From ce477303019c7f3ba18dcab48e4205d59614ce5a Mon Sep 17 00:00:00 2001
From: Timothy Pearson <kb9vqf@pearsoncomputing.net>
Date: Thu, 17 Sep 2015 17:30:17 -0500
Subject: Add initial cryptographic card login support Tested with themed
 greeter and SAK disabled

---
 kcontrol/hwmanager/devicepropsdlg.cpp | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

(limited to 'kcontrol/hwmanager/devicepropsdlg.cpp')

diff --git a/kcontrol/hwmanager/devicepropsdlg.cpp b/kcontrol/hwmanager/devicepropsdlg.cpp
index a1ef81c2b..9946ede6e 100644
--- a/kcontrol/hwmanager/devicepropsdlg.cpp
+++ b/kcontrol/hwmanager/devicepropsdlg.cpp
@@ -779,8 +779,8 @@ void DevicePropertiesDialog::populateDeviceInformation() {
 		if (m_device->type() == TDEGenericDeviceType::CryptographicCard) {
 			TDECryptographicCardDevice* cdevice = static_cast<TDECryptographicCardDevice*>(m_device);
 
-			connect(cdevice, TQT_SIGNAL(cardInserted()), this, TQT_SLOT(cryptographicCardInserted()));
-			connect(cdevice, TQT_SIGNAL(cardRemoved()), this, TQT_SLOT(cryptographicCardRemoved()));
+			connect(cdevice, TQT_SIGNAL(cardInserted(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardInserted()));
+			connect(cdevice, TQT_SIGNAL(cardRemoved(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardRemoved()));
 
 			updateCryptographicCardStatusDisplay();
 		}
@@ -926,6 +926,7 @@ void DevicePropertiesDialog::cryptLUKSAddKey() {
 			unsigned int key_slot = lvi->text(0).toUInt();
 			bool allow_card = false;
 			bool use_card = false;
+			bool luks_card_key_modified = false;
 			KSSLCertificate* card_cert = NULL;
 			X509* card_cert_x509;
 			TQString disk_uuid = sdevice->diskUUID();
@@ -988,6 +989,7 @@ void DevicePropertiesDialog::cryptLUKSAddKey() {
 
 						// Use the secret key as the LUKS passcode
 						new_password = randomKey;
+						luks_card_key_modified = true;
 					}
 					else {
 						KMessageBox::error(this, i18n("<qt><b>Key creation failed</b><br>Please check that you have write access to /etc/trinity/luks/card and try again</qt>"), i18n("Key creation failure"));
@@ -1081,6 +1083,16 @@ void DevicePropertiesDialog::cryptLUKSAddKey() {
 							sdevice->cryptClearOperationsUnlockPassword();
 							KMessageBox::error(this, i18n("<qt><b>Key write failed</b><br>Please check the LUKS password and try again</qt>"), i18n("Key write failure"));
 						}
+						else {
+							if (luks_card_key_modified) {
+								if (KMessageBox::warningYesNo(this, i18n("<qt><b>You have created a new card-dependent key</b><br>Card-dependent keys work in conjunction with an encrypted key file stored on the host system.<br>When a card is used to boot, card-dependent keys must be updated in the initramfs image to become usable.<p>Would you like to update the initramfs image now?</qt>"), i18n("Update Required")) == KMessageBox::Yes) {
+									// Update the initramfs
+									if (system("update-initramfs -u -k all") != 0) {
+										KMessageBox::error(this, i18n("<qt><b>Initramfs update failed</b><br>Card-dependent keys may not be available for use until the root storage device is available / unlocked</qt>"), i18n("Initramfs update failure"));
+									}
+								}
+							}
+						}
 					}
 				}
 			}
-- 
cgit v1.2.1