diff options
author | Klemens Nanni <klemens@posteo.de> | 2022-05-22T23·52+0200 |
---|---|---|
committer | kn <klemens@posteo.de> | 2022-05-25T20·38+0000 |
commit | 3a53587c2ab06ecc0082a0c564a214b81a8bde54 (patch) | |
tree | 030a0f4544c0e9b71ed6014885624922982c4db8 /ops | |
parent | 45c46d4a73910f4712a687238dbef3ee195e9404 (diff) |
feat(ops/modules/open_eid.nix): Access all key slots r/4115
`onepin-opensc-pkcs11.so` only enables PIN1, but PIN2 is also required. Change-Id: Ic1c34ca58a46c2978c7e27e7a9b7e6a4d335ac0c Reviewed-on: https://cl.tvl.fyi/c/depot/+/5648 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de> Reviewed-by: kn <klemens@posteo.de> Reviewed-by: tazjin <tazjin@tvl.su>
Diffstat (limited to 'ops')
-rw-r--r-- | ops/modules/open_eid.nix | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/ops/modules/open_eid.nix b/ops/modules/open_eid.nix index 4a48a09a6c9a..4bc35e298c89 100644 --- a/ops/modules/open_eid.nix +++ b/ops/modules/open_eid.nix @@ -23,9 +23,10 @@ in { services.pcscd.enable = true; - # Tell p11-kit to load onepin-opensc-pkcs11.so - environment.etc."pkcs11/modules/onepin-opensc-pkcs11".text = '' - module: ${pkgs.opensc}/lib/onepin-opensc-pkcs11.so + # Tell p11-kit to load/proxy opensc-pkcs11.so, providing all available slots + # (PIN1 for authentication/decryption, PIN2 for signing). + environment.etc."pkcs11/modules/opensc-pkcs11".text = '' + module: ${pkgs.opensc}/lib/opensc-pkcs11.so ''; environment.systemPackages = with pkgs; [ |