Remove --shared flag when sharing a tomb key. See #252

2024-11-22 12:35:13 +00:00 · 2017-03-24 20:08:33 +00:00 · 2017-03-24 20:08:33 +00:00 · d720e4b2ce
commit d720e4b2ce
parent 6c2077fee1
2 changed files with 16 additions and 28 deletions
--- a/extras/test/runtests
+++ b/extras/test/runtests
@ -236,7 +236,7 @@ test-tomb-shared() {
    res=0
    tt dig -s 20 /tmp/shared.tomb
    { test $? = 0 } || { res=1 }
-    tt forge /tmp/shared.tomb.key -g -r $gpgid_1,$gpgid_2 --shared \
+    tt forge /tmp/shared.tomb.key -g -r $gpgid_1,$gpgid_2 \
        --ignore-swap --unsafe --use-urandom 
    { test $? = 0 } || { res=1 }
    tt lock /tmp/shared.tomb -k /tmp/shared.tomb.key \
@ -249,17 +249,17 @@ test-tomb-shared() {
    { test $res = 0 } && { results+=(shared SUCCESS) }
    
    notice "Testing changing recipients on a shared Tomb"
-    tt passwd -k /tmp/shared.tomb.key -g -r $gpgid_2,$gpgid_1 --shared
+    tt passwd -k /tmp/shared.tomb.key -g -r $gpgid_2,$gpgid_1
    { test $? = 0 } && { results+=(shared-passwd SUCCESS) }
    
    notice "Testing setkey on a shared Tomb"
    rm -f /tmp/new.shared.tomb.key
    res=0
-    tt forge /tmp/new.shared.tomb.key -g -r $gpgid_1,$gpgid_2 --shared\
+    tt forge /tmp/new.shared.tomb.key -g -r $gpgid_1,$gpgid_2 \
        --ignore-swap --unsafe --use-urandom
    { test $? = 0 } || { res=1 }
    tt setkey -k /tmp/new.shared.tomb.key /tmp/shared.tomb.key /tmp/shared.tomb \
-        -g -r $gpgid_2,$gpgid_1 --shared
+        -g -r $gpgid_2,$gpgid_1
    { test $? = 0 } || { res=1 }
    { test $res = 0 } && { results+=(shared-setkey SUCCESS) }
 }
--- a/36
+++ b/36
@ -655,7 +655,6 @@ usage() {
    _print " -g     use a GnuPG key to encrypt a tomb key"
    _print " -r     provide GnuPG recipients (separated by coma)"
    _print " -R     provide GnuPG hidden recipients (separated by coma)"
-    _print " --shared active sharing feature"
    [[ $KDF == 1 ]] && {
        _print " --kdf  forge keys armored against dictionary attacks"
    }
@ -1250,23 +1249,17 @@ gen_key() {
                recipients_opt="--hidden-recipient"
            }
            
-            [ "${#recipients}" -gt 1 ] && {
-                if option_is_set --shared; then
-                    _warning "You are going to encrypt a tomb key with ${#recipients} recipients."
-                    _warning "It is your responsibility to check the fingerprint of these recipients."
-                    _warning "The fingerprints are:"
-                    for gpg_id in ${recipients[@]}; do
-                        _warning "    `_fingerprint "$gpg_id"`"
-                    done
-                else
-                    _failure "You need to use the option '--shared' to enable sharing support"
-                fi
-            }
-            
            { is_valid_recipients $recipients } || {
                _failure "You set an invalid GPG ID."
            }
                
+            _warning "You are going to encrypt a tomb key with ${#recipients} recipient(s)."
+            _warning "It is your responsibility to check these fingerprints."
+            _warning "The fingerprints are:"
+            for gpg_id in ${recipients[@]}; do
+               _warning "    `_fingerprint "$gpg_id"`"
+            done
+            
            gpgopt+=(`_recipients_arg "$recipients_opt" $recipients`)
        } || {
            _message "No recipient specified, using default GPG key."
@ -1639,13 +1632,12 @@ dig_tomb() {

 # Step two -- Create a detached key to lock a tomb with
 #
-# Synopsis: forge_key [destkey|-k destkey] [-o cipher] [-r gpgid] [--shared]
+# Synopsis: forge_key [destkey|-k destkey] [-o cipher] [-r|-R gpgid]
 #
 # Arguments:
 # -k                path to destination keyfile
 # -o                Use an alternate algorithm
 # -r                GPG recipients to be used
-# --shared          Activate sharing capability
 #
 forge_key() {
    # can be specified both as simple argument or using -k
@ -1708,11 +1700,7 @@ forge_key() {
    # Here the global variable TOMBSECRET contains the naked secret

    { option_is_set -g } && {
-        { option_is_set --shared } && {
-            _success "Using GnuPG keys to encrypt and share your key: ::1 tomb key::" $TOMBKEYFILE
-        } || {
-            _success "Using the GnuPG key ::1:: to encrypt the key: ::2 tomb key::" `option_value -r` $TOMBKEYFILE
-        }
+        _success "Using GnuPG key(s) to encrypt your key: ::1 tomb key::" $TOMBKEYFILE
    } || {
        _success "Choose the password of your key: ::1 tomb key::" $TOMBKEYFILE
    }
@ -2769,13 +2757,13 @@ main() {
    subcommands_opts[create]="" # deprecated, will issue warning

    # -o in forge and lock is used to pass an alternate cipher.
-    subcommands_opts[forge]="-ignore-swap k: -kdf: o: -tomb-pwd: -use-urandom r: R: -shared "
+    subcommands_opts[forge]="-ignore-swap k: -kdf: o: -tomb-pwd: -use-urandom r: R: "
    subcommands_opts[dig]="-ignore-swap s: -size=s "
    subcommands_opts[lock]="-ignore-swap k: -kdf: o: -tomb-pwd: r: R: "
-    subcommands_opts[setkey]="k: -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: r: R: -shared "
+    subcommands_opts[setkey]="k: -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: r: R: "
    subcommands_opts[engrave]="k: "

-    subcommands_opts[passwd]="k: -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: r: R: -shared "
+    subcommands_opts[passwd]="k: -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: r: R: "
    subcommands_opts[close]=""
    subcommands_opts[help]=""
    subcommands_opts[slam]=""