Merge pull request #250 from roddhjav/gpg-support

Options for GnuPG Key
This commit is contained in:
Jaromil 2017-03-20 21:03:03 +01:00 committed by GitHub
commit ba9c0481cc
2 changed files with 87 additions and 38 deletions

View File

@ -59,7 +59,7 @@ typeset -A results
tests=(dig forge lock badpass open close passwd chksum bind setkey recip-dig
recip-forge recip-lock recip-open recip-close recip-passwd recip-resize
recip-setkey shared shared-passwd shared-setkey)
recip-setkey recip-default recip-hidden shared shared-passwd shared-setkey)
{ test $RESIZER = 1 } && { tests+=(resize) }
{ test $KDF = 1 } && { tests+=(kdforge kdfpass kdflock kdfopen) }
@ -193,6 +193,40 @@ test-tomb-recip() {
tt close recip
}
test-tomb-recip-default() {
notice "wiping all default.tomb* in /tmp"
rm -f /tmp/default.tomb /tmp/default.tomb.key
notice "Testing tomb with the default recipient"
res=0
tt dig -s 20 /tmp/default.tomb
{ test $? = 0 } || { res=1 }
tt forge /tmp/default.tomb.key -g --ignore-swap --unsafe --use-urandom
{ test $? = 0 } || { res=1 }
tt lock /tmp/default.tomb -k /tmp/default.tomb.key \
--ignore-swap --unsafe -g
{ test $? = 0 } || { res=1 }
{ test $res = 0 } && { results+=(recip-default SUCCESS) }
}
test-tomb-recip-hidden() {
notice "wiping all hidden.tomb* in /tmp"
rm -f /tmp/hidden.tomb /tmp/hidden.tomb.key
notice "Testing tomb with hidden recipient"
res=0
tt dig -s 20 /tmp/hidden.tomb
{ test $? = 0 } || { res=1 }
tt forge /tmp/hidden.tomb.key -g -R $gpgid_1 --ignore-swap --unsafe --use-urandom
{ test $? = 0 } || { res=1 }
tt lock /tmp/hidden.tomb -k /tmp/hidden.tomb.key \
--ignore-swap --unsafe -g -R $gpgid_1
{ test $? = 0 } || { res=1 }
{ test $res = 0 } && { results+=(recip-hidden SUCCESS) }
}
test-tomb-shared() {
notice "wiping all shared.tomb* in /tmp"
@ -364,6 +398,8 @@ startloops=(`sudo losetup -a |cut -d: -f1`)
# isolated function (also called with source)
test-tomb-create
test-tomb-recip
test-tomb-recip-default
test-tomb-recip-hidden
test-tomb-shared
notice "Testing open with wrong password"

