From bd64869a3b68ff8a020c381371a8ab1e24a5a0e4 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 19 Feb 2009 15:19:02 -0500 Subject: The monkeysphere {import,gen}_subkey functions were not up-to-date. did a lot of work to bring them up-to-date, and better handle argument checking. also updated man page, changelog, and tests/basic. --- src/monkeysphere | 82 +++++++++++++++++++++++++++++++++++++++++++--- src/share/m/gen_subkey | 83 ++++++++--------------------------------------- src/share/m/import_subkey | 62 +++++++++++++++++++---------------- src/share/mh/import_key | 9 +++-- 4 files changed, 132 insertions(+), 104 deletions(-) (limited to 'src') diff --git a/src/monkeysphere b/src/monkeysphere index 992ca06..4169f2a 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -45,12 +45,9 @@ Monkeysphere client tool. subcommands: update-known_hosts (k) [HOST]... update known_hosts file update-authorized_keys (a) update authorized_keys file - import-subkey (i) import existing ssh key as gpg subkey - --keyfile (-f) FILE key file to import - --expire (-e) EXPIRE date to expire + import-subkey (i) FILE [KEYID] import existing ssh key as gpg subkey gen-subkey (g) [KEYID] generate an authentication subkey --length (-l) BITS key length in bits (2048) - --expire (-e) EXPIRE date to expire ssh-proxycommand monkeysphere ssh ProxyCommand subkey-to-ssh-agent (s) store authentication subkey in ssh-agent version (v) show version number @@ -59,6 +56,83 @@ subcommands: EOF } +# take a secret key ID and check that only zero or one ID is provided, +# and that it corresponds to only a single secret key ID +check_gpg_sec_key_id() { + local gpgSecOut + + case "$#" in + 0) + gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons 2>/dev/null | egrep '^sec:') + ;; + 1) + gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons "$keyID" | egrep '^sec:') || failure + ;; + *) + failure "You must specify only a single primary key ID." + ;; + esac + + # check that only a single secret key was found + case $(echo "$gpgSecOut" | grep -c '^sec:') in + 0) + failure "No secret keys found. Create an OpenPGP key with the following command: + gpg --gen-key" + ;; + 1) + echo "$gpgSecOut" | cut -d: -f5 + ;; + *) + echo "Multiple primary secret keys found:" | log error + echo "$gpgSecOut" | cut -d: -f5 | log error + echo "Please specify which primary key to use." | log error + failure + ;; + esac +} + +# check that a valid authentication subkey does not already exist +check_gpg_authentication_subkey() { + local keyID + local IFS + local line + local type + local validity + local usage + + keyID="$1" + + # check that a valid authentication key does not already exist + IFS=$'\n' + for line in $(gpg --quiet --fixed-list-mode --list-keys --with-colons "$keyID") ; do + type=$(echo "$line" | cut -d: -f1) + validity=$(echo "$line" | cut -d: -f2) + usage=$(echo "$line" | cut -d: -f12) + + # look at keys only + if [ "$type" != 'pub' -a "$type" != 'sub' ] ; then + continue + fi + # check for authentication capability + if ! check_capability "$usage" 'a' ; then + continue + fi + # if authentication key is valid, prompt to continue + if [ "$validity" = 'u' ] ; then + log error "A valid authentication key already exists for primary key '$keyID'." + if [ "$PROMPT" = "true" ] ; then + read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} + if [ "${OK/y/Y}" != 'Y' ] ; then + failure "aborting." + fi + break + else + failure "aborting." + fi + fi + done +} + ######################################################################## # MAIN ######################################################################## diff --git a/src/share/m/gen_subkey b/src/share/m/gen_subkey index d926ad5..7c3ebb7 100644 --- a/src/share/m/gen_subkey +++ b/src/share/m/gen_subkey @@ -15,10 +15,10 @@ gen_subkey(){ local keyLength - local keyExpire + local gpgSecOut local keyID - local gpgOut - local userID + local editCommands + local fifoDir # get options while true ; do @@ -27,10 +27,6 @@ gen_subkey(){ keyLength="$2" shift 2 ;; - -e|--expire) - keyExpire="$2" - shift 2 - ;; *) if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then failure "Unknown option '$1'. @@ -41,67 +37,11 @@ Type '$PGRM help' for usage." esac done - case "$#" in - 0) - gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons 2>/dev/null | egrep '^sec:') - ;; - 1) - gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons "$1" | egrep '^sec:') || failure - ;; - *) - failure "You must specify only a single primary key ID." - ;; - esac - - # check that only a single secret key was found - case $(echo "$gpgSecOut" | grep -c '^sec:') in - 0) - failure "No secret keys found. Create an OpenPGP key with the following command: - gpg --gen-key" - ;; - 1) - keyID=$(echo "$gpgSecOut" | cut -d: -f5) - ;; - *) - echo "Multiple primary secret keys found:" - echo "$gpgSecOut" | cut -d: -f5 - failure "Please specify which primary key to use." - ;; - esac + # check that the keyID is unique + keyID=$(check_gpg_sec_key_id "$@") - # check that a valid authentication key does not already exist - IFS=$'\n' - for line in $(gpg --quiet --fixed-list-mode --list-keys --with-colons "$keyID") ; do - type=$(echo "$line" | cut -d: -f1) - validity=$(echo "$line" | cut -d: -f2) - usage=$(echo "$line" | cut -d: -f12) - - # look at keys only - if [ "$type" != 'pub' -a "$type" != 'sub' ] ; then - continue - fi - # check for authentication capability - if ! check_capability "$usage" 'a' ; then - continue - fi - # if authentication key is valid, prompt to continue - if [ "$validity" = 'u' ] ; then - log error "A valid authentication key already exists for primary key '$keyID'." - if [ "$PROMPT" = "true" ] ; then - read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} - if [ "${OK/y/Y}" != 'Y' ] ; then - failure "aborting." - fi - break - else - failure "aborting." - fi - fi - done - - # set subkey defaults - # prompt about key expiration if not specified - keyExpire=$(get_gpg_expiration "$keyExpire") + # check that an authentication subkey does not already exist + check_gpg_authentication_subkey "$keyID" # generate the list of commands that will be passed to edit-key editCommands=$(cat < Date: Thu, 19 Feb 2009 15:31:17 -0500 Subject: add a gpg_user function in monkeysphere to add some gpg quieting option, and use it in all gpg invocations. add a trap to subkey_to_ssh_agent. --- src/monkeysphere | 13 +++++++++---- src/share/m/gen_subkey | 2 +- src/share/m/import_subkey | 4 ++-- src/share/m/ssh_proxycommand | 6 +++--- src/share/m/subkey_to_ssh_agent | 13 ++++++++----- 5 files changed, 23 insertions(+), 15 deletions(-) (limited to 'src') diff --git a/src/monkeysphere b/src/monkeysphere index 4169f2a..cac9a02 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -56,6 +56,11 @@ subcommands: EOF } +# user gpg command to define common options +gpg_user() { + gpg --no-greeting --quiet --no-tty "$@" +} + # take a secret key ID and check that only zero or one ID is provided, # and that it corresponds to only a single secret key ID check_gpg_sec_key_id() { @@ -63,10 +68,10 @@ check_gpg_sec_key_id() { case "$#" in 0) - gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons 2>/dev/null | egrep '^sec:') + gpgSecOut=$(gpg_user --fixed-list-mode --list-secret-keys --with-colons 2>/dev/null | egrep '^sec:') ;; 1) - gpgSecOut=$(gpg --quiet --fixed-list-mode --list-secret-keys --with-colons "$keyID" | egrep '^sec:') || failure + gpgSecOut=$(gpg_user --fixed-list-mode --list-secret-keys --with-colons "$keyID" | egrep '^sec:') || failure ;; *) failure "You must specify only a single primary key ID." @@ -104,7 +109,7 @@ check_gpg_authentication_subkey() { # check that a valid authentication key does not already exist IFS=$'\n' - for line in $(gpg --quiet --fixed-list-mode --list-keys --with-colons "$keyID") ; do + for line in $(gpg_user --fixed-list-mode --list-keys --with-colons "$keyID") ; do type=$(echo "$line" | cut -d: -f1) validity=$(echo "$line" | cut -d: -f2) usage=$(echo "$line" | cut -d: -f12) @@ -119,7 +124,7 @@ check_gpg_authentication_subkey() { fi # if authentication key is valid, prompt to continue if [ "$validity" = 'u' ] ; then - log error "A valid authentication key already exists for primary key '$keyID'." + echo "A valid authentication key already exists for primary key '$keyID'." if [ "$PROMPT" = "true" ] ; then read -p "Are you sure you would like to generate another one? (y/N) " OK; OK=${OK:N} if [ "${OK/y/Y}" != 'Y' ] ; then diff --git a/src/share/m/gen_subkey b/src/share/m/gen_subkey index 7c3ebb7..dbd9dd6 100644 --- a/src/share/m/gen_subkey +++ b/src/share/m/gen_subkey @@ -64,7 +64,7 @@ EOF (umask 077 && mkfifo "$fifoDir/pass") log verbose "generating subkey..." - echo "$editCommands" | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --edit-key "$keyID" & + echo "$editCommands" | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --edit-key "$keyID" & # FIXME: this needs to fail more gracefully if the passphrase is incorrect passphrase_prompt "Please enter your passphrase for $keyID: " "$fifoDir/pass" diff --git a/src/share/m/import_subkey b/src/share/m/import_subkey index d71c258..f3ca957 100644 --- a/src/share/m/import_subkey +++ b/src/share/m/import_subkey @@ -43,11 +43,11 @@ import_subkey() { if [ "$sshKeyFile" = '-' ] ; then log verbose "importing ssh key from stdin..." ssh2openpgp \ - | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & + | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & else log verbose "importing ssh key from file '$sshKeyFile'..." ssh2openpgp <"$sshKeyFile" \ - | gpg --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & + | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & fi # get the password if needed diff --git a/src/share/m/ssh_proxycommand b/src/share/m/ssh_proxycommand index e07b637..d2b4527 100644 --- a/src/share/m/ssh_proxycommand +++ b/src/share/m/ssh_proxycommand @@ -43,7 +43,7 @@ EOF # found? # get the gpg info for userid - gpgOut=$(gpg --list-key --fixed-list-mode --with-colon \ + gpgOut=$(gpg_user --list-key --fixed-list-mode --with-colon \ --with-fingerprint --with-fingerprint \ ="$userID" 2>/dev/null) @@ -71,7 +71,7 @@ EOF rm -f "$sshKeyGPGFile" # get the sigs for the matching key - gpgSigOut=$(gpg --check-sigs \ + gpgSigOut=$(gpg_user --check-sigs \ --list-options show-uid-validity \ "$keyid") @@ -171,7 +171,7 @@ URI="ssh://${HOSTP}" # CHECK_KEYSERVER variable in the monkeysphere.conf file. # if the host is in the gpg keyring... -if gpg --list-key ="${URI}" 2>&1 >/dev/null ; then +if gpg_user --list-key ="${URI}" 2>&1 >/dev/null ; then # do not check the keyserver CHECK_KEYSERVER=${CHECK_KEYSERVER:="false"} diff --git a/src/share/m/subkey_to_ssh_agent b/src/share/m/subkey_to_ssh_agent index a92718e..818f4f7 100644 --- a/src/share/m/subkey_to_ssh_agent +++ b/src/share/m/subkey_to_ssh_agent @@ -46,7 +46,8 @@ For more details, see: # get list of secret keys (to work around bug # https://bugs.g10code.com/gnupg/issue945): - secretkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode --fingerprint | \ + secretkeys=$(gpg_user --list-secret-keys --with-colons --fixed-list-mode \ + --fingerprint | \ grep '^fpr:' | cut -f10 -d: | awk '{ print "0x" $1 "!" }') if [ -z "$secretkeys" ]; then @@ -54,7 +55,7 @@ For more details, see: You might want to run 'gpg --gen-key'." fi - authsubkeys=$(gpg --list-secret-keys --with-colons --fixed-list-mode \ + authsubkeys=$(gpg_user --list-secret-keys --with-colons --fixed-list-mode \ --fingerprint --fingerprint $secretkeys | \ cut -f1,5,10,12 -d: | grep -A1 '^ssb:[^:]*::[^:]*a[^:]*$' | \ grep '^fpr::' | cut -f3 -d: | sort -u) @@ -65,6 +66,7 @@ You might want to 'monkeysphere gen-subkey'" fi workingdir=$(msmktempdir) + trap "rm -rf $workingdir" EXIT umask 077 mkfifo "$workingdir/passphrase" keysuccess=1 @@ -79,19 +81,19 @@ You might want to 'monkeysphere gen-subkey'" # fingerprint, but filtering out all / characters to make sure # the filename is legit. - primaryuid=$(gpg --with-colons --list-key "0x${subkey}!" | grep '^pub:' | cut -f10 -d: | tr -d /) + primaryuid=$(gpg_user --with-colons --list-key "0x${subkey}!" | grep '^pub:' | cut -f10 -d: | tr -d /) #kname="[monkeysphere] $primaryuid" kname="$primaryuid" if [ "$1" = '-d' ]; then # we're removing the subkey: - gpg --export "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" + gpg_user --export "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" (cd "$workingdir" && ssh-add -d "$kname") else # we're adding the subkey: mkfifo "$workingdir/$kname" - gpg --quiet --passphrase-fd 3 3<"$workingdir/passphrase" \ + gpg_user --passphrase-fd 3 3<"$workingdir/passphrase" \ --export-options export-reset-subkey-passwd,export-minimal,no-export-attributes \ --export-secret-subkeys "0x${subkey}!" | openpgp2ssh "$subkey" > "$workingdir/$kname" & (cd "$workingdir" && DISPLAY=nosuchdisplay SSH_ASKPASS=/bin/false ssh-add "$@" "$kname" Date: Thu, 19 Feb 2009 15:46:23 -0500 Subject: the import_subkey function was in fact not implement at all. MUST FIX! --- src/share/m/import_subkey | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/share/m/import_subkey b/src/share/m/import_subkey index f3ca957..1823f71 100644 --- a/src/share/m/import_subkey +++ b/src/share/m/import_subkey @@ -33,6 +33,9 @@ import_subkey() { # check that an authentication subkey does not already exist check_gpg_authentication_subkey "$keyID" + # FIXME: implement! + failure "implement me!" + # setup the temp fifo dir for retrieving the key password log debug "creating password fifo..." fifoDir=$(msmktempdir) @@ -42,11 +45,11 @@ import_subkey() { # import ssh key to as authentication subkey if [ "$sshKeyFile" = '-' ] ; then log verbose "importing ssh key from stdin..." - ssh2openpgp \ + PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \ | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & else log verbose "importing ssh key from file '$sshKeyFile'..." - ssh2openpgp <"$sshKeyFile" \ + PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" <"$sshKeyFile" \ | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import & fi -- cgit v1.2.3 From 6c048ca2dc8ca4ae7708ce8ee5c578ab4ed73c8b Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 19 Feb 2009 