Add option to clear LUKS key from card

pull/1/head
Timothy Pearson 9 years ago
parent 1dab477659
commit a87c27c808

@ -675,6 +675,16 @@ function loadlukskey {
fi fi
} }
function clearlukskey {
echo "Clearing LUKS key..."
authenticatecard "AUT1"
if [[ $authenticated = "1" ]]; then
dd if=/dev/zero of=$SECURE_DIRECTORY/smart.key.blank bs=255 count=1
update_file "10 01" "$SECURE_DIRECTORY/smart.key.blank"
rm -f $SECURE_DIRECTORY/smart.key.blank
fi
}
function loadusername { function loadusername {
echo "Loading username..." echo "Loading username..."
authenticatecard "AUT1" authenticatecard "AUT1"
@ -744,6 +754,7 @@ while [[ 1 -eq 1 ]]; do
FALSE "Import LUKS encryption key from file to system" \ FALSE "Import LUKS encryption key from file to system" \
FALSE "Get LUKS encryption key from Smart Card [File 1001]" \ FALSE "Get LUKS encryption key from Smart Card [File 1001]" \
FALSE "Load LUKS encryption key into Smart Card [File 1001]" \ FALSE "Load LUKS encryption key into Smart Card [File 1001]" \
FALSE "Clear LUKS encryption key from Smart Card [File 1001]" \
FALSE "Load username into Smart Card [File 1002]" \ FALSE "Load username into Smart Card [File 1002]" \
FALSE "Load password into Smart Card [File 1003]" \ FALSE "Load password into Smart Card [File 1003]" \
FALSE "Update Smart Card Transport Keys [AUT1-AUT3]" \ FALSE "Update Smart Card Transport Keys [AUT1-AUT3]" \
@ -759,6 +770,7 @@ while [[ 1 -eq 1 ]]; do
FALSE "Import LUKS encryption key from file to system" \ FALSE "Import LUKS encryption key from file to system" \
FALSE "Get LUKS encryption key from Smart Card [File 1001]" \ FALSE "Get LUKS encryption key from Smart Card [File 1001]" \
FALSE "Load LUKS encryption key into Smart Card [File 1001]" \ FALSE "Load LUKS encryption key into Smart Card [File 1001]" \
FALSE "Clear LUKS encryption key from Smart Card [File 1001]" \
FALSE "Load username into Smart Card [File 1002]" \ FALSE "Load username into Smart Card [File 1002]" \
FALSE "Load password into Smart Card [File 1003]" \ FALSE "Load password into Smart Card [File 1003]" \
FALSE "Update Smart Card Transport Keys [AUT1-AUT3]" \ FALSE "Update Smart Card Transport Keys [AUT1-AUT3]" \
@ -822,6 +834,10 @@ while [[ 1 -eq 1 ]]; do
loadlukskey loadlukskey
fi fi
if [[ $selection = "Clear LUKS encryption key from Smart Card [File 1001]" ]]; then
clearlukskey
fi
if [[ $selection = "Load username into Smart Card [File 1002]" ]]; then if [[ $selection = "Load username into Smart Card [File 1002]" ]]; then
loadusername loadusername
fi fi

Loading…
Cancel
Save