track
This commit is contained in:
tavo-wasd
parent
678faa325a
commit
8ee7f9c19e
5 changed files with 175 additions and 147 deletions
19
05-depend.sh
19
05-depend.sh
|
|
@ -1,19 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
install_deps() {
|
||||
# @@@ Support other distros
|
||||
MENU="$1"
|
||||
if [ "$FILE" = "ClientesMac_rev34.zip" ] ; then
|
||||
echo
|
||||
elif [ "$FILE" = "ClientesLinux_DEB64_Rev25.zip" ] ; then
|
||||
# Source: https://fran.cr/instalar-firma-digital-costa-rica-gnu-linux-ubuntu-debian/
|
||||
get_pass "$MENU" "$TITLE" | sudo -Sk sh -c '
|
||||
apt install -y p11-kit pcscd binutils bubblewrap icedtea-netx
|
||||
systemctl enable --now pcscd.socket
|
||||
'
|
||||
elif [ "$FILE" = "ClientesLinux_CentOS7_Rev6" ] ; then
|
||||
echo
|
||||
elif [ "$FILE" = "ClientesLinux_RPM64_Rev24" ] ; then
|
||||
echo
|
||||
fi
|
||||
}
|
||||
143
05-install.sh
Normal file
143
05-install.sh
Normal file
|
|
@ -0,0 +1,143 @@
|
|||
#!/bin/sh
|
||||
|
||||
config_deb_install_certs() {
|
||||
# Source: https://fran.cr/instalar-firma-digital-costa-rica-gnu-linux-ubuntu-debian/
|
||||
SAVE_FILE="$1"
|
||||
SAVE_DIR="${SAVE_FILE%/*}"
|
||||
[ -z "$SAVE_DIR" ] && return 1
|
||||
|
||||
get_pass "$MENU" "$TITLE" | sudo -S sh -c '
|
||||
apt install -y p11-kit pcscd binutils bubblewrap icedtea-netx
|
||||
systemctl enable --now pcscd.socket
|
||||
'
|
||||
|
||||
# Instalación de los certificados
|
||||
(cd "$SAVE_DIR" && unzip -u "$SAVE_FILE")
|
||||
printf '\033[1mInstalando Certificados...\033[0m\n'
|
||||
for cert in "$(find "$SAVE_DIR" -name "Certificados")"/* ; do certname="${cert##*/}" ; sudo cp "$cert" /usr/local/share/ca-certificates/"${certname%.cer}.crt" ; done
|
||||
sudo sh -c '
|
||||
for file in /usr/local/share/ca-certificates/*.crt ; do openssl x509 -inform DER -in "$file" -out "$file.tmp" 2> /dev/null ; done
|
||||
find /usr/local/share/ca-certificates/ -type f -empty -delete
|
||||
for i in /usr/local/share/ca-certificates/*.tmp ; do mv "$i" "${i%.tmp}" ; done
|
||||
update-ca-certificates --fresh
|
||||
'
|
||||
|
||||
# Instalación del módulo PKCS#11
|
||||
printf '\033[1mInstalando Módulo PKCS#11...\033[0m\n'
|
||||
ar p "$(find "$SAVE_DIR" -name "idprotectclient_7.24.02-0_amd64.deb")" data.tar.gz | tar zx "$SAVE_DIR"/usr/lib/x64-athena/libASEP11.so
|
||||
sudo cp -p "$SAVE_DIR"/usr/lib/x64-athena/libASEP11.so /usr/lib/x86_64-linux-gnu/
|
||||
sudo sh -c '
|
||||
mkdir -p /usr/lib/x64-athena/ ; mkdir -p /Firma_Digital/LIBRERIAS/
|
||||
ln -s /usr/lib/x86_64-linux-gnu/libASEP11.so /usr/lib/x64-athena/
|
||||
ln -s /usr/lib/x86_64-linux-gnu/libASEP11.so /usr/lib/
|
||||
ln -s /usr/lib/x86_64-linux-gnu/libASEP11.so /usr/local/lib/
|
||||
ln -s /usr/lib/x86_64-linux-gnu/libASEP11.so /Firma_Digital/LIBRERIAS/
|
||||
