tMerge pull request #250 from roddhjav/gpg-support - tomb - the crypto undertaker
HTML git clone git://parazyd.org/tomb.git
DIR Log
DIR Files
DIR Refs
DIR README
DIR LICENSE
---
DIR commit ba9c0481cca9f4db9baee0fe45473f6b3a1a1c71
DIR parent 69f52bee25fcb280c53036169ca71fae3ebf7d95
HTML Author: Jaromil <jaromil@dyne.org>
Date: Mon, 20 Mar 2017 21:03:03 +0100
Merge pull request #250 from roddhjav/gpg-support
Options for GnuPG Key
Diffstat:
M extras/test/runtests | 38 ++++++++++++++++++++++++++++++-
M tomb | 87 ++++++++++++++++++-------------
2 files changed, 87 insertions(+), 38 deletions(-)
---
DIR diff --git a/extras/test/runtests b/extras/test/runtests
t@@ -59,7 +59,7 @@ typeset -A results
tests=(dig forge lock badpass open close passwd chksum bind setkey recip-dig
recip-forge recip-lock recip-open recip-close recip-passwd recip-resize
- recip-setkey shared shared-passwd shared-setkey)
+ recip-setkey recip-default recip-hidden shared shared-passwd shared-setkey)
{ test $RESIZER = 1 } && { tests+=(resize) }
{ test $KDF = 1 } && { tests+=(kdforge kdfpass kdflock kdfopen) }
t@@ -193,6 +193,40 @@ test-tomb-recip() {
tt close recip
}
+test-tomb-recip-default() {
+
+ notice "wiping all default.tomb* in /tmp"
+ rm -f /tmp/default.tomb /tmp/default.tomb.key
+
+ notice "Testing tomb with the default recipient"
+ res=0
+ tt dig -s 20 /tmp/default.tomb
+ { test $? = 0 } || { res=1 }
+ tt forge /tmp/default.tomb.key -g --ignore-swap --unsafe --use-urandom
+ { test $? = 0 } || { res=1 }
+ tt lock /tmp/default.tomb -k /tmp/default.tomb.key \
+ --ignore-swap --unsafe -g
+ { test $? = 0 } || { res=1 }
+ { test $res = 0 } && { results+=(recip-default SUCCESS) }
+}
+
+test-tomb-recip-hidden() {
+
+ notice "wiping all hidden.tomb* in /tmp"
+ rm -f /tmp/hidden.tomb /tmp/hidden.tomb.key
+
+ notice "Testing tomb with hidden recipient"
+ res=0
+ tt dig -s 20 /tmp/hidden.tomb
+ { test $? = 0 } || { res=1 }
+ tt forge /tmp/hidden.tomb.key -g -R $gpgid_1 --ignore-swap --unsafe --use-urandom
+ { test $? = 0 } || { res=1 }
+ tt lock /tmp/hidden.tomb -k /tmp/hidden.tomb.key \
+ --ignore-swap --unsafe -g -R $gpgid_1
+ { test $? = 0 } || { res=1 }
+ { test $res = 0 } && { results+=(recip-hidden SUCCESS) }
+}
+
test-tomb-shared() {
notice "wiping all shared.tomb* in /tmp"
t@@ -364,6 +398,8 @@ startloops=(`sudo losetup -a |cut -d: -f1`)
# isolated function (also called with source)
test-tomb-create
test-tomb-recip
+test-tomb-recip-default
+test-tomb-recip-hidden
test-tomb-shared
notice "Testing open with wrong password"
DIR diff --git a/tomb b/tomb
t@@ -654,6 +654,7 @@ usage() {
_print " -f force operation (i.e. even if swap is active)"
_print " -g use a GnuPG key to encrypt a tomb key"
_print " -r provide GnuPG recipients (separated by coma)"
+ _print " -R provide GnuPG hidden recipients (separated by coma)"
_print " --shared active sharing feature"
[[ $KDF == 1 ]] && {
_print " --kdf forge keys armored against dictionary attacks"
t@@ -995,27 +996,27 @@ gpg_decrypt() {
local gpgpass="$1\n$TOMBKEY"
local tmpres ret
typeset -a gpgopt
- gpgpopt=(--passphrase-fd 0)
+ gpgpopt=(--batch --no-tty --passphrase-fd 0)
{ option_is_set -g } && {
gpgpass="$TOMBKEY"
- gpgpopt=()
+ gpgpopt=(--yes)
# GPG option '--try-secret-key' exist since GPG 2.1
- { option_is_set -r } && [[ $gpgver =~ "2.1." ]] && {
+ { option_is_set -R } && [[ $gpgver =~ "2.1." ]] && {
typeset -a recipients
- recipients=(${(s:,:)$(option_value -r)})
- { ! is_valid_recipients $recipients } && {
+ recipients=(${(s:,:)$(option_value -R)})
+ { is_valid_recipients $recipients } || {
_failure "You set an invalid GPG ID."
}
- gpgpopt=(`_recipients_arg "--try-secret-key" $recipients`)
+ gpgpopt+=(`_recipients_arg "--try-secret-key" $recipients`)
}
}
[[ $gpgver == "1.4.11" ]] && {
_verbose "GnuPG is version 1.4.11 - adopting status fix."
