diff options
author | Jameson Graef Rollins <jrollins@finestructure.net> | 2009-01-31 20:35:43 -0500 |
---|---|---|
committer | Jameson Graef Rollins <jrollins@finestructure.net> | 2009-01-31 20:39:24 -0500 |
commit | 54b8a4cdbedafdde87cfa35dc61a48d6a2d46bc6 (patch) | |
tree | 3f9a1c4123c073a99126b532ec4bbe0962eebd47 /src | |
parent | 2b5cd0f910f28a601bcecfe68cdfc1ffd9b1362c (diff) |
break out subfunctions from monkeysphere command
Diffstat (limited to 'src')
-rwxr-xr-x | src/monkeysphere | 265 | ||||
-rw-r--r-- | src/subcommands/m/gen-subkey | 127 | ||||
-rw-r--r-- | src/subcommands/m/import-subkey | 54 | ||||
-rw-r--r-- | src/subcommands/m/subkey-to-ssh-agent | 112 |
4 files changed, 301 insertions, 257 deletions
diff --git a/src/monkeysphere b/src/monkeysphere index 46abf6f..bce0072 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# monkeysphere: MonkeySphere client tool +# monkeysphere: Monkeysphere client tool # # The monkeysphere scripts are written by: # Jameson Rollins <jrollins@fifthhorseman.net> @@ -18,6 +18,9 @@ SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"} export SYSSHAREDIR . "${SYSSHAREDIR}/common" || exit 1 +# sharedir for host functions +MSHAREDIR="${SYSSHAREDIR}/m" + # UTC date in ISO 8601 format if needed DATE=$(date -u '+%FT%T') @@ -56,261 +59,6 @@ subcommands: EOF } -# import an existing ssh key as a gpg subkey -import_subkey() { - local keyFile="~/.ssh/id_rsa" - local keyExpire - local keyID - local gpgOut - local userID - - # get options - while true ; do - case "$1" in - -f|--keyfile) - keyFile="$2" - shift 2 - ;; - -e|--expire) - keyExpire="$2" - shift 2 - ;; - *) - if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then - failure "Unknown option '$1'. -Type '$PGRM help' for usage." - fi - break - ;; - esac - done - - log verbose "importing ssh key..." - fifoDir=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) - (umask 077 && mkfifo "$fifoDir/pass") - ssh2openpgp | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & - - passphrase_prompt "Please enter your passphrase for $keyID: " "$fifoDir/pass" - - rm -rf "$fifoDir" - wait - log verbose "done." -} - -# generate a subkey with the 'a' usage flags set -gen_subkey(){ - local keyLength - local keyExpire - local keyID - local gpgOut - local userID - - # get options - while true ; do - case "$1" in - -l|--length) - keyLength="$2" - shift 2 - ;; - -e|--expire) - keyExpire="$2" - shift 2 - ;; - *) - if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then - failure "Unknown option '$1'. -Type '$PGRM help' for usage." - fi - break - ;; - esac - done - - case "$#" in - 0) - gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons 2>/dev/null | egrep '^sec:') - ;; - 1) - gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons "$1" | egrep '^sec:') || failure - ;; - *) - failure "You must specify only a single primary key ID." - ;; - esac - - # check that only a single secret key was found - case $(echo "$gpgSecOut" | grep -c '^sec:') in - 0) - failure "No secret keys found. Create an OpenPGP key with the following command: - gpg --gen-key" - ;; - 1) - keyID=$(echo "$gpgSecOut" | cut -d: -f5) - ;; - *) - echo "Multiple primary secret keys found:" - echo "$gpgSecOut" | cut -d: -f5 - failure "Please specify which primary key to use." - ;; - esac - - # check that a valid authentication key does not already exist - IFS=$'\n' - for line in $(gpg --quiet --fixed-list-mode --list-keys --with-colons "$keyID") ; do - type=$(echo "$line" | cut -d: -f1) - validity=$(echo "$line" | cut -d: -f2) - usage=$(echo "$line" | cut -d: -f12) - - # look at keys only - if [ "$type" != 'pub' -a "$type" != 'sub' ] ; then - continue - fi - # check for authentication capability - if ! check_capability "$usage" 'a' ; then - continue - fi - # if authentication key is valid, prompt to continue - if [ "$validity" = 'u' ] ; then - echo "A valid authentication key already exists for primary key '$keyID'." - read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} - if [ "${OK/y/Y}" != 'Y' ] ; then - failure "aborting." - fi - break - fi - done - - # set subkey defaults - # prompt about key expiration if not specified - keyExpire=$(get_gpg_expiration "$keyExpire") - - # generate the list of commands that will be passed to edit-key - editCommands=$(cat <<EOF -addkey -7 -S -E -A -Q -$keyLength -$keyExpire -save -EOF -) - - log verbose "generating subkey..." - fifoDir=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) - (umask 077 && mkfifo "$fifoDir/pass") - echo "$editCommands" | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --edit-key "$keyID" & - - # FIXME: this needs to fail more gracefully if the passphrase is incorrect - passphrase_prompt "Please enter your passphrase for $keyID: " "$fifoDir/pass" - - rm -rf "$fifoDir" - wait - log verbose "done." -} - -subkey_to_ssh_agent() { - # try to add all authentication subkeys to the agent: - - local sshaddresponse - local secretkeys - local authsubkeys - local workingdir - local keysuccess - local subkey - local publine - local kname - - if ! test_gnu_dummy_s2k_extension ; then - failure "Your version of GnuTLS does not seem capable of using with gpg's exported subkeys. -You may want to consider patching or upgrading to GnuTLS 2.6 or later. - -For more details, see: - http://lists.gnu.org/archive/html/gnutls-devel/2008-08/msg00005.html" - fi - - # if there's no agent running, don't bother: - if [ -z "$SSH_AUTH_SOCK" ] || ! which ssh-add >/dev/null ; then - failure "No ssh-agent available." - fi - - # and if it looks like it's running, but we can't actually talk to - # it, bail out: - ssh-add -l >/dev/null - sshaddresponse="$?" - if [ "$sshaddresponse" = "2" ]; then - failure "Could not connect to ssh-agent" - fi - - # get list of secret keys (to work around https://bugs.g10code.com/gnupg/issue945): - secretkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode --fingerprint | \ - grep '^fpr:' | cut -f10 -d: | awk '{ print "0x" $1 "!" }') - - if [ -z "$secretkeys" ]; then - failure "You have no secret keys in your keyring! -You might want to run 'gpg --gen-key'." - fi - - authsubkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode \ - --fingerprint --fingerprint $secretkeys | \ - cut -f1,5,10,12 -d: | grep -A1 '^ssb:[^:]*::[^:]*a[^:]*$' | \ - grep '^fpr::' | cut -f3 -d: | sort -u) - - if [ -z "$authsubkeys" ]; then - failure "no authentication-capable subkeys available. -You might want to 'monkeysphere gen-subkey'" - fi - - workingdir=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) - umask 077 - mkfifo "$workingdir/passphrase" - keysuccess=1 - - # FIXME: we're currently allowing any other options to get passed - # through to ssh-add. should we limit it to known ones? For - # example: -d or -c and/or -t <lifetime> - - for subkey in $authsubkeys; do - # choose a label by which this key will be known in the agent: - # we are labelling the key by User ID instead of by - # fingerprint, but filtering out all / characters to make sure - # the filename is legit. - - primaryuid=$(gpg --with-colons --list-key "0x${subkey}!" | grep '^pub:' | cut -f10 -d: | tr -d /) - - #kname="[monkeysphere] $primaryuid" - kname="$primaryuid" - - if [ "$1" = '-d' ]; then - # we're removing the subkey: - gpg --export "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" - (cd "$workingdir" && ssh-add -d "$kname") - else - # we're adding the subkey: - mkfifo "$workingdir/$kname" - gpg --quiet --passphrase-fd 3 3<"$workingdir/passphrase" \ - --export-options export-reset-subkey-passwd,export-minimal,no-export-attributes \ - --export-secret-subkeys "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" & - (cd "$workingdir" && DISPLAY=nosuchdisplay SSH_ASKPASS=/bin/false ssh-add "$@" "$kname" </dev/null )& - - passphrase_prompt "Enter passphrase for key $kname: " "$workingdir/passphrase" - wait %2 - fi - keysuccess="$?" - - rm -f "$workingdir/$kname" - done - - rm -rf "$workingdir" - - # FIXME: sort out the return values: we're just returning the - # success or failure of the final authentication subkey in this - # case. What if earlier ones failed? - exit "$keysuccess" -} - ######################################################################## # MAIN ######################################################################## @@ -419,15 +167,18 @@ case $COMMAND in ;; 'import-subkey'|'i') + source "${MSHAREDIR}/import-key" import_key "$@" ;; 'gen-subkey'|'g') + source "${MSHAREDIR}/import_key" gen_subkey "$@" ;; 'ssh-proxycommand'|'p') - ssh-proxycommand "$@" + source "${MSHAREDIR}/ssh_proxycommand" + ssh_proxycommand "$@" ;; 'subkey-to-ssh-agent'|'s') diff --git a/src/subcommands/m/gen-subkey b/src/subcommands/m/gen-subkey new file mode 100644 index 0000000..cbefaa3 --- /dev/null +++ b/src/subcommands/m/gen-subkey @@ -0,0 +1,127 @@ +# -*-shell-script-*- +# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant) + +# Monkeysphere gen-subkey subcommand +# +# The monkeysphere scripts are written by: +# Jameson Rollins <jrollins@finestructure.net> +# Jamie McClelland <jm@mayfirst.org> +# Daniel Kahn Gillmor <dkg@fifthhorseman.net> +# +# They are Copyright 2008-2009, and are all released under the GPL, +# version 3 or later. + +# generate a subkey with the 'a' usage flags set + +gen_subkey(){ + local keyLength + local keyExpire + local keyID + local gpgOut + local userID + + # get options + while true ; do + case "$1" in + -l|--length) + keyLength="$2" + shift 2 + ;; + -e|--expire) + keyExpire="$2" + shift 2 + ;; + *) + if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then + failure "Unknown option '$1'. +Type '$PGRM help' for usage." + fi + break + ;; + esac + done + + case "$#" in + 0) + gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons 2>/dev/null | egrep '^sec:') + ;; + 1) + gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons "$1" | egrep '^sec:') || failure + ;; + *) + failure "You must specify only a single primary key ID." + ;; + esac + + # check that only a single secret key was found + case $(echo "$gpgSecOut" | grep -c '^sec:') in + 0) + failure "No secret keys found. Create an OpenPGP key with the following command: + gpg --gen-key" + ;; + 1) + keyID=$(echo "$gpgSecOut" | cut -d: -f5) + ;; + *) + echo "Multiple primary secret keys found:" + echo "$gpgSecOut" | cut -d: -f5 + failure "Please specify which primary key to use." + ;; + esac + + # check that a valid authentication key does not already exist + IFS=$'\n' + for line in $(gpg --quiet --fixed-list-mode --list-keys --with-colons "$keyID") ; do + type=$(echo "$line" | cut -d: -f1) + validity=$(echo "$line" | cut -d: -f2) + usage=$(echo "$line" | cut -d: -f12) + + # look at keys only + if [ "$type" != 'pub' -a "$type" != 'sub' ] ; then + continue + fi + # check for authentication capability + if ! check_capability "$usage" 'a' ; then + continue + fi + # if authentication key is valid, prompt to continue + if [ "$validity" = 'u' ] ; then + echo "A valid authentication key already exists for primary key '$keyID'." + read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} + if [ "${OK/y/Y}" != 'Y' ] ; then + failure "aborting." + fi + break + fi + done + + # set subkey defaults + # prompt about key expiration if not specified + keyExpire=$(get_gpg_expiration "$keyExpire") + + # generate the list of commands that will be passed to edit-key + editCommands=$(cat <<EOF +addkey +7 +S +E +A +Q +$keyLength +$keyExpire +save +EOF +) + + log verbose "generating subkey..." + fifoDir=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) + (umask 077 && mkfifo "$fifoDir/pass") + echo "$editCommands" | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --edit-key "$keyID" & + + # FIXME: this needs to fail more gracefully if the passphrase is incorrect + passphrase_prompt "Please enter your passphrase for $keyID: " "$fifoDir/pass" + + rm -rf "$fifoDir" + wait + log verbose "done." +} diff --git a/src/subcommands/m/import-subkey b/src/subcommands/m/import-subkey new file mode 100644 index 0000000..aa89958 --- /dev/null +++ b/src/subcommands/m/import-subkey @@ -0,0 +1,54 @@ +# -*-shell-script-*- +# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant) + +# Monkeysphere import-subkey subcommand +# +# The monkeysphere scripts are written by: +# Jameson Rollins <jrollins@finestructure.net> +# Jamie McClelland <jm@mayfirst.org> +# Daniel Kahn Gillmor <dkg@fifthhorseman.net> +# +# They are Copyright 2008-2009, and are all released under the GPL, +# version 3 or later. + +# import an existing ssh key as a gpg subkey + +import_subkey() { + local keyFile="~/.ssh/id_rsa" + local keyExpire + local keyID + local gpgOut + local userID + + # get options + while true ; do + case "$1" in + -f|--keyfile) + keyFile="$2" + shift 2 + ;; + -e|--expire) + keyExpire="$2" + shift 2 + ;; + *) + if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then + failure "Unknown option '$1'. +Type '$PGRM help' for usage." + fi + break + ;; + esac + done + + log verbose "importing ssh key..." + fifoDir=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) + (umask 077 && mkfifo "$fifoDir/pass") + ssh2openpgp | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & + + passphrase_prompt "Please enter your passphrase for $keyID: " "$fifoDir/pass" + + rm -rf "$fifoDir" + wait + log verbose "done." +} diff --git a/src/subcommands/m/subkey-to-ssh-agent b/src/subcommands/m/subkey-to-ssh-agent new file mode 100644 index 0000000..9bedb5e --- /dev/null +++ b/src/subcommands/m/subkey-to-ssh-agent @@ -0,0 +1,112 @@ +# -*-shell-script-*- +# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant) + +# Monkeysphere subkey-to-ssh-agent subcommand +# +# The monkeysphere scripts are written by: +# Jameson Rollins <jrollins@finestructure.net> +# Jamie McClelland <jm@mayfirst.org> +# Daniel Kahn Gillmor <dkg@fifthhorseman.net> +# +# They are Copyright 2008-2009, and are all released under the GPL, +# version 3 or later. + +# try to add all authentication subkeys to the agent + +subkey_to_ssh_agent() { + local sshaddresponse + local secretkeys + local authsubkeys + local workingdir + local keysuccess + local subkey + local publine + local kname + + if ! test_gnu_dummy_s2k_extension ; then + failure "Your version of GnuTLS does not seem capable of using with gpg's exported subkeys. +You may want to consider patching or upgrading to GnuTLS 2.6 or later. + +For more details, see: + http://lists.gnu.org/archive/html/gnutls-devel/2008-08/msg00005.html" + fi + + # if there's no agent running, don't bother: + if [ -z "$SSH_AUTH_SOCK" ] || ! which ssh-add >/dev/null ; then + failure "No ssh-agent available." + fi + + # and if it looks like it's running, but we can't actually talk to + # it, bail out: + ssh-add -l >/dev/null + sshaddresponse="$?" + if [ "$sshaddresponse" = "2" ]; then + failure "Could not connect to ssh-agent" + fi + + # get list of secret keys (to work around https://bugs.g10code.com/gnupg/issue945): + secretkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode --fingerprint | \ + grep '^fpr:' | cut -f10 -d: | awk '{ print "0x" $1 "!" }') + + if [ -z "$secretkeys" ]; then + failure "You have no secret keys in your keyring! +You might want to run 'gpg --gen-key'." + fi + + authsubkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode \ + --fingerprint --fingerprint $secretkeys | \ + cut -f1,5,10,12 -d: | grep -A1 '^ssb:[^:]*::[^:]*a[^:]*$' | \ + grep '^fpr::' | cut -f3 -d: | sort -u) + + if [ -z "$authsubkeys" ]; then + failure "no authentication-capable subkeys available. +You might want to 'monkeysphere gen-subkey'" + fi + + workingdir=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) + umask 077 + mkfifo "$workingdir/passphrase" + keysuccess=1 + + # FIXME: we're currently allowing any other options to get passed + # through to ssh-add. should we limit it to known ones? For + # example: -d or -c and/or -t <lifetime> + + for subkey in $authsubkeys; do + # choose a label by which this key will be known in the agent: + # we are labelling the key by User ID instead of by + # fingerprint, but filtering out all / characters to make sure + # the filename is legit. + + primaryuid=$(gpg --with-colons --list-key "0x${subkey}!" | grep '^pub:' | cut -f10 -d: | tr -d /) + + #kname="[monkeysphere] $primaryuid" + kname="$primaryuid" + + if [ "$1" = '-d' ]; then + # we're removing the subkey: + gpg --export "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" + (cd "$workingdir" && ssh-add -d "$kname") + else + # we're adding the subkey: + mkfifo "$workingdir/$kname" + gpg --quiet --passphrase-fd 3 3<"$workingdir/passphrase" \ + --export-options export-reset-subkey-passwd,export-minimal,no-export-attributes \ + --export-secret-subkeys "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" & + (cd "$workingdir" && DISPLAY=nosuchdisplay SSH_ASKPASS=/bin/false ssh-add "$@" "$kname" </dev/null )& + + passphrase_prompt "Enter passphrase for key $kname: " "$workingdir/passphrase" + wait %2 + fi + keysuccess="$?" + + rm -f "$workingdir/$kname" + done + + rm -rf "$workingdir" + + # FIXME: sort out the return values: we're just returning the + # success or failure of the final authentication subkey in this + # case. What if earlier ones failed? + exit "$keysuccess" +} |