ln -s /usr/local/share/ca-certificates /Firma_Digital/CERTIFICADOS
|
||||
'
|
||||
|
||||
printf '\033[1mConfigurando IDPClientDB...\033[0m\n'
|
||||
sudo sh -c "
|
||||
mkdir -p /etc/Athena/
|
||||
echo \"<?xml version=\"1.0\" encoding=\"utf-8\" ?>
|
||||
<IDProtect>
|
||||
<TokenLibs>
|
||||
<IDProtect>
|
||||
<Cards>
|
||||
<IDProtectXF>
|
||||
<ATR type='hexBinary'>3BDC00FF8091FE1FC38073C821106600000000000000</ATR>
|
||||
<ATRMask type='hexBinary'>FFFF00FFF0FFFFFFFFFFFFFFFFF0FF00000000000000</ATRMask>
|
||||
</IDProtectXF>
|
||||
</Cards>
|
||||
</IDProtect>
|
||||
<ChipDoc>
|
||||
<Cards>
|
||||
<ChipDocEMV>
|
||||
<ATR type='hexBinary'>3BEA00008131FE450031C173C840000090007A</ATR>
|
||||
<ATRMask type='hexBinary'>FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF</ATRMask>
|
||||
</ChipDocEMV>
|
||||
</Cards>
|
||||
</ChipDoc>
|
||||
</TokenLibs>
|
||||
</IDProtect>\" | tee /etc/Athena/IDPClientDB.xml
|
||||
"
|
||||
|
||||
printf '\033[1mConfigurando p11-kit/modules...\033[0m\n'
|
||||
sudo sh -c "
|
||||
mkdir -p /usr/share/p11-kit/modules
|
||||
echo 'remote: |bwrap --unshare-all --dir /tmp --ro-bind /etc/Athena /etc/Athena --proc /proc --dev /dev --ro-bind /usr /usr --ro-bind /lib /lib --ro-bind /lib64 /lib64 --ro-bind /var/run/pcscd /var/run/pcscd --ro-bind /run/pcscd /run/pcscd p11-kit remote /usr/lib/x86_64-linux-gnu/libASEP11.so' | tee /usr/share/p11-kit/modules/firma-digital.module
|
||||
"
|
||||
|
||||
printf '\033[1mConfigurando p11-kit update symlinks...\033[0m\n'
|
||||
sudo sh -c "
|
||||
mkdir -p /usr/local/sbin
|
||||
echo \"#!/bin/sh
|
||||
|
||||
FIREFOX_LIB=/usr/lib/firefox/libnssckbi.so
|
||||
FIREFOX_ESR_LIB=/usr/lib/firefox-esr/libnssckbi.so
|
||||
THUNDERBIRD_LIB=/usr/lib/thunderbird/libnssckbi.so
|
||||
NSS_LIB=/usr/lib/x86_64-linux-gnu/nss/libnssckbi.so
|
||||
|
||||
if [ -e \"\$FIREFOX_LIB\" ]
|
||||
then
|
||||
if ! [ -L \"\$FIREFOX_LIB\" ]
|
||||
then
|
||||
echo \"Firefox libnssckbi.so is not a symlink. Fixing...\"
|
||||
mv -f \"\$FIREFOX_LIB\" \"\$FIREFOX_LIB\".bak
|
||||
ln -s /usr/lib/x86_64-linux-gnu/p11-kit-proxy.so \"\$FIREFOX_LIB\"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -e \"\$FIREFOX_ESR_LIB\" ]
|
||||
then
|
||||
if ! [ -L \"\$FIREFOX_ESR_LIB\" ]
|
||||
then
|
||||
echo \"Firefox ESR libnssckbi.so is not a symlink. Fixing...\"
|
||||
mv -f \"\$FIREFOX_ESR_LIB\" \"\$FIREFOX_ESR_LIB\".bak
|
||||
ln -s /usr/lib/x86_64-linux-gnu/p11-kit-proxy.so \"\$FIREFOX_ESR_LIB\"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -e \"\$THUNDERBIRD_LIB\" ]
|
||||
then
|
||||
if ! [ -L \"\$THUNDERBIRD_LIB\" ]
|
||||
then
|
||||
echo \"Thunderbird libnssckbi.so is not a symlink. Fixing...\"
|
||||
mv -f \"\$THUNDERBIRD_LIB\" \"\$THUNDERBIRD_LIB\".bak
|
||||
