summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2010-11-18 10:53:54 -0200
committerSilvio Rhatto <rhatto@riseup.net>2010-11-18 10:53:54 -0200
commitdcd5a3b7f546fe6934e91e3ce0c1e68a9bbc6a3a (patch)
tree94d9cbdef5001c398bd2bb4d5d7a4416de781646
parent0909e5395199cfb731964487abfa0bd857f7b94f (diff)
parentd9721fd16ad489d400dd085aa7ba8a4d83baf3d3 (diff)
downloadkeyringer-dcd5a3b7f546fe6934e91e3ce0c1e68a9bbc6a3a.tar.gz
keyringer-dcd5a3b7f546fe6934e91e3ce0c1e68a9bbc6a3a.tar.bz2
Merge branch 'master' of git://lair.fifthhorseman.net/~dkg/keyringer
Conflicts: keyringer
-rw-r--r--README20
-rwxr-xr-xkeyringer50
-rwxr-xr-xlib/keyringer/csr.sh28
-rw-r--r--lib/keyringer/functions68
-rwxr-xr-xshare/keyringer/append17
-rwxr-xr-xshare/keyringer/decrypt6
-rwxr-xr-xshare/keyringer/del6
-rwxr-xr-xshare/keyringer/edit12
-rwxr-xr-xshare/keyringer/encrypt10
-rwxr-xr-xshare/keyringer/genpair60
-rwxr-xr-xshare/keyringer/git6
-rwxr-xr-xshare/keyringer/ls6
-rwxr-xr-xshare/keyringer/options16
-rwxr-xr-xshare/keyringer/recipients10
-rwxr-xr-xshare/keyringer/recrypt6
15 files changed, 166 insertions, 155 deletions
diff --git a/README b/README
index a43d873..beae024 100644
--- a/README
+++ b/README
@@ -29,15 +29,17 @@ You can also package it to your preferred distro.
Creating a keyringer repository
-------------------------------
-The first step will would like to take is to setup a keyring. Keyringer suport
-management of multiple isolated keyrings. To start a new keyring (or register
-an existing one at your config file), type
+The first step is to setup a keyring.
+
+Keyringer supports management of multiple isolated keyrings. To start
+a new keyring (or register an existing one with your config file),
+run:
keyringer <keyring> init <path> [remote]
This will
- 1. Add an entry at $HOME/.keyringer aliasing 'keyring' to 'path'.
+ 1. Add an entry at $HOME/.keyringer/config aliasing 'keyring' to 'path'.
2. Initialize a git repository if needed.
For example,
@@ -47,8 +49,8 @@ For example,
will create an alias "friends" pointing to $HOME/keyrings/friends. Call all
other keyring actions using this alias.
-If there is an existing remote keyring repository and you just want to checkout
-it, use
+If there is an existing remote keyring git repository and you just
+want to checkout it, use
keyringer friends init $HOME/keyrings/friends <repository-url>
@@ -98,8 +100,8 @@ To edit a key, use
keyringer <keyring> edit <file>
-Use this option with caution as it keeps temporary unencrypted data into keyringer
-temp folder and at your $EDITOR temp files.
+Use this option with caution as it keeps temporary unencrypted data
+into keyringer temp folder and at your editor's temp files.
Listing keys
@@ -222,6 +224,8 @@ There are lots of things that can be enhanced, like:
- Rewrite using an object-oriented programming language?
