trivionomicon: athena-bccr: initial idopte support

author: Alejandro Soto <alejandro@34project.org> 2026-03-02 20:25:46 -0600
committer: Alejandro Soto <alejandro@34project.org> 2026-03-02 20:30:47 -0600
commit: ef392aba7432a6d46de339119c56645cc9284fb3 (patch)
tree: efc59289c447d3cc90fe75a26bdbfd473c307d1c
parent: 378b6c12c7f3fdff0975d1dd56f3204bd4e04247 (diff)
4 files changed, 83 insertions, 10 deletions
diff --git a/modules/athena-bccr/sys.nix b/modules/athena-bccr/sys.nix
index 5bbefa3..5457ca5 100644
--- a/modules/athena-bccr/sys.nix
+++ b/modules/athena-bccr/sys.nix
@@ -6,16 +6,18 @@
   ...
 }: let
   athena = pkgs.${doctrine.prefix}.athena-bccr.${cfg.release};
-  inherit (athena.card-driver) vendor;
+  inherit (athena) vendor;
 in {
   environment = {
-    etc = lib.optionalAttrs (vendor == "athena") {
-      "Athena".source = "${athena.card-driver}/etc/Athena";
-
-      "pkcs11/modules/asep11".text = ''
-        module: ${athena.pkcs11-module}
-      '';
-    };
+    etc =
+      {
+        "pkcs11/modules/${vendor}".text = ''
+          module: ${athena.pkcs11-module}
+        '';
+      }
+      // lib.optionalAttrs (vendor == "athena") {
+        "Athena".source = "${athena.card-driver}/etc/Athena";
+      };
 
     systemPackages = [athena.card-driver];
   };
diff --git a/pkgs/athena-bccr/default.nix b/pkgs/athena-bccr/default.nix
index c48ab87..c4a8575 100644
--- a/pkgs/athena-bccr/default.nix
+++ b/pkgs/athena-bccr/default.nix
@@ -2,7 +2,7 @@
   callPackage,
   lib,
 }: let
-  latest = "deb64-rev26";
+  latest = "deb64-rev26.2";
 
   releases = lib.mapAttrs (name: release: release // {name = name;}) (import ./releases.nix);
 
@@ -22,6 +22,7 @@
     pkcs11-module = "${card-driver.lib}/${card-driver.pkcs11-path}";
   in {
     inherit card-driver bccr-cacerts pkcs11-module;
+    inherit (release) vendor;
 
     gaudi = callPackage ./gaudi-env.nix {inherit unwrapped;};
     firmador = callPackage ./firmador.nix {inherit pkcs11-module;};
diff --git a/pkgs/athena-bccr/releases.nix b/pkgs/athena-bccr/releases.nix
index 3e413e1..cbc5bdb 100644
--- a/pkgs/athena-bccr/releases.nix
+++ b/pkgs/athena-bccr/releases.nix
@@ -2,6 +2,7 @@
   "deb64-rev26" = {
     # nix hash convert --hash-algo sha256 --from base16 --to sri $(sha256sum sfd_ClientesLinux_DEB64_Rev26.zip | cut -d' ' -f1)
     hash = "sha256-ZPWP9TqJQ5coJAPzUSiaXKVItBWlqFM4smCjOf+gqQM=";
+    filename = "sfd_ClientesLinux_DEB64_Rev26.zip";
     basename = "sfd_ClientesLinux_DEB64_Rev26";
     vendor = "athena";
 
@@ -10,4 +11,17 @@
       idprotect = "Firma Digital/PinTool/IDProtect PINTool 7.24.02/DEB/idprotectclient_7.24.02-0_amd64.deb";
     };
   };
+
+  "deb64-rev26.2" = {
+    # nix hash convert --hash-algo sha256 --from base16 --to sri $(sha256sum sfd_ClientesLinux_DEB64_Ubuntu24_rev26_02 | cut -d' ' -f1)
+    hash = "sha256-DNzP0YRnuUbfKLhi7JeQCirdGx4kM7ROqHDkTuVs0mA=";
+    filename = "sfd_ClientesLinux_DEB64_Ubuntu24_rev26_02.zip";
+    basename = "sfd_ClientesLinux_DEB64_Ubuntu24_26_02";
+    vendor = "idopte";
+
+    srcPaths = {
+      gaudi = "Firma Digital/Agente GAUDI/agente-gaudi_27.0_amd64.deb";
+      idopte = "Firma Digital/Idopte/Idopte_6.23.44.0_ubun24_amd64.deb";
+    };
+  };
 }
diff --git a/pkgs/athena-bccr/unwrapped.nix b/pkgs/athena-bccr/unwrapped.nix
index e2e0bbd..c7781e4 100644
--- a/pkgs/athena-bccr/unwrapped.nix
+++ b/pkgs/athena-bccr/unwrapped.nix
@@ -9,7 +9,7 @@
 
   src = requireFile {
     url = "https://soportefirmadigital.com";
-    name = "${release.basename}.zip";
+    name = release.filename;
 
     inherit (release) hash;
   };
@@ -92,6 +92,59 @@
 
       passthru.pkcs11-path = "lib/x64-athena/libASEP11.so";
     };
+
+  scmiddleware = {
+    autoPatchelfHook,
+    dpkg,
+    glib,
+    gtk3,
+    libappindicator-gtk3,
+    libnotify,
+    openssl,
+    pcsclite,
+    stdenv,
+    unzip,
+    webkitgtk_4_1,
+    ...
+  }:
+    moduleFromDeb "idopte-scmiddleware" {
+      inherit dpkg stdenv unzip;
+      srcPath = srcPaths.idopte;
+
+      buildInputs = [
+        glib
+        gtk3
+        libappindicator-gtk3
+        libnotify
+        openssl
+        pcsclite
+        stdenv.cc.cc.lib
+        webkitgtk_4_1
+      ];
+
+      nativeBuildInputs = [
+        autoPatchelfHook
+      ];
+
+      outputs = ["out" "lib"];
+
+      installPhase = ''
+        runHook preInstall
+
+        install -m755 -d $out/bin $lib/{etc,lib/SCMiddleware}
+        install -m755 usr/lib/SCMiddleware/{idocachesrv,SCManager} $out/bin
+        install -m755 usr/lib/SCMiddleware/*.so $lib/lib/SCMiddleware
+        cp -r etc/id* $lib/etc
+
+        runHook postInstall
+      '';
+
+      preFixup = ''
+        patchelf --set-rpath $lib/lib/SCMiddleware $lib/lib/SCMiddleware/* $out/bin/*
+      '';
+
+      passthru.pkcs11-path = "lib/SCMiddleware/libidop11.so";
+    };
 in
   {
     gaudi = {
@@ -230,3 +283,6 @@ in
   // lib.optionalAttrs (vendor == "athena") {
     card-driver = ase-idprotect;
   }
+  // lib.optionalAttrs (vendor == "idopte") {
+    card-driver = scmiddleware;
+  }
author	Alejandro Soto <alejandro@34project.org>	2026-03-02 20:25:46 -0600
committer	Alejandro Soto <alejandro@34project.org>	2026-03-02 20:30:47 -0600
commit	ef392aba7432a6d46de339119c56645cc9284fb3 (patch)
tree	efc59289c447d3cc90fe75a26bdbfd473c307d1c
parent	378b6c12c7f3fdff0975d1dd56f3204bd4e04247 (diff)