george/blackbox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #82 from jlesquembre/keyring_new_format

Browse Source 
GnuPG 2.1 keyring default extension is '.kbx'
This commit is contained in:
Tom Limoncelli
2015-06-02 16:35:36 -04:00
parent 592c726b1d bef40214b8
commit 3bcb76c129
3 changed files with 16 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
bin/_blackbox_common.sh
View File

@@ -62,7 +62,6 @@ BB_ADMINS="${KEYRINGDIR}/${BB_ADMINS_FILE}"
BB_FILES_FILE="blackbox-files.txt" BB_FILES_FILE="blackbox-files.txt"
BB_FILES="${KEYRINGDIR}/${BB_FILES_FILE}" BB_FILES="${KEYRINGDIR}/${BB_FILES_FILE}"
SECRING="${KEYRINGDIR}/secring.gpg" SECRING="${KEYRINGDIR}/secring.gpg"
PUBRING="${KEYRINGDIR}/pubring.gpg"
: "${DECRYPT_UMASK:=0022}" ; : "${DECRYPT_UMASK:=0022}" ;
# : ${DECRYPT_UMASK:=o=} ; # : ${DECRYPT_UMASK:=o=} ;
@@ -125,6 +124,14 @@ function fail_if_keychain_has_secrets() {
fi fi
} }
function get_pubring_path() {
if [[ -f "${KEYRINGDIR}/pubring.gpg" ]]; then
echo "${KEYRINGDIR}/pubring.gpg"
else
echo "${KEYRINGDIR}/pubring.kbx"
fi
}
# Output the unencrypted filename. # Output the unencrypted filename.
function get_unencrypted_filename() { function get_unencrypted_filename() {
echo $(dirname "$1")/$(basename "$1" .gpg) | sed -e 's#^\./##' echo $(dirname "$1")/$(basename "$1" .gpg) | sed -e 's#^\./##'
@@ -138,7 +145,7 @@ function get_encrypted_filename() {
# Prepare keychain for use. # Prepare keychain for use.
function prepare_keychain() { function prepare_keychain() {
echo '========== Importing keychain: START' >&2 echo '========== Importing keychain: START' >&2
gpg --import "${PUBRING}" 2>&1 | egrep -v 'not changed$' >&2 gpg --import "$(get_pubring_path)" 2>&1 | egrep -v 'not changed$' >&2
echo '========== Importing keychain: DONE' >&2 echo '========== Importing keychain: DONE' >&2
} }

5
bin/blackbox_addadmin
View File

@@ -45,10 +45,11 @@ fi
# Import it: # Import it:
gpg --no-permission-warning --homedir="$KEYRINGDIR" --import "$pubkeyfile" gpg --no-permission-warning --homedir="$KEYRINGDIR" --import "$pubkeyfile"
vcs_add "$KEYRINGDIR/pubring.gpg" "$KEYRINGDIR/trustdb.gpg" "$BB_ADMINS" pubring_path=$(get_pubring_path)
vcs_add "$pubring_path" "$KEYRINGDIR/trustdb.gpg" "$BB_ADMINS"
# Make a suggestion: # Make a suggestion:
echo echo
echo echo
echo 'NEXT STEP: You need to manually check these in:' echo 'NEXT STEP: You need to manually check these in:'
echo ' ' $VCS_TYPE commit -m\'NEW ADMIN: $KEYNAME\' "$BLACKBOXDATA/pubring.gpg" "$BLACKBOXDATA/trustdb.gpg" "$BLACKBOXDATA/$BB_ADMINS_FILE" echo ' ' $VCS_TYPE commit -m\'NEW ADMIN: $KEYNAME\' "$BLACKBOXDATA/$(basename ${pubring_path})" "$BLACKBOXDATA/trustdb.gpg" "$BLACKBOXDATA/$BB_ADMINS_FILE"

4
bin/blackbox_initialize
View File

@@ -33,6 +33,9 @@ if [[ $VCS_TYPE = "git" || $VCS_TYPE = "hg" ]]; then
if ! grep -sx >/dev/null 'pubring.gpg~' "$IGNOREFILE" ; then if ! grep -sx >/dev/null 'pubring.gpg~' "$IGNOREFILE" ; then
echo 'pubring.gpg~' >>"$IGNOREFILE" echo 'pubring.gpg~' >>"$IGNOREFILE"
fi fi
if ! grep -sx >/dev/null 'pubring.kbx~' "$IGNOREFILE" ; then
echo 'pubring.kbx~' >>"$IGNOREFILE"
fi
if ! grep -sx >/dev/null 'secring.gpg' "$IGNOREFILE" ; then if ! grep -sx >/dev/null 'secring.gpg' "$IGNOREFILE" ; then
echo 'secring.gpg' >>"$IGNOREFILE" echo 'secring.gpg' >>"$IGNOREFILE"
fi fi
@@ -40,6 +43,7 @@ elif [[ $VCS_TYPE = "svn" ]]; then
# add file to svn ignore propset # add file to svn ignore propset
IGNOREFILE=""; IGNOREFILE="";
svn propset svn:ignore 'pubring.gpg~ svn propset svn:ignore 'pubring.gpg~
pubring.kbx~
secring.gpg' . secring.gpg' .
svn commit -m "ignore file list" svn commit -m "ignore file list"
fi fi