Add --tomb-pwd support for GPG key on steganography functions

2024-11-25 14:17:41 +00:00 · 2017-01-31 16:23:29 +00:00 · 2017-01-31 16:23:29 +00:00 · b23e9aa028
commit b23e9aa028
parent e2fe8e508e
2 changed files with 16 additions and 11 deletions
--- a/extras/test/runtests
+++ b/extras/test/runtests
@ -142,22 +142,21 @@ test-tomb-recip() {
        cp -f arditi.jpg /tmp/recip.jpg
        sudo rm -f /tmp/recip.steg.key
    	
-        # The implementation does not support "--unsafe --tomb-pwd ${dummypass}" yet
-        tt bury -k /tmp/recip.tomb.key \
+        tt --unsafe --tomb-pwd ${dummypass} bury -k /tmp/recip.tomb.key \
            /tmp/recip.jpg -r "$gpgid_1"
        { test $? = 0 } && { results+=(recip-stgin SUCCESS) }

-        tt exhume -k /tmp/recip.steg.key \
-                    /tmp/recip.jpg
+        tt --unsafe --tomb-pwd ${dummypass} exhume -k /tmp/recip.steg.key \
+            /tmp/recip.jpg
        { test $? = 0 } && { results+=(recip-stgout SUCCESS) }

-        tt open -k /tmp/recip.steg.key \
+        tt --unsafe --tomb-pwd ${dummypass} open -k /tmp/recip.steg.key \
            /tmp/recip.tomb -r "$gpgid_1"
        { test $? = 0 } && { results+=(recip-stgopen SUCCESS) }
        ${T} close recip

        notice "test using open -k image.jpeg"
-        tt open -k /tmp/recip.jpg \
+        tt --unsafe --tomb-pwd ${dummypass} open -k /tmp/recip.jpg \
            /tmp/recip.tomb -r "$gpgid_1"
        { test $? = 0 } && { results+=(recip-stgimpl SUCCESS) }
        tt close recip
--- a/16
+++ b/16
@ -1015,7 +1015,10 @@ get_lukskey() {
        # key needs to be exhumed from an image
    elif [[ -r $TOMBKEYFILE && $(file $TOMBKEYFILE) =~ "JP.G" ]]; then
        # When using a GPG key, the tomb key is buried using a steganography password
-        if option_is_set -r; then
+        if option_is_set -r && option_is_set --tomb-pwd; then
+            _password="`option_value --tomb-pwd`"
+            _verbose "tomb-pwd = ::1 tomb pass::" $_password
+        elif option_is_set -r; then
            _password=$(ask_password "Insert password to exhume key from $imagefile")
            [[ $? != 0 ]] && {
                _warning "User aborted password dialog."
@ -1289,9 +1292,9 @@ bury_key() {
    # usability.
    # However, steganography cannot be done with GPG key. Therefore,
    # if using a GPG key, we test if the user can decrypt the tomb 
-    # with its key and we ask for a the steganography password.
+    # with its key and we ask for a steganography password.

-    { option_is_set --tomb-pwd } && {
+    { option_is_set --tomb-pwd } && { ! option_is_set -r } && {
        local tombpwd="`option_value --tomb-pwd`"
        _verbose "tomb-pwd = ::1 tomb pass::" $tombpwd
        ask_key_password "$tombpwd"
@ -1302,7 +1305,10 @@ bury_key() {
        _warning "Wrong password supplied."
        _failure "You shall not bury a key whose password is unknown to you." }

-    if option_is_set -r; then
+    if option_is_set -r && option_is_set --tomb-pwd; then
+        TOMBPASSWORD="`option_value --tomb-pwd`"
+        _verbose "tomb-pwd = ::1 tomb pass::" $TOMBPASSWORD
+    elif option_is_set -r; then
        tombpass=""
        tombpasstmp=""
        while true; do
@ -1862,7 +1868,7 @@ mount_tomb() {
    # take the name only, strip extensions
    _verbose "Tomb name: ::1 tomb name:: (to be engraved)" $TOMBNAME

-    { option_is_set --tomb-pwd } && {
+    { option_is_set --tomb-pwd } && { ! option_is_set -r } && {
        tomb_pwd="`option_value --tomb-pwd`"
        _verbose "tomb-pwd = ::1 tomb pass::" $tomb_pwd
        ask_key_password "$tomb_pwd"