+ - tab completion subcommand support for popular shells like bash
+
Development
-----------
diff --git a/keyringer b/keyringer
index ebd5338..2893683 100755
--- a/keyringer
+++ b/keyringer
@@ -35,7 +35,7 @@ function keyringer_init {
# Setup
if [ ! -z "$URL" ]; then
- git clone $URL $BASEDIR
+ git clone "$URL" "$BASEDIR"
if [ "$?" != "0" ]; then
echo "Error cloning remote $URL"
exit 1
@@ -48,36 +48,36 @@ function keyringer_init {
fi
else
# Setup folders
- mkdir -p $BASEDIR/{config,keys}
+ mkdir -p "$BASEDIR/"{config,keys}
# Setup recipients
- echo "# Use entries in the form of 'john@doe.com XXXXXXXX" > $RECIPIENTS
- echo "" >> $RECIPIENTS
+ echo "# Use entries in the form of 'john@doe.com XXXXXXXX" > "$RECIPIENTS"
+ echo "" >> "$RECIPIENTS"
# Setup options
- touch $OPTIONS
+ touch "$OPTIONS"
# Setup README
- echo "Keyring repository powered by http://git.sarava.org/?p=keyringer.git;a=summary" > $BASEDIR/README
- echo "" >> $BASEDIR/README
+ echo "Keyring repository powered by http://git.sarava.org/?p=keyringer.git;a=summary" > "$BASEDIR/README"
+ echo "" >> "$BASEDIR/README"
fi
# Secure
- chmod 600 $RECIPIENTS
+ chmod 600 "$RECIPIENTS"
fi
# Reparse basedir to force absolute folder
BASEDIR="`cd $BASEDIR && pwd`"
# Add entry
- chmod 700 $BASEDIR
- echo "$KEYRING=\"$BASEDIR\"" >> $CONFIG
+ chmod 700 "$BASEDIR"
+ echo "$KEYRING=\"$BASEDIR\"" >> "$CONFIG"
# Init
- if ! keyringer_is_git $BASEDIR; then
- keyringer_exec git $BASEDIR init
- keyringer_exec git $BASEDIR add .
- keyringer_exec git $BASEDIR commit -m Importing
+ if ! keyringer_is_git "$BASEDIR"; then
+ keyringer_exec git "$BASEDIR" init
+ keyringer_exec git "$BASEDIR" add .
+ keyringer_exec git "$BASEDIR" commit -m Importing
fi
}
@@ -87,7 +87,7 @@ function keyringer_dispatch {
# Dispatch
if [ ! -z "$BASEDIR" ]; then
shift 2
- keyringer_exec $ACTION $BASEDIR $*
+ keyringer_exec "$ACTION" "$BASEDIR" $*
exit $?
else
echo "No keydir configured for $KEYRING"
@@ -106,18 +106,18 @@ function keyringer_preferences {
# Create options file if old repository
if [ ! -e "$PREFERENCES" ]; then
echo "Creating preferences file..."
- touch $PREFERENCES
+ touch "$PREFERENCES"
fi
if [ "$COMMAND" == "ls" ]; then
- cat $PREFERENCES
+ cat "$PREFERENCES"
elif [ "$COMMAND" == "edit" ]; then
- $EDITOR $PREFERENCES
+ "$EDITOR" "$PREFERENCES"
elif [ "$COMMAND" == "add" ]; then
shift 3
- echo $* >> $PREFERENCES
+ echo $* >> "$PREFERENCES"
else
- echo "$BASENAME: No such command $COMMAND"
+ printf "%s: No such command %s\n" "$BASENAME" "$COMMAND"
exit 1
fi
}
@@ -128,20 +128,20 @@ CONFIG="$HOME/.$NAME/config"
BASENAME="`basename $0`"
KEYRING="$1"
ACTION="$2"
-ACTIONS="`dirname $0`/share/$NAME"
+ACTIONS="`dirname $(readlink -f $0)`/share/$NAME"
# Export preferences for other scripts
export PREFERENCES="`dirname $CONFIG`/$KEYRING"
# Load functions
-LIB="`dirname $0`/lib/$NAME/functions"
-source $LIB || exit 1
+LIB="`dirname $(readlink -f $0)`/lib/$NAME/functions"
+source "$LIB" | exit 1
# Setup main configuration and load preferences
keyringer_config_load
if [ -z "$ACTION" ]; then
