Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix ykfde_enroll

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2023-11-22 23:53:36 +01:00
parent e02320fb07
commit 648a643252
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
utils/pkgs/ykfde/scripts/ykfde_enroll
View File

@@ -1,9 +1,9 @@
#!/bin/bash -p
set -euo pipefail set -euo pipefail
echo "start in" if [ "$EUID" -ne 0 ]
echo "nix-shell https://github.com/sgillespie/nixos-yubikey-luks/archive/master.tar.gz" then echo "Please run as root"
exit
fi
# sanitize environment # sanitize environment
YKFDE_SLOT=2 YKFDE_SLOT=2
@@ -24,7 +24,7 @@ if [ "$(ykinfo -q -"$YKFDE_SLOT")" != 1 ]; then
printf '%s\n' "ERROR: Chosen YubiKey slot '$YKFDE_SLOT' isn't configured. Please insert a YubiKey with the slot configured for 'HMAC-SHA1 Challenge-Response'." printf '%s\n' "ERROR: Chosen YubiKey slot '$YKFDE_SLOT' isn't configured. Please insert a YubiKey with the slot configured for 'HMAC-SHA1 Challenge-Response'."
fi fi
while [ "$(ykinfo -q -"$YKFDE_SLOT")" != 1 ] while [ "$(ykinfo -q -$YKFDE_SLOT)" != 1 ]
do do
sleep 1 sleep 1
done done
@@ -36,7 +36,7 @@ rbtohex() {
YKFDE_SALT="$(dd if=/dev/random bs=1 count=$YKFDE_SALT_LENGTH 2>/dev/null | rbtohex)" YKFDE_SALT="$(dd if=/dev/random bs=1 count=$YKFDE_SALT_LENGTH 2>/dev/null | rbtohex)"
if [ -f "$YKFDE_STORAGE" ]; then if [ -f "$YKFDE_STORAGE" ]; then
YKFDE_SALT="$(head -1 $YKFDE_STORAGE)" YKFDE_SALT="$(head -1 $YKFDE_STORAGE)"
echo "$FILE exists." echo "Using current Salt: $YKFDE_SALT"
fi fi
YKFDE_CHALLENGE="$(echo -n $YKFDE_SALT | openssl dgst -binary -sha512 | rbtohex)" YKFDE_CHALLENGE="$(echo -n $YKFDE_SALT | openssl dgst -binary -sha512 | rbtohex)"
YKFDE_RESPONSE="$(ykchalresp -2 -x $YKFDE_CHALLENGE 2>/dev/null)" YKFDE_RESPONSE="$(ykchalresp -2 -x $YKFDE_CHALLENGE 2>/dev/null)"