18:14:13 -0500 Subject: Modify/cleanup add_certifier and add_revoker, so that their code base is more similar, and so that they can read keys from stdin instead of just from a file. Also fix the permissions on the tempdir in publish_key. --- man/man8/monkeysphere-authentication.8 | 5 ++- man/man8/monkeysphere-host.8 | 7 ++-- src/monkeysphere-authentication | 2 +- src/monkeysphere-host | 2 +- src/share/common | 1 - src/share/ma/add_certifier | 39 ++++++++++++++------ src/share/mh/add_revoker | 65 ++++++++++++++++++++-------------- src/share/mh/publish_key | 2 ++ 8 files changed, 80 insertions(+), 43 deletions(-) (limited to 'src') diff --git a/man/man8/monkeysphere-authentication.8 b/man/man8/monkeysphere-authentication.8 index 38df65d..361822d 100644 --- a/man/man8/monkeysphere-authentication.8 +++ b/man/man8/monkeysphere-authentication.8 @@ -37,8 +37,11 @@ monkeysphere-controlled authorized_keys file. If no accounts are specified, then all accounts on the system are processed. `u' may be used in place of `update-users'. .TP -.B add-id-certifier KEYID +.B add-id-certifier KEYID|FILE Instruct system to trust user identity certifications made by KEYID. +The key ID will be loaded from the keyserver. A file may be loaded +instead of pulling the key from the keyserver by specifying the path +to the file as the argument, or by specifying `-` to load from stdin. Using the `-n' or `--domain' option allows you to indicate that you only trust the given KEYID to make identifications within a specific domain (e.g. "trust KEYID to certify user identities within the diff --git a/man/man8/monkeysphere-host.8 b/man/man8/monkeysphere-host.8 index f33aea6..2b71807 100644 --- a/man/man8/monkeysphere-host.8 +++ b/man/man8/monkeysphere-host.8 @@ -58,8 +58,11 @@ place of `add-hostname'. Revoke a hostname user ID from the server host key. `n-' may be used in place of `revoke-hostname'. .TP -.B add-revoker FINGERPRINT -Add a revoker to the host's OpenPGP key. `o' may be be used in place +.B add-revoker KEYID|FILE +Add a revoker to the host's OpenPGP key. The key ID will be loaded +from the keyserver. A file may be loaded instead of pulling the key +from the keyserver by specifying the path to the file as the argument, +or by specifying `-` to load from stdin. `o' may be be used in place of `add-revoker'. .TP .B revoke-key diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication index 22cd018..497470d 100755 --- a/src/monkeysphere-authentication +++ b/src/monkeysphere-authentication @@ -57,7 +57,7 @@ Monkeysphere authentication admin tool. subcommands: update-users (u) [USER]... update user authorized_keys files - add-id-certifier (c+) KEYID import and tsign a certification key + add-id-certifier (c+) [KEYID|FILE] import and tsign a certification key --domain (-n) DOMAIN limit ID certifications to DOMAIN --trust (-t) TRUST trust level of certifier (full) --depth (-d) DEPTH trust depth for certifier (1) diff --git a/src/monkeysphere-host b/src/monkeysphere-host index 9d703c2..4c7df88 100755 --- a/src/monkeysphere-host +++ b/src/monkeysphere-host @@ -59,7 +59,7 @@ subcommands: set-expire (e) [EXPIRE] set host key expiration add-hostname (n+) NAME[:PORT] add hostname user ID to host key revoke-hostname (n-) NAME[:PORT] revoke hostname user ID - add-revoker (o) FINGERPRINT add a revoker to the host key + add-revoker (o) [KEYID|FILE] add a revoker to the host key revoke-key (r) revoke host key publish-key (p) publish host key to keyserver diff --git a/src/share/common b/src/share/common index bfe73a3..745a861 