diff options
| author | Lluís Batlle i Rossell <viric@vicerveza.homeunix.net> | 2010-01-14 23:43:56 +0000 |
|---|---|---|
| committer | Lluís Batlle i Rossell <viric@vicerveza.homeunix.net> | 2010-01-14 23:43:56 +0000 |
| commit | 742a4b51911f25ca3c04122d8a478d0d99fc2e6e (patch) | |
| tree | d85962bc6ea6420a8e789ab2bdc26d2aeef64c20 /pkgs/tools/security/opensc-dnie-wrapper/default.nix | |
| parent | 2ef0816647c77be23ac9de269bf54c3f1cca1c77 (diff) | |
| download | nixpkgs-742a4b51911f25ca3c04122d8a478d0d99fc2e6e.tar nixpkgs-742a4b51911f25ca3c04122d8a478d0d99fc2e6e.tar.gz nixpkgs-742a4b51911f25ca3c04122d8a478d0d99fc2e6e.tar.bz2 nixpkgs-742a4b51911f25ca3c04122d8a478d0d99fc2e6e.tar.lz nixpkgs-742a4b51911f25ca3c04122d8a478d0d99fc2e6e.tar.xz nixpkgs-742a4b51911f25ca3c04122d8a478d0d99fc2e6e.tar.zst nixpkgs-742a4b51911f25ca3c04122d8a478d0d99fc2e6e.zip | |
Adding a global wrapper that provides the user with ready-to-use opensc tools and
a 'firefox-dnie' that will launch the firefox in the path with the proper environment variables to allow firefox access the Spanish national id SmartCard as a Security Device. For the later to work cleanly, it will require the user to enable the opensc-pkcs11 module as Security Devices in firefox. svn path=/nixpkgs/trunk/; revision=19452
Diffstat (limited to 'pkgs/tools/security/opensc-dnie-wrapper/default.nix')
| -rw-r--r-- | pkgs/tools/security/opensc-dnie-wrapper/default.nix | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/pkgs/tools/security/opensc-dnie-wrapper/default.nix b/pkgs/tools/security/opensc-dnie-wrapper/default.nix new file mode 100644 index 00000000000..ec649790e67 --- /dev/null +++ b/pkgs/tools/security/opensc-dnie-wrapper/default.nix @@ -0,0 +1,67 @@ +{stdenv, makeWrapper, ed, libopensc_dnie}: + +let + opensc = libopensc_dnie.opensc; +in +stdenv.mkDerivation rec { + name = "${opensc.name}-dnie-wrapper"; + + buildInputs = [ makeWrapper ]; + + phases = [ "installPhase" ]; + + installPhase = '' + ensureDir $out/etc + cp ${opensc}/etc/opensc.conf $out/etc + chmod +w $out/etc/opensc.conf + + # NOTE: The libopensc-dnie.so driver requires /usr/bin/pinentry available, to sign + + ${ed}/bin/ed $out/etc/opensc.conf << EOF + /card_drivers + a + card_drivers = dnie; + card_driver dnie { + module = ${libopensc_dnie}/lib/libopensc-dnie.so; + } + . + w + q + EOF + + # Disable pkcs15 file caching, otherwise the card does not work + sed -i 's/use_caching = true/use_caching = false/' $out/etc/opensc.conf + + for a in ${opensc}/bin/*; do + makeWrapper $a $out/bin/`basename $a` \ + --set OPENSC_CONF $out/etc/opensc.conf + done + + # Special wrapper for pkcs11-tool, which needs an additional parameter + rm $out/bin/pkcs11-tool + makeWrapper ${opensc}/bin/pkcs11-tool $out/bin/pkcs11-tool \ + --set OPENSC_CONF $out/etc/opensc.conf \ + --add-flags "--module ${opensc}/lib/opensc-pkcs11.so" + + # Add, as bonus, a wrapper for the firefox in the PATH, that loads the + # proper opensc configuration. + cat > $out/bin/firefox-dnie << EOF + #!${stdenv.shell} + export OPENSC_CONF=$out/etc/opensc.conf + exec firefox + EOF + chmod +x $out/bin/firefox-dnie + ''; + + meta = { + description = "Access to the opensc tools and firefox using the Spanish national ID SmartCard"; + longDescription = '' + Opensc needs a special configuration and special drivers to use the SmartCard + the Spanish governement provides to the citizens as ID card. + Some wrapper scripts take care for the proper opensc configuration to be used, in order + to access the certificates in the SmartCard through the opensc tools or firefox. + Opensc will require a pcscd daemon running, managing the access to the card reader. + ''; + maintainers = with stdenv.lib.maintainers; [viric]; + }; +} |