Llewellyn/Tomb
1
0
Fork 0
mirror of https://github.com/Llewellynvdm/Tomb.git synced 2024-11-11 07:30:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

new backup command to save keys on paper

Browse Source 
Backup simply encodes a QRCode that can be print on paper and
hidden in books or so, to keep phisical backups of keys.
The QR can be simply scanned with any smartphone, saved into a file
and reused as a key.
This commit is contained in:
Jaromil 2013-06-19 20:52:21 +02:00
parent 8f4b0c6567
commit 8d46ff46e1
1 changed files with 45 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
tomb
View File

@ -53,6 +53,7 @@ STEGHIDE=1
MKTEMP=1 MKTEMP=1
RESIZER=1 RESIZER=1
SWISH=1 SWISH=1
QRENCODE=1
MOUNTOPTS="rw,noatime,nodev" MOUNTOPTS="rw,noatime,nodev"
typeset -A global_opts typeset -A global_opts
@ -272,7 +273,15 @@ Commands:
slam slam a TOMB killing all programs using it slam slam a TOMB killing all programs using it
passwd change the password of a KEY passwd change the password of a KEY
change change the KEY locking a TOMB (needs old one)
EOF EOF
{ test "$QRENCODE" = "1" } && {
cat <<EOF
backup makes a QR code of a KEY to be saved on paper
EOF
}
if [ "$RESIZER" = 1 ]; then if [ "$RESIZER" = 1 ]; then
cat <<EOF cat <<EOF
resize resize a TOMB to a new --size (can only grow) resize resize a TOMB to a new --size (can only grow)
@ -456,6 +465,8 @@ check_bin() {
command -v tomb-kdb-pbkdf2 > /dev/null || KDF=0 command -v tomb-kdb-pbkdf2 > /dev/null || KDF=0
# check for Swish-E file content indexer # check for Swish-E file content indexer
command -v swish-e > /dev/null || SWISH=0 command -v swish-e > /dev/null || SWISH=0
# check for QREncode for paper backups of keys
command -v qrencode > /dev/null || QRENCODE=0
} }
# }}} - Commandline interaction # }}} - Commandline interaction
@ -884,6 +895,28 @@ exhume_key() {
return 1 return 1
} }
# Produces a printable image of the key contents so that it can be
# backuped on paper and hidden in books etc.
backup_key() {
# load key from options
tombkey="`load_key $1`"
{ test $? = 0 } || { die "No key specified." }
keyname=`basename $tombkey`
pngname="$keyname.qr.png"
yes "Rendering a printable QRCode for key: $tombkey"
# we omit armor strings to save space
awk '
/^-----/ {next}
/^Version/ {next}
{print $0}' ${tombkey} | qrencode --size 4 -t PNG --level H \
--casesensitive -o "$pngname"
{ test $? = 0 } || { die "QREncode reported an error." }
yes "Operation successful:"
_message "`ls -lh $pngname`"
_message "`file $pngname`"
}
# }}} - Key handling # }}} - Key handling
# {{{ Create # {{{ Create
@ -2065,6 +2098,7 @@ main() {
subcommands_opts[dig]="f -force -ignore-swap s: -size=s " subcommands_opts[dig]="f -force -ignore-swap s: -size=s "
subcommands_opts[lock]="f -force -ignore-swap k: -key=k o: -sudo-pwd: -tomb-pwd: " subcommands_opts[lock]="f -force -ignore-swap k: -key=k o: -sudo-pwd: -tomb-pwd: "
subcommands_opts[change]="f -force -ignore-swap k: -key=k -sudo-pwd: -tomb-pwd: " subcommands_opts[change]="f -force -ignore-swap k: -key=k -sudo-pwd: -tomb-pwd: "
subcommands_opts[backup]="k: -key=k "
subcommands_opts[passwd]="f -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: " subcommands_opts[passwd]="f -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: "
subcommands_opts[close]="-sudo-pwd: " subcommands_opts[close]="-sudo-pwd: "
@ -2196,6 +2230,12 @@ main() {
change_tomb_key ${=PARAM} change_tomb_key ${=PARAM}
;; ;;
backup)
{ test "$QRENCODE" = 0 } && {
die "QREncode not installed: cannot backup keys on paper." }
backup_key ${=PARAM}
;;
# backward compat # backward compat
create) create)
_warning "The create command is deprecated, please use dig, forge and lock instead." _warning "The create command is deprecated, please use dig, forge and lock instead."