TOMBSECRET=`print - "$gpgpass" | \
- gpg --batch ${gpgpopt[@]} --no-tty --no-options`
+ gpg --decrypt ${gpgpopt[@]} --no-options`
ret=$?
unset gpgpass
return $ret
t@@ -1024,7 +1025,7 @@ gpg_decrypt() {
_tmp_create
tmpres=$TOMBTMP
TOMBSECRET=`print - "$gpgpass" | \
- gpg --batch ${gpgpopt[@]} --no-tty --no-options \
+ gpg --decrypt ${gpgpopt[@]} --no-options \
--status-fd 2 --no-mdc-warning --no-permission-warning \
--no-secmem-warning 2> $tmpres`
unset gpgpass
t@@ -1230,38 +1231,50 @@ gen_key() {
local algopt="`option_value -o`"
local algo="${algopt:-AES256}"
local gpgpass opt
+ local recipients_opt
typeset -a gpgopt
# here user is prompted for key password
tombpass=""
tombpasstmp=""
{ option_is_set -g } && {
- { option_is_set -r } || {
- _failure "A GPG recipient needs to be specified using -r."
- }
+ gpgopt=(--encrypt)
- typeset -a recipients
- recipients=(${(s:,:)$(option_value -r)})
- [ "${#recipients}" -gt 1 ] && {
- if option_is_set --shared; then
- _warning "You are going to encrypt a tomb key with ${#recipients} recipients."
- _warning "It is your responsibility to check the fingerprint of these recipients."
- _warning "The fingerprints are:"
- for gpg_id in ${recipients[@]}; do
- _warning " `_fingerprint "$gpg_id"`"
- done
- else
- _failure "You need to use the option '--shared' to enable sharing support"
- fi
- }
-
- { is_valid_recipients $recipients } || {
- _failure "You set an invalid GPG ID."
+ { option_is_set -r || option_is_set -R } && {
+ typeset -a recipients
+ { option_is_set -r } && {
+ recipients=(${(s:,:)$(option_value -r)})
+ recipients_opt="--recipient"
+ } || {
+ recipients=(${(s:,:)$(option_value -R)})
+ recipients_opt="--hidden-recipient"
+ }
+
+ [ "${#recipients}" -gt 1 ] && {
+ if option_is_set --shared; then
+ _warning "You are going to encrypt a tomb key with ${#recipients} recipients."
+ _warning "It is your responsibility to check the fingerprint of these recipients."
+ _warning "The fingerprints are:"
+ for gpg_id in ${recipients[@]}; do
+ _warning " `_fingerprint "$gpg_id"`"
+ done
+ else
+ _failure "You need to use the option '--shared' to enable sharing support"
+ fi
+ }
+
+ { is_valid_recipients $recipients } || {
+ _failure "You set an invalid GPG ID."
+ }
+
+ gpgopt+=(`_recipients_arg "$recipients_opt" $recipients`)
+ } || {
+ _message "No recipient specified, using default GPG key."
+ gpgopt+=("--default-recipient-self")
}
# Set gpg inputs and options
gpgpass="$TOMBSECRET"
- gpgopt=(--encrypt `_recipients_arg "--hidden-recipient" $recipients`)
opt=''
} || {
if [ "$1" = "" ]; then
t@@ -2750,19 +2763,19 @@ main() {
main_opts=(q -quiet=q D -debug=D h -help=h v -version=v f -force=f -tmp: U: G: T: -no-color -unsafe g -gpgkey=g)
subcommands_opts[__default]=""
# -o in open and mount is used to pass alternate mount options
- subcommands_opts[open]="n -nohook=n k: -kdf: o: -ignore-swap -tomb-pwd: r: "
+ subcommands_opts[open]="n -nohook=n k: -kdf: o: -ignore-swap -tomb-pwd: r: R: "
subcommands_opts[mount]=${subcommands_opts[open]}
subcommands_opts[create]="" # deprecated, will issue warning
# -o in forge and lock is used to pass an alternate cipher.
- subcommands_opts[forge]="-ignore-swap k: -kdf: o: -tomb-pwd: -use-urandom r: -shared "
+ subcommands_opts[forge]="-ignore-swap k: -kdf: o: -tomb-pwd: -use-urandom r: R: -shared "
subcommands_opts[dig]="-ignore-swap s: -size=s "
- subcommands_opts[lock]="-ignore-swap k: -kdf: o: -tomb-pwd: r: "
- subcommands_opts[setkey]="k: -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: r: -shared "
+ subcommands_opts[lock]="-ignore-swap k: -kdf: o: -tomb-pwd: r: R: "
+ subcommands_opts[setkey]="k: -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: r: R: -shared "
subcommands_opts[engrave]="k: "
- subcommands_opts[passwd]="k: -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: r: -shared "
+ subcommands_opts[passwd]="k: -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: r: R: -shared "
subcommands_opts[close]=""
subcommands_opts[help]=""
subcommands_opts[slam]=""
t@@ -2772,14 +2785,14 @@ main() {
subcommands_opts[search]=""
subcommands_opts[help]=""
- subcommands_opts[bury]="k: -tomb-pwd: r: "
- subcommands_opts[exhume]="k: -tomb-pwd: r: "
+ subcommands_opts[bury]="k: -tomb-pwd: r: R: "
+ subcommands_opts[exhume]="k: -tomb-pwd: r: R: "
# subcommands_opts[decompose]=""
# subcommands_opts[recompose]=""
# subcommands_opts[install]=""
subcommands_opts[askpass]=""
subcommands_opts[source]=""
- subcommands_opts[resize]="-ignore-swap s: -size=s k: -tomb-pwd: r: "
+ subcommands_opts[resize]="-ignore-swap s: -size=s k: -tomb-pwd: r: R: "
subcommands_opts[check]="-ignore-swap "
# subcommands_opts[translate]=""