From c5738b11d91beeade620e282001074f6177c94c6 Mon Sep 17 00:00:00 2001
From: Dominik George <nik@naturalnet.de>
Date: Wed, 13 Nov 2013 15:18:15 +0100
Subject: Added SIGN_PASSPHRASE support for dup handler.

---
 handlers/dup.helper.in | 29 ++++++++++++++++++++++++++---
 1 file changed, 26 insertions(+), 3 deletions(-)

(limited to 'handlers/dup.helper.in')

diff --git a/handlers/dup.helper.in b/handlers/dup.helper.in
index dc21bfc..6f3281e 100644
--- a/handlers/dup.helper.in
+++ b/handlers/dup.helper.in
@@ -193,7 +193,7 @@ do_dup_gpg_signkey() {
 }
 
 do_dup_gpg_passphrase() {
-   local question="Enter the passphrase needed to unlock the GnuPG key:"
+   local question="Enter the passphrase needed to unlock the GnuPG encryption key:"
    REPLY=
    while [ -z "$REPLY" -o -z "$dup_gpg_password" ]; do
       passwordBox "$dup_title - GnuPG" "$question"
@@ -202,6 +202,16 @@ do_dup_gpg_passphrase() {
    done
 }
 
+do_dup_gpg_sign_passphrase() {
+   local question="Enter the passphrase needed to unlock the GnuPG signature key:"
+   REPLY=
+   while [ -z "$REPLY" -o -z "$dup_gpg_signpassword" ]; do
+      passwordBox "$dup_title - GnuPG" "$question"
+      [ $? = 0 ] || return 1
+      dup_gpg_signpassword="$REPLY"
+   done
+}
+
 do_dup_gpg() {
 
    # symmetric or public key encryption ?
@@ -226,6 +236,9 @@ do_dup_gpg() {
    # a passphrase is alway needed
    do_dup_gpg_passphrase
 
+   # If the signature key differs, we also need a passphrase for it
+   [ -n "$dup_gpg_signkey" -a -n "$dup_gpg_encryptkey" -a "$dup_gpg_signkey" != "$dup_gpg_encryptkey" ] && do_dup_gpg_sign_passphrase
+
    _gpg_done="(DONE)"
    setDefault adv
    # TODO: replace the above line by the following when do_dup_conn is written
@@ -329,10 +342,19 @@ encryptkey = $dup_gpg_encryptkey
 # if not set, encryptkey will be used.
 signkey = $dup_gpg_signkey
 
-# password
-# NB: neither quote this, nor should it include any quotes
+## password used to unlock the encryption key
+## NB: neither quote this, nor should it contain any quotes,
+## an example setting would be:
+## password = a_very_complicated_passphrase
 password = $dup_gpg_password
 
+## password used to unlock the signature key, used only if
+## it differs from the encryption key
+## NB: neither quote this, nor should it contain any quotes,
+## an example setting would be:
+## signpassword = a_very_complicated_passphrase
+signpassword = $dup_gpg_signpassword
+
 ######################################################
 ## source section
 ## (where the files to be backed up are coming from)
@@ -584,6 +606,7 @@ dup_wizard() {
    dup_gpg_onekeypair="yes"
    dup_gpg_signkey=""
    dup_gpg_password=""
+   dup_gpg_signpassword=""
    dup_nicelevel=19
    dup_testconnect=yes
    dup_options=
-- 
cgit v1.2.3