#!/bin/bash
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:$PATH

BIN=$(basename $0)
DEV=$1
ACTION=$2
FLAG=$3

LOG_FILE="/var/log/usb_crypt.log"
UCRYPT_PATH="/opt/ucrypt"

OSVER=$(cat /etc/.kyinfo | grep milestone | awk -F= '{print $2}' | tr -d ' ')

function adddate {
    while IFS= read -r line; do
        echo "$(date +"%Y-%m-%d %H:%m:%S"): $line"
    done
}

if [[ $# -lt 2 ]] || [[ $ACTION != remove && $ACTION != add ]]; then
	echo "Usage $BIN <device> [remove |(add <mode>)]" | adddate >>$LOG_FILE 2>&1
 	exit 1
fi

if [[ ! -d "$UCRYPT_PATH" ]]; then 
	mkdir -p $UCRYPT_PATH
fi

if [[ $ACTION == remove ]]; then
	echo "0 x $DEV xxxxxx xxxxx $(date +%H:%M:%S) xxxxxx  xxxxxx" >>"$UCRYPT_PATH/usb_crypt.log" 2>&1
	exit 0
elif [[ $ACTION == add ]]; then
	if [[ $FLAG == 0 ]]; then
		if [[ ${OSVER:0:3} == "3.2" || ${OSVER:0:3} == "3.0" ]];then
			ID_SERIAL=`udevinfo -a -p $(udevinfo -q path -n $DEV) | grep "ID_SERIAL="`
		else
			ID_SERIAL=`udevadm info -p $(udevadm info -q path -n $DEV) | grep "ID_SERIAL="`
		fi
		BLOCKSIZE=$(echo $(blockdev --getsz $DEV) 2097152 | awk '{printf "%0.2fG\n", $1/$2}')
		if [[ -z $ID_SERIAL ]]; then
			echo "非法设备$DEV接入" >>"$UCRYPT_PATH/audit_usb_crypt.log" 2>&1
		else
			echo "非法设备$DEV id序号为${ID_SERIAL##*=} 接入" >>"$UCRYPT_PATH/audit_usb_crypt.log" 2>&1
		fi
		
		echo "1 0 $DEV xxxxxx $BLOCKSIZE xxxxxx xxxxxx  xxxxxx " >>"$UCRYPT_PATH/usb_crypt.log" 2>&1
		exit 0
	elif [[ $FLAG == 1 ]]; then
		UUID=`ucryptsetup UUID $DEV`
		BLOCKSIZE=$(echo $(blockdev --getsz $DEV) 2097152 | awk '{printf "%0.2fG\n", $1/$2}')
		if [[ ${OSVER:0:3} == "3.2" || ${OSVER:0:3} == "3.0" ]];then
			ID_SERIAL=`udevinfo -a -p $(udevinfo -q path -n $DEV) | grep "ID_SERIAL="`
		else
			ID_SERIAL=`udevadm info -p $(udevadm info -q path -n $DEV) | grep "ID_SERIAL="`
		fi
		TMP="/tmp/usb_crypt_info.tmp"
		rm -rf $TMP
		ucrypt readInfo $DEV --info-backup-file=$TMP
		SECRET_CODE=$(cut -b 9-20 $TMP)
		PERSON=$(cut -b 41-104 $TMP)
		PERSON_CODE=$(cut -b 105-144 $TMP)
		rm -rf $TMP
		echo "合法设备$DEV id序号为${ID_SERIAL##*=} uuid为$UUID 责任人为$PERSON 责任人编码$PERSON_CODE 保密编码$SECRET_CODE 接入" >>"$UCRYPT_PATH/audit_usb_crypt.log" 2>&1
		echo "1 1 $DEV $UUID $BLOCKSIZE $SECRET_CODE $PERSON  $PERSON_CODE " >>"$UCRYPT_PATH/usb_crypt.log" 2>&1
		exit 0
	elif [[ $FLAG == 2 ]]; then
		if [[ ${OSVER:0:3} == "3.2" || ${OSVER:0:3} == "3.0" ]];then
			ID_SERIAL=`udevinfo -a -p $(udevinfo -q path -n $DEV) | grep "ID_SERIAL="`
		else
			ID_SERIAL=`udevadm info -p $(udevadm info -q path -n $DEV) | grep "ID_SERIAL="`
		fi
		BLOCKSIZE=$(echo $(blockdev --getsz $DEV) 2097152 | awk '{printf "%0.2fG\n", $1/$2}')
		echo "1 0 $DEV xxxxxx $BLOCKSIZE xxxxxx xxxxxx  xxxxxx " >>"$UCRYPT_PATH/usb_crypt.log" 2>&1
		exit 0
	fi
fi