- echo "Usage: $BASENAME <keyring> <action> [arguments]"
+ printf "Usage: %s <keyring> <action> [arguments]\n" "$BASENAME"
exit 1
fi
@@ -149,7 +149,7 @@ if [ "$ACTION" == "init" ]; then
keyringer_init $*
elif [ "$ACTION" == "preferences" ]; then
keyringer_preferences $*
-elif keyringer_has_action $ACTION; then
+elif keyringer_has_action "$ACTION"; then
keyringer_dispatch $*
else
echo "No such action $ACTION"
diff --git a/lib/keyringer/csr.sh b/lib/keyringer/csr.sh
index 195b355..881a46f 100755
--- a/lib/keyringer/csr.sh
+++ b/lib/keyringer/csr.sh
@@ -38,7 +38,7 @@ LASTUMASK=`umask`
umask 077
# OpenSSL for HPUX needs a random file
-RANDOMFILE=$HOME/.rnd
+RANDOMFILE="$HOME/.rnd"
# create a config file for openssl
CONFIG=`mktemp -q /tmp/openssl-conf.XXXXXXXX`
@@ -86,16 +86,16 @@ fi
# Config File Generation
-cat <<EOF > $CONFIG
+cat <<EOF > "$CONFIG"
# -------------- BEGIN custom openssl.cnf -----
HOME = $HOME
EOF
if [ "`uname -s`" = "HP-UX" ]; then
- echo " RANDFILE = $RANDOMFILE" >> $CONFIG
+ echo " RANDFILE = $RANDOMFILE" >> "$CONFIG"
fi
-cat <<EOF >> $CONFIG
+cat <<EOF >> "$CONFIG"
oid_section = new_oids
[ new_oids ]
[ req ]
@@ -107,10 +107,10 @@ cat <<EOF >> $CONFIG
EOF
if [ ! "$SANAMES" = "" ]; then
- echo "req_extensions = v3_req # Extensions to add to certificate request" >> $CONFIG
+ echo "req_extensions = v3_req # Extensions to add to certificate request" >> "$CONFIG"
fi
-cat <<EOF >> $CONFIG
+cat <<EOF >> "$CONFIG"
[ req_distinguished_name ]
commonName = Common Name (eg, YOUR name)
commonName_default = $COMMONNAME
@@ -119,27 +119,27 @@ cat <<EOF >> $CONFIG
EOF
if [ ! "$SANAMES" = "" ]; then
- echo "subjectAltName=$SANAMES" >> $CONFIG
+ echo "subjectAltName=$SANAMES" >> "$CONFIG"
fi
-echo "# -------------- END custom openssl.cnf -----" >> $CONFIG
+echo "# -------------- END custom openssl.cnf -----" >> "$CONFIG"
echo "Running OpenSSL..."
# The first one doesn't work, the second one does:
-#openssl req -batch -config $CONFIG -newkey rsa -out ${HOST}_csr.pem
-openssl req -batch -config $CONFIG -newkey rsa:2048 -out ${HOST}_csr.pem
+#openssl req -batch -config "$CONFIG" -newkey rsa -out ${HOST}_csr.pem
+openssl req -batch -config "$CONFIG" -newkey rsa:2048 -out "${HOST}_csr.pem"
echo "Copy the following Certificate Request and paste into CAcert website to obtain a Certificate."
echo "When you receive your certificate, you 'should' name it something like ${HOST}_server.pem"
echo
cat ${HOST}_csr.pem
echo
-echo The Certificate request is also available in ${HOST}_csr.pem
-echo The Private Key is stored in ${HOST}_privatekey.pem
+printf "The Certificate request is also available in '%s_csr.pem'\n" "$HOST"
+printf "The Private Key is stored in '%s_privatekey.pem'\n" "$HOST"
echo
-rm $CONFIG
+rm "$CONFIG"
#restore umask
-umask $LASTUMASK
+umask "$LASTUMASK"
diff --git a/lib/keyringer/functions b/lib/keyringer/functions
index c78b9d3..9c8dfd7 100644
--- a/lib/keyringer/functions
+++ b/lib/keyringer/functions
@@ -7,18 +7,18 @@
function keyringer_config_load {
if [ -f "$HOME/.$NAME" ]; then
echo "Converting legacy configuration scheme..."
