From 671bb9763affd12280fdf4cc1ea8c313ea99f71d Mon Sep 17 00:00:00 2001 From: Raul Metsma Date: Tue, 28 May 2024 12:31:23 +0300 Subject: [PATCH] Use OpenSC pkcs11-register IB-7998 Signed-off-by: Raul Metsma --- chrome-pkcs11.desktop | 7 ----- debian/control | 2 +- debian/open-eid.install | 2 -- esteid-update-nssdb | 58 ----------------------------------------- install-open-eid.sh | 4 +-- 5 files changed, 3 insertions(+), 70 deletions(-) delete mode 100644 chrome-pkcs11.desktop delete mode 100644 debian/open-eid.install delete mode 100644 esteid-update-nssdb diff --git a/chrome-pkcs11.desktop b/chrome-pkcs11.desktop deleted file mode 100644 index f52d50e..0000000 --- a/chrome-pkcs11.desktop +++ /dev/null @@ -1,7 +0,0 @@ -[Desktop Entry] -Type=Application -Name=Configure Chrome PKCS11 -Exec=/usr/bin/esteid-update-nssdb -NoDisplay=true -X-GNOME-AutoRestart=true -X-GNOME-Autostart-Phase=Initialization diff --git a/debian/control b/debian/control index 3795f48..dd782fe 100644 --- a/debian/control +++ b/debian/control @@ -12,7 +12,7 @@ Architecture: all Depends: web-eid, qdigidoc4, - libnss3-tools, + opensc, ${misc:Depends} Recommends: libdigidocpp-tools diff --git a/debian/open-eid.install b/debian/open-eid.install deleted file mode 100644 index 5682bb6..0000000 --- a/debian/open-eid.install +++ /dev/null @@ -1,2 +0,0 @@ -esteid-update-nssdb usr/bin -chrome-pkcs11.desktop etc/xdg/autostart diff --git a/esteid-update-nssdb b/esteid-update-nssdb deleted file mode 100644 index 956f83c..0000000 --- a/esteid-update-nssdb +++ /dev/null @@ -1,58 +0,0 @@ -#!/bin/bash -# -# The MIT License (MIT) -# -# Copyright (c) 2014 Lauri Võsandi -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to deal -# in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -# copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -# THE SOFTWARE. - -PATH="$PATH:/sbin" -NSSDB=$HOME/.pki/nssdb -MODUTIL="/usr/bin/modutil -force -dbdir sql:$NSSDB" -LIBS=$(ldconfig -v 2>/dev/null | grep -v ^$'\t' | sed -e s/:.*$//) -PKCS11=onepin-opensc-pkcs11.so - -if [ ! -f $NSSDB/cert9.db ]; then - echo "Initializing new database" - mkdir -p $NSSDB -fi - -delete_pkcs11() { - if $MODUTIL -list $1 2>>/dev/null; then - $MODUTIL -delete $1 - fi -} - -delete_pkcs11 "idemia-pkcs11" - -for DIR in $LIBS; do - LIB=$DIR/$PKCS11 - if [ -f $LIB ]; then - echo "Found PKCS#11 library at: $LIB" - if grep -q -s library=$LIB $NSSDB/pkcs11.txt; then - echo "ID-card support for Google Chrome/Chromium already enabled" - else - echo "Enabling ID-card functionality in Google Chrome/Chromium via $LIB" - delete_pkcs11 "opensc-pkcs11" - $MODUTIL -add opensc-pkcs11 -libfile $LIB -mechanisms FRIENDLY - fi - exit - fi -done -echo "Can't find $PKCS11" diff --git a/install-open-eid.sh b/install-open-eid.sh index 1b76087..c8786f0 100755 --- a/install-open-eid.sh +++ b/install-open-eid.sh @@ -222,8 +222,8 @@ esac add_key make_install open-eid -# Configure Chrome PKCS11 driver for current user, /etc/xdg/autstart/ will init other users on next logon -/usr/bin/esteid-update-nssdb +# Configure Chrome/Firefox PKCS11 driver for current user, /etc/xdg/autstart/ will init other users on next logon +/usr/bin/pkcs11-register echo echo "Thank you for using Estonian ID card!" read -p "Would you like to read instructions on how to configure browsers for using ID-card? (Y/n): " instructions