diff --git a/initrd/bin/gui-init b/initrd/bin/gui-init index 02fca80d..b674356c 100755 --- a/initrd/bin/gui-init +++ b/initrd/bin/gui-init @@ -142,9 +142,9 @@ fi # Use stored HOTP key branding if [ -r /boot/kexec_hotp_key ]; then - CONFIG_HOTPKEY_BRANDING="$(cat /boot/kexec_hotp_key)" + HOTPKEY_BRANDING="$(cat /boot/kexec_hotp_key)" else - CONFIG_HOTPKEY_BRANDING="HOTP USB Security Dongle" + HOTPKEY_BRANDING="HOTP USB Security Dongle" fi last_half=X @@ -200,8 +200,8 @@ while true; do enable_usb if ! libremkey_hotp_verification info ; then whiptail $CONFIG_WARNING_BG_COLOR --clear \ - --title "WARNING: Please Insert Your $CONFIG_HOTPKEY_BRANDING" \ - --msgbox "Your $CONFIG_HOTPKEY_BRANDING was not detected.\n\nPlease insert your $CONFIG_HOTPKEY_BRANDING" 30 90 + --title "WARNING: Please Insert Your $HOTPKEY_BRANDING" \ + --msgbox "Your $HOTPKEY_BRANDING was not detected.\n\nPlease insert your $HOTPKEY_BRANDING" 30 90 fi # Don't output HOTP codes to screen, so as to make replay attacks harder libremkey_hotp_verification check $HOTP @@ -214,7 +214,7 @@ while true; do MAIN_MENU_BG_COLOR=$CONFIG_ERROR_BG_COLOR ;; * ) - HOTP="Error checking code, Insert $CONFIG_HOTPKEY_BRANDING and retry" + HOTP="Error checking code, Insert $HOTPKEY_BRANDING and retry" MAIN_MENU_BG_COLOR=$CONFIG_WARNING_BG_COLOR ;; esac diff --git a/initrd/bin/seal-hotpkey b/initrd/bin/seal-hotpkey index 98020db6..d66ce0c1 100755 --- a/initrd/bin/seal-hotpkey +++ b/initrd/bin/seal-hotpkey @@ -19,9 +19,9 @@ mount_boot() # Use stored HOTP key branding (this might be useful after OEM reset) if [ -r /boot/kexec_hotp_key ]; then - CONFIG_HOTPKEY_BRANDING="$(cat /boot/kexec_hotp_key)" + HOTPKEY_BRANDING="$(cat /boot/kexec_hotp_key)" else - CONFIG_HOTPKEY_BRANDING="HOTP USB Security Dongle" + HOTPKEY_BRANDING="HOTP USB Security Dongle" fi tpm nv_readvalue \ @@ -58,26 +58,26 @@ counter_value=1 enable_usb if ! libremkey_hotp_verification info ; then - echo "Insert your $CONFIG_HOTPKEY_BRANDING and press Enter to configure it" + echo "Insert your $HOTPKEY_BRANDING and press Enter to configure it" read if ! libremkey_hotp_verification info ; then # don't leak key on failure shred -n 10 -z -u "$HOTP_SECRET" 2> /dev/null - die "Unable to find $CONFIG_HOTPKEY_BRANDING" + die "Unable to find $HOTPKEY_BRANDING" fi fi # Set HOTP USB Security Dongle branding based on VID if [ ! $(lsusb | grep -q "20a0:") ]; then - CONFIG_HOTPKEY_BRANDING="Nitrokey" + HOTPKEY_BRANDING="Nitrokey" elif [ ! $(lsusb | grep -q "316d:") ]; then - CONFIG_HOTPKEY_BRANDING="Librem Key" + HOTPKEY_BRANDING="Librem Key" else - CONFIG_HOTPKEY_BRANDING="HOTP USB Security Dongle" + HOTPKEY_BRANDING="HOTP USB Security Dongle" fi echo -e "" -read -s -p "Enter your $CONFIG_HOTPKEY_BRANDING Admin PIN: " admin_pin +read -s -p "Enter your $HOTPKEY_BRANDING Admin PIN: " admin_pin echo -e "\n" libremkey_hotp_initialize "$admin_pin" $HOTP_SECRET $counter_value @@ -108,14 +108,14 @@ echo $counter_value > $HOTP_COUNTER \ || die "Unable to create hotp counter file" # Store/overwrite HOTP USB Security Dongle branding found out beforehand -echo $CONFIG_HOTPKEY_BRANDING > $HOTP_KEY \ +echo $HOTPKEY_BRANDING > $HOTP_KEY \ || die "Unable to store hotp key file" #sha256sum /tmp/counter-$counter > $HOTP_COUNTER \ #|| die "Unable to create hotp counter file" mount -o remount,ro /boot -echo -e "\n$CONFIG_HOTPKEY_BRANDING initialized successfully. Press Enter to continue." +echo -e "\n$HOTPKEY_BRANDING initialized successfully. Press Enter to continue." read exit 0