From dbca1e4e018a7b8696bc35095c6b732f649264ae Mon Sep 17 00:00:00 2001
From: Pandu POLUAN <pepoluan@gmail.com>
Date: Wed, 20 Jun 2018 21:35:44 +0700
Subject: [PATCH] New Plugin: yubikey

The `yubikey` plugin provides some very powerful features:

  * Shared ssh-agent among zsh sessions
  * Easy-to-use aliases
  * Autoconfiguration where possible
---
 plugins/yubikey/README.md          | 22 ++++++++++++
 plugins/yubikey/yubikey.plugin.zsh | 57 ++++++++++++++++++++++++++++++
 2 files changed, 79 insertions(+)
 create mode 100644 plugins/yubikey/README.md
 create mode 100644 plugins/yubikey/yubikey.plugin.zsh

diff --git a/plugins/yubikey/README.md b/plugins/yubikey/README.md
new file mode 100644
index 000000000..0131ced10
--- /dev/null
+++ b/plugins/yubikey/README.md
@@ -0,0 +1,22 @@
+# YubiKey Plugin
+
+YubiKey plugin -- Provides aliases to help use YubiKey tokens comfortably
+
+## Usage
+
+This plugin will first try to detect location of the 'opensc-pkcs11.so' library, unless already specified in the $OPENSC env var (that is, before source-ing oh-my-zsh).
+
+Afterwards, it will try to detect if a 'shared ssh-agent' is already running, through a file in `/run/user/$UID`, or if no such directory, in `/tmp` as a fallback.
+
+Then it will define several aliases. You can see them by issuing the command `alias | grep yubi-`.
+
+## Optional Parameters
+
+These parameters can be set **_before_** source-ing oh-my-zsh to customize the settings:
+
+`YUBI_SHOWKEYS`
+> If set to '1' or 'y' or 'yes' (case-insensitive), will list the keys contained in the 'shared ssh-agent'
+
+`YUBI_SSHAGENT_AUTOINIT`
+> If set to '1' or 'y' or 'yes' (case-insensitive), will automatically initialize the 'shared ssh-agent' if one is not found
+
diff --git a/plugins/yubikey/yubikey.plugin.zsh b/plugins/yubikey/yubikey.plugin.zsh
new file mode 100644
index 000000000..3abc67a9a
--- /dev/null
+++ b/plugins/yubikey/yubikey.plugin.zsh
@@ -0,0 +1,57 @@
+local _libname='opensc-pkcs11.so'
+local _sshfiledir="/run/user/$UID"
+local _sshfile='ssh_agent'
+local _sshpath=''
+local _ellipsis='......'
+
+if [[ -z $OPENSC ]]; then
+    for f in $(locate "/${_libname}"); do
+        [[ -L $f ]] && continue  # Is a symlink
+        OPENSC="$f"
+        break
+    done
+fi
+export OPENSC
+
+if [[ -w $_sshfiledir ]]; then
+    _sshpath="$_sshfiledir/$_sshfile"
+else
+    _sshpath="/tmp/$_sshfile"
+fi
+
+
+alias yubi-init="pkill ssh-agent; pkill gpg-agent; ssh-agent -s > $_sshpath; source $_sshpath"
+alias yubi-insert="ssh-add -s $OPENSC && ssh-add -L"
+alias yubi-eject="ssh-add -e $OPENSC && ssh-add -L"
+
+if [[ -r $_sshpath ]]; then
+    echo -n "Common SSH Agent detected. "
+    source $_sshpath
+else
+    echo -n "Common SSH Agent not detected. "
+    case "${(U)YUBI_SSHAGENT_AUTOINIT}" in
+        1|Y|YES)
+            echo -n "Auto-initializing... "
+            yubi-init
+            echo "done."
+            ;;
+        *)
+            echo "Autoinit not enabled. Use 'yubi-init' to manually init."
+            ;;
+    esac
+fi
+
+case "${(U)YUBI_SHOWKEYS}" in
+    1|Y|YES)
+        ssh-add -L | while read ln; do
+            if (( ${#ln} >= COLUMNS )); then
+                newlen=$(( COLUMNS - ${#_ellipsis} - 1 ))
+                halflen=$(( newlen / 2 ))
+                ln="${ln:0:$halflen}${_ellipsis}${ln: -$halflen}"
+            fi
+            echo "$ln"
+        done
+        ;;
+esac
+
+# vim: set ft=zsh ts=4 sts=4 et ai :