ln -s /usr/lib/x86_64-linux-gnu/p11-kit-proxy.so \"\$THUNDERBIRD_LIB\"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -e \"\$NSS_LIB\" ]
|
||||
then
|
||||
if ! [ -L \"\$NSS_LIB\" ]
|
||||
then
|
||||
echo \"NSS libnssckbi.so is not a symlink. Fixing...\"
|
||||
mv -f \"\$NSS_LIB\" \"\$NSS_LIB\".bak
|
||||
ln -s /usr/lib/x86_64-linux-gnu/p11-kit-proxy.so \"\$NSS_LIB\"
|
||||
fi
|
||||
fi\" | tee /usr/local/sbin/update-p11-kit-symlinks
|
||||
chmod +x /usr/local/sbin/update-p11-kit-symlinks
|
||||
"
|
||||
|
||||
printf '\033[1mConfigurando módulo mantenimiento systemd...\033[0m\n'
|
||||
sudo sh -c "
|
||||
mkdir -p /etc/systemd/system
|
||||
echo \"[Unit]
|
||||
Description=mantenimiento de enlaces a p11-kit-proxy
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/usr/local/sbin/update-p11-kit-symlinks
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
\" | tee /etc/systemd/system/p11-kit-proxy-updater.service
|
||||
systemctl enable --now p11-kit-proxy-updater.service
|
||||
"
|
||||
|
||||
printf '\033[1mInstalando trust module pk11...\033[0m\n'
|
||||
sudo sh -c "
|
||||
mkdir -p /etc/pkcs11/modules/
|
||||
echo 'disable-in:' | tee /etc/pkcs11/modules/p11-kit-trust.module
|
||||
"
|
||||
}
|
||||
19
06-firmador-libre.sh
Normal file
19
06-firmador-libre.sh
Normal file
|
|
@ -0,0 +1,19 @@
|
|||
#!/bin/sh
|
||||
|
||||
firmador_libre() {
|
||||
FIRMADOR="https://firmador.libre.cr/firmador.jar"
|
||||
|
||||
if [ "$FILE" = "ClientesMac_rev34.zip" ] ; then
|
||||
echo
|
||||
elif [ "$FILE" = "ClientesLinux_DEB64_Rev25.zip" ] ; then
|
||||
DIR="$HOME/.local/share/firmador"
|
||||
elif [ "$FILE" = "ClientesLinux_CentOS7_Rev6" ] ; then
|
||||
echo
|
||||
elif [ "$FILE" = "ClientesLinux_RPM64_Rev24" ] ; then
|
||||
echo
|
||||
fi
|
||||
|
||||
mkdir -p "$DIR"
|
||||
(cd "$DIR" && curl -O "$FIRMADOR")
|
||||
# DESKTOP
|
||||
}
|
||||
125
06-install.sh
125
06-install.sh
|
|
@ -1,125 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
config_deb_idpclientdb() {
|
||||
mkdir -p /etc/Athena/
|
||||
echo "<?xml version=\"1.0\" encoding=\"utf-8\" ?>
|
||||
<IDProtect>
|
||||
<TokenLibs>
|
||||
<IDProtect>
|
||||
<Cards>
|
||||
<IDProtectXF>
|
||||
<ATR type='hexBinary'>3BDC00FF8091FE1FC38073C821106600000000000000</ATR>
|
||||
<ATRMask type='hexBinary'>FFFF00FFF0FFFFFFFFFFFFFFFFF0FF00000000000000</ATRMask>
|
||||
</IDProtectXF>
|
||||
</Cards>
|
||||
</IDProtect>
|
||||
<ChipDoc>
|
||||
<Cards>
|
||||
<ChipDocEMV>
|
||||
<ATR type='hexBinary'>3BEA00008131FE450031C173C840000090007A</ATR>
|
||||
<ATRMask type='hexBinary'>FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF</ATRMask>
|
||||
</ChipDocEMV>
|
||||
</Cards>
|
||||
</ChipDoc>
|
||||
</TokenLibs>
|
||||
</IDProtect>" | tee /etc/Athena/IDPClientDB.xml
|
||||
}
|
||||
|
||||
config_deb_update_symlinks() {
|
||||
echo "#!/bin/sh
|
||||
|
||||