- mv $HOME/.$NAME $HOME/.$NAME.tmp
- mkdir $HOME/.$NAME
- mv $HOME/.$NAME.tmp $CONFIG
+ mv "$HOME/.$NAME" "$HOME/.$NAME.tmp"
+ mkdir "$HOME/.$NAME"
+ mv "$HOME/.$NAME.tmp" "$CONFIG"
fi
if [ ! -e "$CONFIG" ]; then
echo "Creating $CONFIG..."
- mkdir `dirname $CONFIG`
- touch $CONFIG
- chmod 600 $CONFIG
- echo "# Keyringer config file." > $CONFIG
- echo "" >> $CONFIG
+ mkdir -p `dirname $CONFIG`
+ touch "$CONFIG"
+ chmod 600 "$CONFIG"
+ echo "# Keyringer config file." > "$CONFIG"
+ echo "" >> "$CONFIG"
fi
keyringer_config_load_preferences
@@ -28,7 +28,7 @@ function keyringer_config_load {
function keyringer_config_load_preferences {
# Load custom keyring preferences
if [ ! -z "$PREFERENCES" ] && [ -f "$PREFERENCES" ]; then
- source $PREFERENCES
+ source "$PREFERENCES"
fi
}
@@ -38,7 +38,7 @@ function keyringer_config {
echo "Your have to set CONFIG variable in the code"
exit 1
elif [ -e "$CONFIG" ]; then
- grep -e "^$1=" $CONFIG | tail -n 1 | cut -d = -f 2 | sed -e 's/"//g' -e "s/'//g" | sed -e 's/ *#.*$//'
+ grep -e "^$1=" "$CONFIG" | tail -n 1 | cut -d = -f 2 | sed -e 's/"//g' -e "s/'//g" | sed -e 's/ *#.*$//'
else
echo "Config file not found: $CONFIG"
exit 1
@@ -47,7 +47,7 @@ function keyringer_config {
# Return the list of recipients
function keyringer_recipients {
- grep -v '^#' $1 | grep -v '^$' | awk '{ print "-r " $2 }' | xargs
+ grep -v '^#' "$1" | grep -v '^$' | awk '{ print "-r " $2 }' | xargs
}
# Check if keyringer has a given action
@@ -72,8 +72,8 @@ function keyringer_exec {
shift 2
# Dispatch
- if keyringer_has_action $action; then
- $ACTIONS/$action $basedir $*
+ if keyringer_has_action "$action"; then
+ "$ACTIONS/$action" "$basedir" $*
fi
}
@@ -82,7 +82,7 @@ function keyringer_filename {
if [ -z "$1" ]; then
return
else
- echo `dirname $1`/`basename $1 .asc`.asc
+ printf "%s/%s.asc\n" "$(dirname "$1")" "$(basename "$1" .asc)"
fi
}
@@ -96,7 +96,7 @@ function keyringer_is_git {
true
else
cwd="`pwd`"
- cd $1 && git="`git status &> /dev/null`" && cd $cwd
+ cd "$1" && git="`git status &> /dev/null`" && cd "$cwd"
if [ "$git" != "128" ]; then
true
@@ -119,17 +119,17 @@ function keyringer_set_tmpfile {
template="$BASEDIR/tmp/$1.XXXXXXXXXX"
fi
- mkdir -p $BASEDIR/tmp
+ mkdir -p "$BASEDIR/tmp"
keyringer_git_ignore 'tmp/*'
if [ "$2" == "-d" ]; then
- TMPWORK="`mktemp -d $template`"
+ TMPWORK="$(mktemp -d "$template")"
else
- TMPWORK="`mktemp $template`"
+ TMPWORK="$(mktemp "$template")"
fi
if [ "$?" != "0" ]; then
- echo "Error: can't set TMPWORK $TMPWORK"
+ printf "Error: can't set TMPWORK %s\n" "$TMPWORK"
exit 1
fi
@@ -142,7 +142,7 @@ function keyringer_unset_tmpfile {
echo "No tmp file set"
fi
- rm -f $1
+ rm -f "$1"
if [ "$?" != "0" ]; then
echo "Warning: could not delete file $1. Please delete it manually as it might have sensitive information."