100644 --- a/src/share/common +++ b/src/share/common @@ -1153,7 +1153,6 @@ process_authorized_user_ids() { # takes a gpg key or keys on stdin, and outputs a list of # fingerprints, one per line: list_primary_fingerprints() { - local file="$1" local fake=$(msmktempdir) GNUPGHOME="$fake" gpg --no-tty --quiet --import GNUPGHOME="$fake" gpg --with-colons --fingerprint --list-keys | \ diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier index bd41f23..024255f 100644 --- a/src/share/ma/add_certifier +++ b/src/share/ma/add_certifier @@ -62,30 +62,47 @@ Type '$PGRM help' for usage." done keyID="$1" + +# check that key ID or file is specified if [ -z "$keyID" ] ; then failure "You must specify the key ID of a key to add, or specify a file to read the key from." fi -if [ -f "$keyID" ] ; then - log info "Reading key from file '$keyID':" - fingerprints=$(su_monkeysphere_user \ +# if file is specified +if [ -f "$keyID" -o "$keyID" = '-' ] ; then + # load the key from stdin + if [ "$keyID" = '-' ] ; then + local keyID=$(msmktempfile) + trap "rm -f $keyID" EXIT + log verbose "reading key from stdin..." + cat > "$keyID" + + # load the key from the file + elif [ -f "$keyID" ] ; then + log verbose "reading key from file '$keyID'..." + fi + + # check the key is ok as monkeysphere user before loading + fingerprint=$(su_monkeysphere_user \ ". ${SYSSHAREDIR}/common; list_primary_fingerprints" < "$keyID") - if [ $(printf "%s" "$fingerprints" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then + if [ $(printf "%s" "$fingerprint" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then failure "There was not exactly one gpg key in the file." fi - gpg_sphere "--import" < "$keyID" || failure "could not read key from '$keyID'" + # load the key + gpg_sphere "--import" <"$keyID" \ + || failure "could not read key from '$keyID'" - keyID="$fingerprints" + keyID="$fingerprint" + +# else, get the key from the keyserver else - # get the key from the key server - log debug "retrieving key from keyserver..." - gpg_sphere "--keyserver $KEYSERVER --recv-key '0x${keyID}!'" || failure "Could not receive a key with this ID from the '$KEYSERVER' keyserver." + log verbose "searching keyserver $KEYSERVER for keyID $keyID..." + gpg_sphere "--keyserver $KEYSERVER --recv-key '0x${keyID}!'" \ + || failure "Could not receive a key with this ID from the '$KEYSERVER' keyserver." fi -export keyID - # get the full fingerprint of new certifier key log debug "getting fingerprint of certifier key..." fingerprint=$(gpg_sphere "--list-key --with-colons --with-fingerprint 0x${keyID}!" \ diff --git a/src/share/mh/add_revoker b/src/share/mh/add_revoker index 21dc0bb..c6f9a58 100644 --- a/src/share/mh/add_revoker +++ b/src/share/mh/add_revoker @@ -25,48 +25,61 @@ local ltsignCommand local trustval keyID="$1" + +# check that key ID or file is specified if [ -z "$keyID" ] ; then failure "You must specify the key ID of a revoker key, or specify a file to read the key from." fi -if [ -f "$keyID" ] ; then - log info "Reading key from file '$keyID':" - importinfo=$(gpg_host --import < "$keyID" 2>&1) || failure "could not read key from '$keyID'" - # FIXME: if this is tried when the key database is not - # up-to-date, i got these errors (using set -x): - - # ++ su -m monkeysphere -c '\''gpg --import'\'' - # Warning: using insecure memory! - # gpg: key D21739E9: public key "Daniel Kahn Gillmor " imported - # gpg: Total number processed: 1 - # gpg: imported: 1 (RSA: 1) - # gpg: can'\''t create `/var/monkeysphere/gnupg-host/pubring.gpg.tmp'\'': Permission