mirror of
https://github.com/linuxboot/heads.git
synced 2024-12-21 05:53:14 +00:00
Delete AES keys of Nitrokey Storage after reset
If smartcard Nitrokey Storage was factory-reset, we delete AES keys on it as well. Explaination: After oem-factory-reset was started the AES on the Nitrokey Storage that is used for the encrypted volume and the password safe is is not usable anymore because the smart card was factory-reset. To make it usable, a user needs to delete it via Nitrokey App. By doing so, the HOTP secret is deleted as well, resulting in a bad warning in Heads. Therefore, we are resetting AES key right after factory-reset with hotp_verification
This commit is contained in:
parent
e0f0655b5d
commit
30236ffbaa
@ -70,6 +70,10 @@ gpg_key_reset()
|
||||
ERROR=`cat /tmp/gpg_card_edit_output`
|
||||
whiptail_error_die "GPG Key factory reset failed!\n\n$ERROR"
|
||||
fi
|
||||
# If NK Storage is inserted, reset AES keys as well
|
||||
if [ ! $(lsusb | grep -q "20a0:") ] && [ -x /bin/hotp_verification ] ; then
|
||||
/bin/hotp_verification regenerate ${ADMIN_PIN_DEF}
|
||||
fi
|
||||
# Generate OEM GPG keys
|
||||
{
|
||||
echo admin
|
||||
|
Loading…
Reference in New Issue
Block a user