Check-in [56006440a0]
Overview
SHA1:56006440a0a64e25edaa4d486769a3476dacffb5
Date: 2016-09-22 19:59:51
User: kvanals
Comment:Updated CACKey macOS Install and Uninstall Scripts to try harder to disable CryptoTokenKit support after the GM release started ignoring some methods
Timelines: family | ancestors | descendants | both | trunk
Downloads: Tarball | ZIP archive
Other Links: files | file ages | folders | manifest
Tags And Properties
Context
2016-10-18
18:14
[a8231fc377] Added CACKey Uninstaller for macOS into the installer package (/usr/local/bin/cackey_osx_uninstall.sh), removed the extra macOS uninstaller script from the build tree, and updated the macOS build script to use the new SHA-256 hash of the external PKCS11.tokend (which now supports SHA-2 (256/384/512)) (user: kvanals, tags: trunk)
2016-09-22
19:59
[56006440a0] Updated CACKey macOS Install and Uninstall Scripts to try harder to disable CryptoTokenKit support after the GM release started ignoring some methods (user: kvanals, tags: trunk)
2016-08-19
17:20
[be8c9e6769] CACKey 0.7.6 (user: kvanals, tags: trunk, 0.7.6)
Changes

Modified build/cackey_osx_build/Template_pmbuild/scripts/04pkcs11tokend-post.sh from [a3cf8e39fd] to [e76bd4c2b0].

1
2
3
4
5
6
7

8
#!/bin/bash
chmod -R go+rX /Library/Security/tokend/PKCS11.tokend
chown -R root:wheel /Library/Security/tokend/PKCS11.tokend

# If on Sierra or newer, disable the pivtoken CryptoTokenKit
if [ "`uname -r | cut -d '.' -f 1`" -ge "16" ]; then
	security smartcards token -d com.apple.CryptoTokenKit.pivtoken

fi







>

1
2
3
4
5
6
7
8
9
#!/bin/bash
chmod -R go+rX /Library/Security/tokend/PKCS11.tokend
chown -R root:wheel /Library/Security/tokend/PKCS11.tokend

# If on Sierra or newer, disable the pivtoken CryptoTokenKit
if [ "`uname -r | cut -d '.' -f 1`" -ge "16" ]; then
	security smartcards token -d com.apple.CryptoTokenKit.pivtoken
	defaults write /Library/Preferences/com.apple.security.smartcard DisabledTokens -array com.apple.CryptoTokenKit.pivtoken
fi

Modified build/cackey_osx_build/cackey_osx_uninstall.sh from [8af387a7bd] to [92a8124c4c].

20
21
22
23
24
25
26

27
	pkgutil --forget ${package}
done

# If on Sierra or newer, reenable the pivtoken CryptoTokenKit
echo "Reenabling the builtin pivtoken CryptoTokenKit..."
if [ "`uname -r | cut -d '.' -f 1`" -ge "16" ]; then
	security smartcards token -e com.apple.CryptoTokenKit.pivtoken

fi







>

20
21
22
23
24
25
26
27
28
	pkgutil --forget ${package}
done

# If on Sierra or newer, reenable the pivtoken CryptoTokenKit
echo "Reenabling the builtin pivtoken CryptoTokenKit..."
if [ "`uname -r | cut -d '.' -f 1`" -ge "16" ]; then
	security smartcards token -e com.apple.CryptoTokenKit.pivtoken
	defaults delete /Library/Preferences/com.apple.security.smartcard DisabledTokens -array com.apple.CryptoTokenKit.pivtoken
fi