denied - # gpg: failed to rebuild keyring cache: Permission denied - # gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model - # gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u - # gpg: next trustdb check due at 2009-01-10' - # + failure 'could not read key from '\''/root/dkg.gpg'\''' - # + echo 'could not read key from '\''/root/dkg.gpg'\''' - - keyID=$(echo "$importinfo" | grep '^gpg: key ' | cut -f2 -d: | cut -f3 -d\ ) - if [ -z "$keyID" ] || [ $(echo "$keyID" | wc -l) -ne 1 ] ; then + +# if file is specified +if [ -f "$keyID" -o "$keyID" = '-' ] ; then + # load the key from stdin + if [ "$keyID" = '-' ] ; then + local keyID=$(msmktempfile) + trap "rm -f $keyID" EXIT + log verbose "reading key from stdin..." + cat > "$keyID" + + # load the key from the file + elif [ -f "$keyID" ] ; then + log verbose "reading key from file '$keyID'..." + fi + + # check the key is ok as monkeysphere user before loading + fingerprint=$(su_monkeysphere_user \ + ". ${SYSSHAREDIR}/common; list_primary_fingerprints" < "$keyID") + + if [ $(printf "%s" "$fingerprint" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then failure "There was not exactly one gpg key in the file." fi + + # load the key + gpg_host --import <"$keyID" \ + || failure "could not read key from '$keyID'" + + keyID="$fingerprint" + +# else, get the key from the keyserver else # create a temporary directory for storing the downloaded key - TMPLOC=$(msmktempdir) || failure "Could not create temporary directory!" + local TMPLOC=$(msmktempdir) + chmod 0700 "$GNUPGHOME" + chown "$MONKEYSPHERE_USER":"$MONKEYSPHERE_USER" "$GNUPGHOME" # download the key from the keyserver as the monkeysphere user + log verbose "searching keyserver $KEYSERVER for keyID $keyID..." su_monkeysphere_user \ - "GNUPGHOME=$TMPLOC gpg --quiet --keyserver $KEYSERVER --recv-key 0x${keyID}!" + "GNUPGHOME=$TMPLOC gpg --quiet --keyserver $KEYSERVER --recv-key 0x${keyID}!" \ + || failure "Could not receive a key with this ID from the '$KEYSERVER' keyserver." # export the new key to the host keyring + log verbose "loading key $keyID..." su_monkeysphere_user "GNUPGHOME=$TMPLOC gpg --quiet --export 0x${keyID}!" \ | gpg_host --import fi -export keyID - -# get the full fingerprint of the revoker key ID +# get the full fingerprint of new revoker key +log debug "getting fingerprint of revoker key..." fingerprint=$(gpg_host --list-key --with-colons --with-fingerprint "0x${keyID}!" \ | grep '^fpr:' | grep "$keyID" | cut -d: -f10) diff --git a/src/share/mh/publish_key b/src/share/mh/publish_key index 05faa0b..b0ffd93 100644 --- a/src/share/mh/publish_key +++ b/src/share/mh/publish_key @@ -28,6 +28,8 @@ fi # create a temporary gnupg directory from which to publish the key export GNUPGHOME=$(msmktempdir) +chmod 0700 "$GNUPGHOME" +chown "$MONKEYSPHERE_USER":"$MONKEYSPHERE_USER" "$GNUPGHOME" # trap to remove tmp dir if break trap "rm -rf $GNUPGHOME" EXIT -- cgit v1.2.3 From 03cf0966b1fbaefa434b706a65ff6d2d1479f0fd Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 19 Feb 2009 19:01:38 -0500 Subject: fix arg parsing in add_certifier to allow of - for stdin read. --- src/share/ma/add_certifier | 4 ++++ src/share/ma/setup | 2 +- src/share/mh/add_revoker | 1 + 3 files changed, 6 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier index 024255f..e2df1d3 100644 --- a/src/share/ma/add_certifier +++ b/src/share/ma/add_certifier @@ -51,6 +51,9 @@ while true ; do depth="$2" shift 2 ;; + -) + break + ;; *) if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then