87
tomb
View File

@ -654,6 +654,7 @@ usage() {
_print " -f force operation (i.e. even if swap is active)"
_print " -g use a GnuPG key to encrypt a tomb key"
_print " -r provide GnuPG recipients (separated by coma)"
_print " -R provide GnuPG hidden recipients (separated by coma)"
_print " --shared active sharing feature"
[[ $KDF == 1 ]] && {
_print " --kdf forge keys armored against dictionary attacks"
@ -995,27 +996,27 @@ gpg_decrypt() {
local gpgpass="$1\n$TOMBKEY"
local tmpres ret
typeset -a gpgopt
gpgpopt=(--passphrase-fd 0)
gpgpopt=(--batch --no-tty --passphrase-fd 0)
{ option_is_set -g } && {
gpgpass="$TOMBKEY"
gpgpopt=()
gpgpopt=(--yes)
# GPG option '--try-secret-key' exist since GPG 2.1
{ option_is_set -r } && [[ $gpgver =~ "2.1." ]] && {
{ option_is_set -R } && [[ $gpgver =~ "2.1." ]] && {
typeset -a recipients
recipients=(${(s:,:)$(option_value -r)})
{ ! is_valid_recipients $recipients } && {
recipients=(${(s:,:)$(option_value -R)})
{ is_valid_recipients $recipients } || {
_failure "You set an invalid GPG ID."
}
gpgpopt=(`_recipients_arg "--try-secret-key" $recipients`)
gpgpopt+=(`_recipients_arg "--try-secret-key" $recipients`)
}
}
[[ $gpgver == "1.4.11" ]] && {
_verbose "GnuPG is version 1.4.11 - adopting status fix."
TOMBSECRET=`print - "$gpgpass" | \
gpg --batch ${gpgpopt[@]} --no-tty --no-options`
gpg --decrypt ${gpgpopt[@]} --no-options`
ret=$?
unset gpgpass
return $ret
@ -1024,7 +1025,7 @@ gpg_decrypt() {
_tmp_create
tmpres=$TOMBTMP
TOMBSECRET=`print - "$gpgpass" | \
gpg --batch ${gpgpopt[@]} --no-tty --no-options \
gpg --decrypt ${gpgpopt[@]} --no-options \
--status-fd 2 --no-mdc-warning --no-permission-warning \
--no-secmem-warning 2> $tmpres`
unset gpgpass
@ -1230,38 +1231,50 @@ gen_key() {
local algopt="`option_value -o`"
local algo="${algopt:-AES256}"
local gpgpass opt
local recipients_opt
typeset -a gpgopt
# here user is prompted for key password
tombpass=""
tombpasstmp=""
{ option_is_set -g } && {
{ option_is_set -r } || {
_failure "A GPG recipient needs to be specified using -r."
}
gpgopt=(--encrypt)
typeset -a recipients
recipients=(${(s:,:)$(option_value -r)})
[ "${#recipients}" -gt 1 ] && {
if option_is_set --shared; then
_warning "You are going to encrypt a tomb key with ${#recipients} recipients."
_warning "It is your responsibility to check the fingerprint of these recipients."
_warning "The fingerprints are:"
for gpg_id in ${recipients[@]}; do
_warning " `_fingerprint "$gpg_id"`"
done
else
_failure "You need to use the option '--shared' to enable sharing support"
fi
}
{ is_valid_recipients $recipients } || {
_failure "You set an invalid GPG ID."
{ option_is_set -r || option_is_set -R } && {
typeset -a recipients
{ option_is_set -r } && {
recipients=(${(s:,:)$(option_value -r)})
recipients_opt="--recipient"
} || {
recipients=(${(s:,:)$(option_value -R)})
recipients_opt="--hidden-recipient"
}
[ "${#recipients}" -gt 1 ] && {
if option_is_set --shared; then
_warning "You are going to encrypt a tomb key with ${#recipients} recipients."
_warning "It is your responsibility to check the fingerprint of these recipients."
_warning "The fingerprints are:"
for gpg_id in ${recipients[@]}; do
_warning " `_fingerprint "$gpg_id"`"
done
else
_failure "You need to use the option '--shared' to enable sharing support"
fi
}
{ is_valid_recipients $recipients } || {
_failure "You set an invalid GPG ID."
}
gpgopt+=(`_recipients_arg "$recipients_opt" $recipients`)
} || {
_message "No recipient specified, using default GPG key."
gpgopt+=("--default-recipient-self")
}
# Set gpg inputs and options
gpgpass="$TOMBSECRET"
gpgopt=(--encrypt `_recipients_arg "--hidden-recipient" $recipients`)
opt=''
} || {
if [ "$1" = "" ]; then
@ -2750,19 +2763,19 @@ main() {
main_opts=(q -quiet=q D -debug=D h -help=h v -version=v f -force=f -tmp: U: G: T: -no-color -unsafe g -gpgkey=g)
subcommands_opts[__default]=""
# -o in open and mount is used to pass alternate mount options
subcommands_opts[open]="n -nohook=n k: -kdf: o: -ignore-swap -tomb-pwd: r: "
subcommands_opts[open]="n -nohook=n k: -kdf: o: -ignore-swap -tomb-pwd: r: R: "
subcommands_opts[mount]=${subcommands_opts[open]}
subcommands_opts[create]="" # deprecated, will issue warning
# -o in forge and lock is used to pass an alternate cipher.
subcommands_opts[forge]="-ignore-swap k: -kdf: o: -tomb-pwd: -use-urandom r: -shared "
subcommands_opts[forge]="-ignore-swap k: -kdf: o: -tomb-pwd: -use-urandom r: R: -shared "
subcommands_opts[dig]="-ignore-swap s: -size=s "
subcommands_opts[lock]="-ignore-swap k: -kdf: o: -tomb-pwd: r: "
subcommands_opts[setkey]="k: -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: r: -shared "
subcommands_opts[lock]="-ignore-swap k: -kdf: o: -tomb-pwd: r: R: "
subcommands_opts[setkey]="k: -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: r: R: -shared "
subcommands_opts[engrave]="k: "
subcommands_opts[passwd]="k: -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: r: -shared "
subcommands_opts[passwd]="k: -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: r: R: -shared "
subcommands_opts[close]=""
subcommands_opts[help]=""
subcommands_opts[slam]=""
@ -2772,14 +2785,14 @@ main() {
subcommands_opts[search]=""
subcommands_opts[help]=""
subcommands_opts[bury]="k: -tomb-pwd: r: "
subcommands_opts[exhume]="k: -tomb-pwd: r: "
subcommands_opts[bury]="k: -tomb-pwd: r: R: "
subcommands_opts[exhume]="k: -tomb-pwd: r: R: "
# subcommands_opts[decompose]=""
# subcommands_opts[recompose]=""
# subcommands_opts[install]=""
subcommands_opts[askpass]=""
subcommands_opts[source]=""
subcommands_opts[resize]="-ignore-swap s: -size=s k: -tomb-pwd: r: "
subcommands_opts[resize]="-ignore-swap s: -size=s k: -tomb-pwd: r: R: "
subcommands_opts[check]="-ignore-swap "
# subcommands_opts[translate]=""