Optional password file when splitting gpg key
This commit is contained in:
Bob Mottram
parent
75b0eb4291
commit
45c3c6be3e
|
|
@ -716,6 +716,14 @@ function create_private_mailing_list {
|
|||
function split_gpg_key_into_fragments {
|
||||
# split the gpg key into fragments if social key management is enabled
|
||||
if [[ $ENABLE_SOCIAL_KEY_MANAGEMENT == "yes" ]]; then
|
||||
|
||||
if [ $IMAGE_PASSWORD_FILE ]; then
|
||||
if [ -f $IMAGE_PASSWORD_FILE ]; then
|
||||
${PROJECT_NAME}-splitkey -u $MY_USERNAME -e $MY_EMAIL_ADDRESS --fullname "$MY_NAME" --passwordfile $IMAGE_PASSWORD_FILE
|
||||
return
|
||||
fi
|
||||
fi
|
||||
|
||||
echo 'Splitting GPG key. You may need to enter your passphrase.'
|
||||
${PROJECT_NAME}-splitkey -u $MY_USERNAME -e $MY_EMAIL_ADDRESS --fullname "$MY_NAME"
|
||||
if [ ! -d /home/$MY_USERNAME/.gnupg_fragments ]; then
|
||||
|
|
|
|||
|
|
@ -46,6 +46,7 @@ KEY_FRAGMENTS=3
|
|||
MY_USERNAME=
|
||||
MY_EMAIL_ADDRESS=
|
||||
MY_NAME=
|
||||
PASSWORD_FILE=
|
||||
|
||||
function show_help {
|
||||
echo ''
|
||||
|
|
@ -78,6 +79,10 @@ case $key in
|
|||
shift
|
||||
MY_NAME=$1
|
||||
;;
|
||||
--passwordfile)
|
||||
shift
|
||||
PASSWORD_FILE=$1
|
||||
;;
|
||||
*)
|
||||
# unknown option
|
||||
;;
|
||||
|
|
@ -98,6 +103,13 @@ if [ ! -d /home/$MY_USERNAME/.gnupg ]; then
|
|||
exit 5393
|
||||
fi
|
||||
|
||||
if [ $PASSWORD_FILE ]; then
|
||||
if [ ! -f $PASSWORD_FILE ]; then
|
||||
echo $'Password file not found'
|
||||
exit 62952
|
||||
fi
|
||||
fi
|
||||
|
||||
FRAGMENTS_DIR=/home/$MY_USERNAME/.gnupg_fragments
|
||||
if [ -d $FRAGMENTS_DIR ]; then
|
||||
exit 0
|
||||
|
|
@ -128,8 +140,15 @@ if [ ! "$?" = "0" ]; then
|
|||
echo $"Unable to extract public key for $KEYID"
|
||||
exit 7835
|
||||
fi
|
||||
gpg --output $FRAGMENTS_DIR/privkey.txt \
|
||||
--armor --export-secret-key $KEYID
|
||||
if [ ! $PASSWORD_FILE ]; then
|
||||
gpg --output $FRAGMENTS_DIR/privkey.txt \
|
||||
--armor --export-secret-key $KEYID
|
||||
else
|
||||
echo "$(printf `cat $PASSWORD_FILE`)" | \
|
||||
gpg --batch --passphrase-fd 0 \
|
||||
--output $FRAGMENTS_DIR/privkey.txt \
|
||||
--armor --export-secret-key $KEYID
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
echo $"Unable to extract private key for $KEYID"
|
||||
exit 7823
|
||||
|
|
@ -142,8 +161,8 @@ if [ ! "$?" = "0" ]; then
|
|||
fi
|
||||
echo '$BACKUP_DUMMY_PASSWORD' | \
|
||||
gpg --output $FRAGMENTS_DIR/backup_privkey.txt \
|
||||
--batch --passphrase-fd 0 \
|
||||
--armor --export-secret-key $MY_BACKUP_KEY_ID
|
||||
--batch --passphrase-fd 0 \
|
||||
--armor --export-secret-key $MY_BACKUP_KEY_ID
|
||||
if [ ! "$?" = "0" ]; then
|
||||
echo $"Unable to extract backup private key for $MY_BACKUP_KEY_ID"
|
||||
exit 13783
|
||||
|
|
|
|||
Loading…
Reference in New Issue