -configure RutokenLiteSC2 -add hex atr 3b9e96005275746f6b656e4c697465534332
cpconfig -hardware media -configure RutokenLiteSC2 -add hex mask ffffffffffffffffffffffffffffffffffff
cpconfig -hardware media -configure RutokenLiteSC2 -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800"
cpconfig -hardware media -configure RutokenLiteSC2 -add long size_1 60
cpconfig -hardware media -configure RutokenLiteSC2 -add long size_2 70
cpconfig -hardware media -configure RutokenLiteSC2 -add long size_3 8
cpconfig -hardware media -configure RutokenLiteSC2 -add long size_4 60
cpconfig -hardware media -configure RutokenLiteSC2 -add long size_5 70
cpconfig -hardware media -configure RutokenLiteSC2 -add long size_6 300
cpconfig -hardware media -configure RutokenLiteSC2 -add long size_7 8
cpconfig -ini '\config\KeyCarriers\RutokenLite' -add string DLL librdrrutoken.so
cpconfig -hardware media -add RutokenLite -name 'Rutoken lite' > /dev/null
cpconfig -hardware media -configure RutokenLite -add hex atr 3b8b015275746f6b656e6c697465c2
cpconfig -hardware media -configure RutokenLite -add hex mask ffffffffffffffffffffffffffffff
cpconfig -hardware media -configure RutokenLite -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800"
cpconfig -hardware media -configure RutokenLite -add long size_1 60
cpconfig -hardware media -configure RutokenLite -add long size_2 70
cpconfig -hardware media -configure RutokenLite -add long size_3 8
cpconfig -hardware media -configure RutokenLite -add long size_4 60
cpconfig -hardware media -configure RutokenLite -add long size_5 70
cpconfig -hardware media -configure RutokenLite -add long size_6 300
cpconfig -hardware media -configure RutokenLite -add long size_7 8
cpconfig -ini '\config\KeyCarriers\Rutoken' -add string DLL librdrrutoken.so
cpconfig -hardware media -add Rutoken -name 'Rutoken S' > /dev/null
cpconfig -hardware media -configure Rutoken -add hex atr 3b6f00ff00567275546f6b6e73302000009000
cpconfig -hardware media -configure Rutoken -add hex mask ffffffffffffffffffffffffffffffffffffff
cpconfig -hardware media -configure Rutoken -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000"
cpconfig -hardware media -configure Rutoken -add long size_1 60
cpconfig -hardware media -configure Rutoken -add long size_2 70
cpconfig -hardware media -configure Rutoken -add long size_3 8
cpconfig -hardware media -configure Rutoken -add long size_4 60
cpconfig -hardware media -configure Rutoken -add long size_5 70
cpconfig -hardware media -configure Rutoken -add long size_6 300
cpconfig -hardware media -configure Rutoken -add long size_7 8
cpconfig -ini '\config\KeyCarriers\RutokenPinpad' -add string DLL librdrrutoken.so
cpconfig -hardware media -add RutokenPinpad -name 'Rutoken PinPad' > /dev/null
cpconfig -hardware media -configure RutokenPinpad -add hex atr 3B8B01527450494E5061642020329C
cpconfig -hardware media -configure RutokenPinpad -add hex mask ffffffffffffffffffffffffffffff
cpconfig -hardware media -configure RutokenPinpad -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800"
#cpconfig -hardware reader -add "Aktiv Rutoken ECP 00 00" -name 'Rutoken ECP 0'
#cpconfig -hardware reader -add "Aktiv Rutoken ECP 01 00" -name 'Rutoken ECP 1'
#cpconfig -hardware reader -add "Aktiv Rutoken lite 00 00" -name 'Rutoken lite 0'
#cpconfig -hardware reader -add "Aktiv Rutoken lite 01 00" -name 'Rutoken lite 1'
#cpconfig -hardware reader -add "Aktiv Co. Rutoken S 00 00" -name 'Rutoken S 0'
#cpconfig -hardware reader -add "Aktiv Co. Rutoken S 01 00" -name 'Rutoken S 1'
#cpconfig -hardware reader -add "Aktiv Rutoken Magistra 00 00" -name 'Rutoken Magistra 0'
#cpconfig -hardware reader -add "Aktiv Rutoken Magistra 01 00" -name 'Rutoken Magistra 1'
cpconfig -ini '\config\KeyCarriers\RutokenECPM' -add string DLL librdrrutoken.so
cpconfig -hardware media -add RutokenECPM -name 'Rutoken ECP 2151' > /dev/null
cpconfig -hardware media -configure RutokenECPM -add hex atr 3B18967275746F6B656E6D
cpconfig -hardware media -configure RutokenECPM -add hex mask ffffffffffffffffffffff
cpconfig -hardware media -configure RutokenECPM -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800"
