diff --git a/usr/bin/setupcard.sh b/usr/bin/setupcard.sh
index dc052a0..34e9c4b 100755
--- a/usr/bin/setupcard.sh
+++ b/usr/bin/setupcard.sh
@@ -675,6 +675,16 @@
fi
}
+function clearlukskey {
+ echo "Clearing LUKS key..."
+ authenticatecard "AUT1"
+ if [[ $authenticated = "1" ]]; then
+ dd if=/dev/zero of=$SECURE_DIRECTORY/smart.key.blank bs=255 count=1
+ update_file "10 01" "$SECURE_DIRECTORY/smart.key.blank"
+ rm -f $SECURE_DIRECTORY/smart.key.blank
+ fi
+}
+
function loadusername {
echo "Loading username..."
authenticatecard "AUT1"
@@ -744,6 +754,7 @@
FALSE "Import LUKS encryption key from file to system" \
FALSE "Get LUKS encryption key from Smart Card [File 1001]" \
FALSE "Load LUKS encryption key into Smart Card [File 1001]" \
+ FALSE "Clear LUKS encryption key from Smart Card [File 1001]" \
FALSE "Load username into Smart Card [File 1002]" \
FALSE "Load password into Smart Card [File 1003]" \
FALSE "Update Smart Card Transport Keys [AUT1-AUT3]" \
@@ -759,6 +770,7 @@
FALSE "Import LUKS encryption key from file to system" \
FALSE "Get LUKS encryption key from Smart Card [File 1001]" \
FALSE "Load LUKS encryption key into Smart Card [File 1001]" \
+ FALSE "Clear LUKS encryption key from Smart Card [File 1001]" \
FALSE "Load username into Smart Card [File 1002]" \
FALSE "Load password into Smart Card [File 1003]" \
FALSE "Update Smart Card Transport Keys [AUT1-AUT3]" \
@@ -822,6 +834,10 @@
loadlukskey
fi
+ if [[ $selection = "Clear LUKS encryption key from Smart Card [File 1001]" ]]; then
+ clearlukskey
+ fi
+
if [[ $selection = "Load username into Smart Card [File 1002]" ]]; then
loadusername
fi
|