summaryrefslogtreecommitdiffstats
path: root/usr/bin/cryptosmartcard.sh
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2016-09-06 02:23:03 -0500
committerTimothy Pearson <kb9vqf@pearsoncomputing.net>2016-09-06 02:23:32 -0500
commit4114606c72147a3c2918bdca1a9cf5ef164bc06d (patch)
treeb01fb190501b157568073f7df92d74e3cdd5f391 /usr/bin/cryptosmartcard.sh
parent995e057abc6ad9458d64b648178d6efae244d877 (diff)
downloadsmartcardauth-4114606c72147a3c2918bdca1a9cf5ef164bc06d.tar.gz
smartcardauth-4114606c72147a3c2918bdca1a9cf5ef164bc06d.zip
Gracefully handle lack of random data in early system startup
Speed up PC/SC launch
Diffstat (limited to 'usr/bin/cryptosmartcard.sh')
-rwxr-xr-xusr/bin/cryptosmartcard.sh41
1 files changed, 35 insertions, 6 deletions
diff --git a/usr/bin/cryptosmartcard.sh b/usr/bin/cryptosmartcard.sh
index f7ca6d9..ac8c206 100755
--- a/usr/bin/cryptosmartcard.sh
+++ b/usr/bin/cryptosmartcard.sh
@@ -80,6 +80,9 @@ msg ()
# flag tracking key-file availability
OPENED=$FALSE
+# Terminate the PC/SC subsystem
+killall -9 pcscd > /dev/null 2>&1 || true
+
# Is the USB driver loaded?
cat /proc/modules | busybox grep usb_storage >/dev/null 2>&1
USBLOAD=0$?
@@ -88,11 +91,8 @@ if [ $USBLOAD -gt 0 ]; then
modprobe usb_storage >/dev/null 2>&1
fi
-# Terminate the PC/SC subsystem
-killall pcscd > /dev/null 2>&1 || true
-
-# Give the system time to settle and open the USB devices
-sleep 5
+# Make sure USB device nodes have loaded
+udevadm settle
# Relaunch the PC/SC subsystem
pcscd > /dev/null 2>&1
@@ -114,6 +114,35 @@ if [ $LUKS_KEY_COUNT -gt 0 ]; then
# Card present
CARD_INSERTED=$TRUE
msg "SmartCard inserted, attempting to authenticate"
+
+ if [ -e /dev/kmsg ]; then
+ # Linux specific!
+ # Wait for nonblocking random driver to start.
+ # Without waiting, the pincheck utility can stall
+ # for a very long time (forever?) waiting
+ # for enough random data to start PKCS11.
+ dmesg | grep -q "random: nonblocking pool is initialized" &> /dev/null
+ RET=$?
+ LOOPS=0
+ if [ $RET -ne 0 ]; then
+ msg "Waiting for nonblocking random pool to start..."
+ sleep 1
+ while [ $RET -ne 0 ]; do
+ dmesg | grep -q "random: nonblocking pool is initialized" &> /dev/null
+ RET=$?
+ if [ $RET -ne 0 ]; then
+ sleep 1
+ LOOPS=$((LOOPS+1))
+ if [ $LOOPS -eq 10 ]; then
+ msg "Random pool initialization is slow. Try pressing keys or moving the mouse to speed it up..."
+ fi
+ fi
+ done
+ msg "Nonblocking pool started, continuing!"
+ fi
+ rm -f /tmp/kmsg
+ fi
+
PIN=$(cardpincheck /usr/lib/opensc-pkcs11.so)
RET=$?
if [ $RET -eq 0 ]; then
@@ -135,7 +164,7 @@ if [ $LUKS_KEY_COUNT -gt 0 ]; then
fi
fi
-killall pcscd > /dev/null 2>&1 || true
+killall -9 pcscd > /dev/null 2>&1 || true
if [ $OPENED -eq $FALSE ]; then
if [ $CARD_INSERTED -eq $TRUE ]; then