cpconfig -hardware media -configure RutokenECPM -add long size_1 60
cpconfig -hardware media -configure RutokenECPM -add long size_2 70
cpconfig -hardware media -configure RutokenECPM -add long size_3 3072
cpconfig -hardware media -configure RutokenECPM -add long size_4 60
cpconfig -hardware media -configure RutokenECPM -add long size_5 70
cpconfig -hardware media -configure RutokenECPM -add long size_6 300
cpconfig -hardware media -configure RutokenECPM -add long size_7 8
cpconfig -ini '\config\KeyCarriers\RutokenECPMSC' -add string DLL librdrrutoken.so
cpconfig -hardware media -add RutokenECPMSC -name 'Rutoken ECP 2151 SC' > /dev/null
cpconfig -hardware media -configure RutokenECPMSC -add hex atr 3B1A967275746F6B656E6D7363
cpconfig -hardware media -configure RutokenECPMSC -add hex mask ffffffffffffffffffffffffff
cpconfig -hardware media -configure RutokenECPMSC -add string folders "0A00\\0B00\\0C00\\0D00\\0E00\\0F00\\1000\\1100\\1200\\1300\\1400\\1500\\1600\\1700\\1800"
cpconfig -hardware media -configure RutokenECPMSC -add long size_1 60
cpconfig -hardware media -configure RutokenECPMSC -add long size_2 70
cpconfig -hardware media -configure RutokenECPMSC -add long size_3 3072
cpconfig -hardware media -configure RutokenECPMSC -add long size_4 60
cpconfig -hardware media -configure RutokenECPMSC -add long size_5 70
cpconfig -hardware media -configure RutokenECPMSC -add long size_6 300
cpconfig -hardware media -configure RutokenECPMSC -add long size_7 8
# cprocsp-pki-cades-64
/opt/cprocsp/bin/amd64/ocsputil license -s 0A202-U0030-00ECW-RRLMF-UU2WK
/opt/cprocsp/bin/amd64/tsputil license -s TA200-G0030-00ECW-RRLNE-BTDVV
cpconfig -ini '\config\apppath' -add string libcades.so /opt/cprocsp/lib/amd64/libcades.so.2
cpconfig -ini '\config\apppath' -add string libpkivalidator.so /opt/cprocsp/lib/amd64/libpkivalidator.so.2
cpconfig -ini '\config\apppath' -add string librevprov.so /opt/cprocsp/lib/amd64/librevprov.so.2
cpconfig -ini '\config\policy\OIDs' -add string '{A4CC781E-04E9-425C-AAFD-1D74DA8DFAF6}' 'libpkivalidator.so OCSPSigningImpl'
cpconfig -ini '\config\policy\OIDs' -add string '{AF74EE92-A059-492F-9B4B-EAD239B22A1B}' 'libpkivalidator.so TimestampSigningImpl'
cpconfig -ini '\config\policy\OIDs' -add string '{B52FF66F-13A5-402C-B958-A3A6B5300FB6}' 'libpkivalidator.so SignatureImpl'
cpconfig -ini '\config\policy\OIDs' -add string '5' 'libpkivalidator.so BasicConstraintsImpl'
cpconfig -ini '\config\OID\EncodingType 1\CertDllVerifyRevocation\DEFAULT' -add string 'DLL' 'librevprov.so'
# cprocsp-pki-plugin-64
cpconfig -ini '\config\apppath' -add string libnpcades.so /opt/cprocsp/lib/amd64/libnpcades.so.2
[ -d /usr/lib/mozilla/plugins ] && cp -rvf /opt/cprocsp/lib/amd64/libnpcades.so.2.0.0 /usr/lib/mozilla/plugins/libnpcades.so
[ -d /usr/lib64/mozilla/plugins ] && cp -rvf /opt/cprocsp/lib/amd64/libnpcades.so.2.0.0 /usr/lib64/mozilla/plugins/libnpcades.so
[ -d /usr/lib/browser-plugins ] && cp -rvf /opt/cprocsp/lib/amd64/libnpcades.so.2.0.0 /usr/lib/browser-plugins/libnpcades.so
[ -d /usr/lib64/browser-plugins ] && cp -rvf /opt/cprocsp/lib/amd64/libnpcades.so.2.0.0 /usr/lib64/browser-plugins/libnpcades.so
#if we have clean CSP install, users will not have my.sto. Plugin can open only existed stores. Create empty stores for all users with id above 1000
USERNAMES=( `cat /etc/passwd | cut -d ":" -f 1` )
USERIDS=( `cat /etc/passwd | cut -d ":" -f 3` )
USERGROUPS=( `cat /etc/passwd | cut -d ":" -f 4` )
total=${#USERNAMES[*]}
for (( i=0; i<=$(( $total -1 )); i++ ))
do
if (( ${USERIDS[$i]}>=1000 )) && (( ${USERIDS[$i]}<65000 )) ; then
if [[ ! -f /var/opt/cprocsp/users/${USERNAMES[$i]}/stores/my.sto ]]; then
mkdir -p /var/opt/cprocsp/users/${USERNAMES[$i]}/stores
touch /var/opt/cprocsp/users/${USERNAMES[$i]}/stores/my.sto
chmod -R 744 /var/opt/cprocsp/users/${USERNAMES[$i]}
chown -R ${USERNAMES[$i]} /var/opt/cprocsp/users/${USERNAMES[$i]}
chgrp -R ${USERGROUPS[$i]} /var/opt/cprocsp/users/${USERNAMES[$i]}
fi
fi
done
echo "Enable pcscd daemon for smart card support (for example etoken or rutoken):"
echo systemctl enable --now pcscd
}
|