FIREFOX_LIB=/usr/lib/firefox/libnssckbi.so
|
||||
FIREFOX_ESR_LIB=/usr/lib/firefox-esr/libnssckbi.so
|
||||
THUNDERBIRD_LIB=/usr/lib/thunderbird/libnssckbi.so
|
||||
NSS_LIB=/usr/lib/x86_64-linux-gnu/nss/libnssckbi.so
|
||||
|
||||
if [ -e \"\$FIREFOX_LIB\" ]
|
||||
then
|
||||
if ! [ -L \"\$FIREFOX_LIB\" ]
|
||||
then
|
||||
echo \"Firefox libnssckbi.so is not a symlink. Fixing...\"
|
||||
mv -f \"\$FIREFOX_LIB\" \"\$FIREFOX_LIB\".bak
|
||||
ln -s /usr/lib/x86_64-linux-gnu/p11-kit-proxy.so \"\$FIREFOX_LIB\"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -e \"\$FIREFOX_ESR_LIB\" ]
|
||||
then
|
||||
if ! [ -L \"\$FIREFOX_ESR_LIB\" ]
|
||||
then
|
||||
echo \"Firefox ESR libnssckbi.so is not a symlink. Fixing...\"
|
||||
mv -f \"\$FIREFOX_ESR_LIB\" \"\$FIREFOX_ESR_LIB\".bak
|
||||
ln -s /usr/lib/x86_64-linux-gnu/p11-kit-proxy.so \"\$FIREFOX_ESR_LIB\"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -e \"\$THUNDERBIRD_LIB\" ]
|
||||
then
|
||||
if ! [ -L \"\$THUNDERBIRD_LIB\" ]
|
||||
then
|
||||
echo \"Thunderbird libnssckbi.so is not a symlink. Fixing...\"
|
||||
mv -f \"\$THUNDERBIRD_LIB\" \"\$THUNDERBIRD_LIB\".bak
|
||||
ln -s /usr/lib/x86_64-linux-gnu/p11-kit-proxy.so \"\$THUNDERBIRD_LIB\"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -e \"\$NSS_LIB\" ]
|
||||
then
|
||||
if ! [ -L \"\$NSS_LIB\" ]
|
||||
then
|
||||
echo \"NSS libnssckbi.so is not a symlink. Fixing...\"
|
||||
mv -f \"\$NSS_LIB\" \"\$NSS_LIB\".bak
|
||||
ln -s /usr/lib/x86_64-linux-gnu/p11-kit-proxy.so \"\$NSS_LIB\"
|
||||
fi
|
||||
fi" | tee /usr/local/sbin/update-p11-kit-symlinks
|
||||
chmod +x /usr/local/sbin/update-p11-kit-symlinks
|
||||
}
|
||||
|
||||
config_deb_systemd_p11_update() {
|
||||
echo "[Unit]
|
||||
Description=mantenimiento de enlaces a p11-kit-proxy
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/usr/local/sbin/update-p11-kit-symlinks
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target" | tee /etc/systemd/system/p11-kit-proxy-updater.service
|
||||
systemctl enable --now p11-kit-proxy-updater.service
|
||||
}
|
||||
|
||||
install_certs() {
|
||||
# @@@ !!! Doesn't work, $SAVE_DIR not found, copies / to /usr/local/share/ca-certificates/
|
||||
MENU="$1"
|
||||
if [ "$FILE" = "ClientesMac_rev34.zip" ] ; then
|
||||
echo
|
||||
elif [ "$FILE" = "ClientesLinux_DEB64_Rev25.zip" ] ; then
|
||||
# Source: https://fran.cr/instalar-firma-digital-costa-rica-gnu-linux-ubuntu-debian/
|
||||
get_pass "$MENU" "$TITLE" | sudo -Sk sh -c '
|
||||
for cert in "$(find "$SAVE_DIR" -name "Certificados")"/* ; do cp "$cert" /usr/local/share/ca-certificates/"${cert%%.cer}.crt" ; done
|
||||
for file in /usr/local/share/ca-certificates/*.crt do openssl x509 -inform DER -in "$file" -out "$file.tmp" 2> /dev/null ; done
|
||||
for file in /usr/local/share/ca-certificates/* do [ ! -s "$file" ] && rm -f "$file" ; done