failure "Unknown option '$1'. @@ -83,6 +86,7 @@ if [ -f "$keyID" -o "$keyID" = '-' ] ; then fi # check the key is ok as monkeysphere user before loading + log debug "checking keys in file..." fingerprint=$(su_monkeysphere_user \ ". ${SYSSHAREDIR}/common; list_primary_fingerprints" < "$keyID") diff --git a/src/share/ma/setup b/src/share/ma/setup index 8929871..e77afff 100644 --- a/src/share/ma/setup +++ b/src/share/ma/setup @@ -13,7 +13,7 @@ setup() { # make all needed directories - log debug "make authentication directory structure..." + log debug "checking authentication directory structure..." mkdir -p "${MADATADIR}" chmod 0750 "${MADATADIR}" chgrp "$MONKEYSPHERE_USER" "${MADATADIR}" diff --git a/src/share/mh/add_revoker b/src/share/mh/add_revoker index c6f9a58..2275f61 100644 --- a/src/share/mh/add_revoker +++ b/src/share/mh/add_revoker @@ -46,6 +46,7 @@ if [ -f "$keyID" -o "$keyID" = '-' ] ; then fi # check the key is ok as monkeysphere user before loading + log debug "checking keys in file..." fingerprint=$(su_monkeysphere_user \ ". ${SYSSHAREDIR}/common; list_primary_fingerprints" < "$keyID") -- cgit v1.2.3 From 21e298b8df5108b1337d66ba1a39184be4ce0e4e Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 19 Feb 2009 22:39:00 -0500 Subject: remove import_subkey from monkeysphere usage and man page until we get a chance to fully implement it. --- man/man1/monkeysphere.1 | 8 -------- src/monkeysphere | 1 - src/share/m/import_subkey | 6 +++--- 3 files changed, 3 insertions(+), 12 deletions(-) (limited to 'src') diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1 index 345e1d8..887b5df 100644 --- a/man/man1/monkeysphere.1 +++ b/man/man1/monkeysphere.1 @@ -56,14 +56,6 @@ ID, 1 if no matching keys were found at all, and 2 if matching keys were found but none were acceptable. `a' may be used in place of `update-authorized_keys'. .TP -.B import-subkey FILE [KEYID] -Import an existing ssh RSA key as an authentication subkey for a -private key in your GnuPG keyring. KEYID is the key ID for the -primary key for which the subkey with "authentication" capability will -be imported. If no key ID is specified, but only one key exists in -the secret keyring, that key will be used. `i' may be used in place -of `import-subkey'. -.TP .B gen-subkey [KEYID] Generate an authentication subkey for a private key in your GnuPG keyring. KEYID is the key ID for the primary key for which the subkey diff --git a/src/monkeysphere b/src/monkeysphere index cac9a02..a65cef6 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -45,7 +45,6 @@ Monkeysphere client tool. subcommands: update-known_hosts (k) [HOST]... update known_hosts file update-authorized_keys (a) update authorized_keys file - import-subkey (i) FILE [KEYID] import existing ssh key as gpg subkey gen-subkey (g) [KEYID] generate an authentication subkey --length (-l) BITS key length in bits (2048) ssh-proxycommand monkeysphere ssh ProxyCommand diff --git a/src/share/m/import_subkey b/src/share/m/import_subkey index 1823f71..7333f80 100644 --- a/src/share/m/import_subkey +++ b/src/share/m/import_subkey @@ -19,6 +19,9 @@ import_subkey() { local gpgSecOut local fifoDir + # FIXME: implement! + failure "implement me!" + sshKeyFile="$1" shift @@ -33,9 +36,6 @@ import_subkey() { # check that an authentication subkey does not already exist check_gpg_authentication_subkey "$keyID" - # FIXME: implement! - failure "implement me!" - # setup the temp fifo dir for retrieving the key password log debug "creating password fifo..." fifoDir=$(msmktempdir) -- cgit v1.2.3