remove unused and old libsphinx support

steff seems to be moving towards new implementations and this was
never reported as used by anyone

extras/install_sphinx.sh

@@ -1,15 +0,0 @@
-#!/bin/sh
-set -ex
-git clone https://github.com/stef/libsphinx 
-cd libsphinx
-git submodule update --init --recursive --remote
-cd src
-sed -i 's|/usr/local|/usr|' makefile
-make && make install && ldconfig
-cd ../..
-git clone https://github.com/stef/pwdsphinx
-cd pwdsphinx
-python3 setup.py install
-mkdir -p /etc/sphinx && cp ../test/sphinx.cfg /etc/sphinx/config && cd /etc/sphinx
-openssl req -new -x509 -nodes -out server.crt -keyout server.key -subj '/CN=localhost'
-sphinx init

tomb

@@ -61,7 +61,6 @@ typeset -i KDF=1
 typeset -i STEGHIDE=1
 typeset -i CLOAKIFY=1
 typeset -i DECLOAKIFY=1
-typeset -i SPHINX=1
 typeset -i RESIZER=1
 typeset -i RECOLL=1
 typeset -i QRENCODE=1
@@ -569,12 +568,6 @@ ask_password() {
 		return 1
 	}
 
-	# if sphinx mode is chosen, use the provided input
-	# as master password to retrieve the actual password
-	if option_is_set --sphx-user || option_is_set --sphx-host; then
-		password=$(sphinx_get_password "$password")
-	fi
-
 	[[ -z $password ]] && {
 		_warning "Empty password"
 		print "empty"
@@ -585,65 +578,6 @@ ask_password() {
 	return 0
 }
 
-# Retrieve PASSWORD from sphinx
-# $1 MASTER password for the password store
-# requires --sphx-host and --sphx-user flags to be set
-sphinx_get_password() {
-	local errorfile
-	local password
-	if option_is_set --sphx-user && option_is_set --sphx-host; then
-		# value error in sphinx doesn't set exit code
-		# using tempfile as a workaround to notice the error
-		errorfile=$(mktemp /tmp/tomb_error.XXXXXXXXX)
-		password=$(echo "$1" | sphinx get $(option_value --sphx-user) $(option_value --sphx-host) 2>$errorfile)
-		if  ! grep -q "ValueError: fail" $errorfile ; then
-			echo "$password"
-			rm $errorfile
-			return 0
-		else
-			_warning "sphinx returns error: ::1 error::" $(cat $errorfile)
-			rm $errorfile
-			_failure "Failed to retrieve actual password with sphinx."
-		fi
-	else
-		_failure "Both host and user have to be set to use sphinx"
-	fi
-}
-
-# Create PASSWORD in sphinx
-# $1 MASTER password for the password store
-# requires --sphx-host and --sphx-user flags to be set
-sphinx_set_password() {
-	local errorfile
-	local password
-	if option_is_set --sphx-user && option_is_set --sphx-host; then
-		# value error in sphinx doesn't set exit code
-		# using tempfile as a workaround to notice the error
-		errorfile=$(mktemp /tmp/tomb_error.XXXXXXXXX)
-		# check first if this host/user combination exists in store
-		# if yes, there is no need to make a call to create
-		password=$(echo "$1" | sphinx get $(option_value --sphx-user) $(option_value --sphx-host) 2>$errorfile)
-		if  ! grep -q "error: sphinx protocol failure" $errorfile ; then
-			echo "$password"
-			rm $errorfile
-			return 0
-		fi
-		# no such host/user combination in store, create one
-		password=$(echo "$1" | sphinx create $(option_value --sphx-user) $(option_value --sphx-host) ulsd 0 2>$errorfile)
-		if  ! grep -q "error: sphinx protocol failure" $errorfile ; then
-			echo "$password"
-			rm $errorfile
-			return 0
-		else
-			_warning "sphinx returns error: ::1 error::" $(cat $errorfile)
-			rm $errorfile
-			_failure "Failed to create password with sphinx"
-		fi
-	else
-		_failure "Both host and user have to be set to use sphinx"
-	fi
-}
-
 # Check if a filename is a valid tomb
 is_valid_tomb() {
 
@@ -818,11 +752,6 @@ usage() {
 	_print " -R           provide GnuPG hidden recipients (separated by comma)"
 	_print " --sudo       super user exec alternative to sudo (doas or none)"
 
-	[[ $SPHINX == 1 ]] && {
-		_print " --sphx-user  user associated with the key (for use with pitchforkedsphinx)"
-		_print " --sphx-host  host associated with the key (for use with pitchforkedsphinx)"
-	}
-
 	[[ $KDF == 1 ]] && {
 		_print " --kdf        forge keys armored against dictionary attacks"
 	}
@@ -1025,8 +954,6 @@ _ensure_dependencies() {
 	command -v cloakify 1>/dev/null 2>/dev/null || CLOAKIFY=0
 	# Check for decloakify
 	command -v decloakify 1>/dev/null 2>/dev/null || DECLOAKIFY=0
-	# Check for pitchforkedsphinx client
-	command -v sphinx 1>/dev/null 2>/dev/null || SPHINX=0
 	# Check for resize
 	command -v resize2fs 1>/dev/null 2>/dev/null || RESIZER=0
 	# Check for KDF auxiliary tools
@@ -1385,12 +1312,6 @@ ask_key_password() {
 		tombpass="$1"
 		_verbose "ask_key_password with tombpass: ::1 tomb pass::" $tombpass
 
-		# if sphinx mode is chosen, use the provided input
-		# as master password to retrieve the actual password
-		if option_is_set --sphx-user || option_is_set --sphx-host; then
-			tombpass=$(sphinx_get_password "$tombpass")
-		fi
-
 		get_lukskey "$tombpass"
 
 		[[ $? = 0 ]] && {
@@ -1488,16 +1409,6 @@ gen_key() {
 	tombpass=""
 	tombpasstmp=""
 
-	# remove sphinx opts not to mess with initial password prompt
-	option_is_set --sphx-user && {
-		sphx_user_tmp="$(option_value --sphx-user)"
-		unset "OPTS[--sphx-user]"
-	}
-	option_is_set --sphx-host && {
-		sphx_host_tmp="$(option_value --sphx-host)"
-		unset "OPTS[--sphx-host]"
-	}
-
 	if option_is_set -g; then
 		gpgopt=(--encrypt)
 
@@ -1558,19 +1469,6 @@ gen_key() {
 			_verbose "gen_key takes tombpass from CLI argument: ::1 tomb pass::" $tombpass
 		fi
 
-		# if sphinx mode is chosen, use the provided input
-		# as master password to generate the actual password
-		if [[ ! -z $sphx_host_tmp ]] || [[ ! -z $sphx_user_tmp ]]; then
-			OPTS[--sphx-user]=$sphx_user_tmp
-			OPTS[--sphx-host]=$sphx_host_tmp
-			unset sphx_user_tmp
-			unset sphx_host_tmp
-			tombpass=$(sphinx_set_password "$tombpass")
-			if [[ $? != 0 ]]; then
-				_failure "User aborted."
-			fi
-		fi
-
 		header=""
 		[[ $KDF == 1 ]] && {
 			{ option_is_set --kdf } && {