|
||||
for i in /usr/local/share/ca-certificates/*.tmp do mv "$i" "${i%%.tmp}" ; done
|
||||
update-ca-certificates --fresh
|
||||
'
|
||||
ar p "$(find "$SAVE_DIR" -name "idprotectclient_7.24.02-0_amd64.deb")" data.tar.gz | tar zx "$SAVE_DIR"/usr/lib/x64-athena/libASEP11.so
|
||||
get_pass "$MENU" "$TITLE" | sudo -Sk sh -c '
|
||||
cp -p "$SAVE_DIR"/usr/lib/x64-athena/libASEP11.so /usr/lib/x86_64-linux-gnu/
|
||||
mkdir -p /usr/lib/x64-athena/ ; mkdir -p /Firma_Digital/LIBRERIAS/
|
||||
ln -s /usr/lib/x86_64-linux-gnu/libASEP11.so /usr/lib/x64-athena/
|
||||
ln -s /usr/lib/x86_64-linux-gnu/libASEP11.so /usr/lib/
|
||||
ln -s /usr/lib/x86_64-linux-gnu/libASEP11.so /usr/local/lib/
|
||||
ln -s /usr/lib/x86_64-linux-gnu/libASEP11.so /Firma_Digital/LIBRERIAS/
|
||||
ln -s /usr/local/share/ca-certificates /Firma_Digital/CERTIFICADOS
|
||||
config_deb_idpclientdb
|
||||
config_deb_update_symlinks
|
||||
config_deb_systemd_p11_update
|
||||
mkdir -p /etc/pkcs11/modules/
|
||||
echo "disable-in:" | tee /etc/pkcs11/modules/p11-kit-trust.module
|
||||
'
|
||||
elif [ "$FILE" = "ClientesLinux_CentOS7_Rev6" ] ; then
|
||||
echo
|
||||
elif [ "$FILE" = "ClientesLinux_RPM64_Rev24" ] ; then
|
||||
echo
|
||||
fi
|
||||
}
|
||||
|
|
@ -34,7 +34,8 @@ if [ -e "/bin/zenity" ] ; then
|
|||
|
||||
# Define where to save file
|
||||
if [ -d "/tmp" ] ; then
|
||||
SAVE_DIR="/tmp"
|
||||
SAVE_DIR="/tmp/soportefirmadigital"
|
||||
mkdir -p "$SAVE_DIR"
|
||||
else
|
||||
zenity --title "$TITLE" --text "$PROMPT_DIR_FILE" --info
|
||||
SAVE_DIR="$(zenity --file-selection --directory)"
|
||||
|
|
@ -50,7 +51,7 @@ if [ -e "/bin/zenity" ] ; then
|
|||
DOWN="$(du "$SAVE_FILE" 2>/dev/null | awk '{print $1}')" ; [ -z "$DOWN" ] && DOWN=0
|
||||
r=$(((DOWN*10000)/SIZE))
|
||||
printf '%d\n' ${r%??}
|
||||
done | zenity --title "$TITLE" --text "$PROMPT_DOWNLOAD" --progress
|
||||
done | zenity --title "$TITLE" --text "$PROMPT_DOWNLOAD" --progress --auto-close
|
||||
|
||||
while true ; do
|
||||
ACTIVE="$(ps aux | grep 'curl.*soportefirmadigital' | sed '/grep/d')"
|
||||
|
|
@ -61,7 +62,16 @@ if [ -e "/bin/zenity" ] ; then
|
|||
ACTIVE="$(ps aux | grep 'curl.*soportefirmadigital' | sed '/grep/d')"
|
||||
[ -n "$ACTIVE" ] && zenity --title "$TITLE" --text "$PROMPT_ERR_DOWNLOAD" --error && exit 1
|
||||
|
||||
#install_certs "$MENU"
|
||||
if [ "$FILE" = "ClientesMac_rev34.zip" ] ; then
|
||||
echo
|
||||
elif [ "$FILE" = "ClientesLinux_DEB64_Rev25.zip" ] ; then
|
||||
config_deb_install_certs "$SAVE_FILE"
|
||||
elif [ "$FILE" = "ClientesLinux_CentOS7_Rev6" ] ; then
|
||||
echo
|
||||
elif [ "$FILE" = "ClientesLinux_RPM64_Rev24" ] ; then
|
||||
echo
|
||||
fi
|
||||
|
||||
else
|
||||
echo
|
||||
# Welcome
|
||||
Loading…
Reference in a new issue