@@ -153,11 +153,11 @@ function keyringer_unset_tmpfile {
# Add a pattern into gitignore
function keyringer_git_ignore {
if [ ! -z "$BASEDIR/.gitignore" ]; then
- echo $1 > $BASEDIR/.gitignore
- keyringer_exec git $BASEDIR add .gitignore
+ echo "$1" > "$BASEDIR/.gitignore"
+ keyringer_exec git "$BASEDIR" add .gitignore
else
- if ! grep -q -e "^$1$" $BASEDIR/.gitignore; then
- echo $1 >> $BASEDIR/.gitignore
+ if ! grep -q -e "^$1$" "$BASEDIR/.gitignore"; then
+ echo "$1" >> "$BASEDIR/.gitignore"
fi
fi
}
@@ -187,8 +187,14 @@ function keyringer_set_env {
fi
if [ -z "$EDITOR" ]; then
- echo "You have to set EDITOR env variable"
- exit 1
+ if type sensible-editor > /dev/null 2>&1 ; then
+ EDITOR=sensible-editor
+ elif type editor > /dev/null 2>&1 ; then
+ EDITOR=editor
+ else
+ echo "You have to set EDITOR env variable"
+ exit 1
+ fi
fi
if [ ! -f "$OPTIONS" ]; then
@@ -197,12 +203,12 @@ function keyringer_set_env {
fi
# Ensure that keydir exists
- mkdir -p $KEYDIR && chmod 700 $KEYDIR
+ mkdir -p "$KEYDIR" && chmod 700 "$KEYDIR"
}
# Get a file argument
function keyringer_get_file {
- FILE="`keyringer_filename $1`"
+ FILE="$(keyringer_filename "$1")"
if [ -z "$FILE" ]; then
keyringer_action_usage
@@ -215,7 +221,7 @@ function keyringer_get_file {
# Get a new file argument
function keyringer_get_new_file {
- FILE="`keyringer_filename $1`"
+ FILE="$(keyringer_filename "$1")"
if [ -z "$FILE" ]; then
keyringer_action_usage
@@ -238,7 +244,7 @@ function keyringer_get_command {
function keyringer_action_usage {
if [ "`type -t "keyringer_usage_$BASENAME"`" == "function" ]; then
# Use custom action usage
- keyringer_usage_$BASENAME
+ "keyringer_usage_$BASENAME"
else
# Default usage
if [ "$1" == "command" ]; then
@@ -250,6 +256,6 @@ function keyringer_action_usage {
}
# Setup environment
-if [ "`basename $0`" != "keyringer" ]; then
+if [ "$(basename "$0")" != "keyringer" ]; then
keyringer_set_env $*
fi
diff --git a/share/keyringer/append b/share/keyringer/append
index 27211a6..045ba86 100755
--- a/share/keyringer/append
+++ b/share/keyringer/append
@@ -5,24 +5,25 @@
# Load functions
LIB="`dirname $0`/../../lib/keyringer/functions"
-source $LIB || exit 1
+source "$LIB" || exit 1
# Get file
-keyringer_get_file $2
+keyringer_get_file "$2"
-OLDIFS=$IFS
+OLDIFS="$IFS"
IFS=$'\n'
-CONTENT=($(keyringer_exec decrypt $BASEDIR $FILE))
+CONTENT=($(keyringer_exec decrypt "$BASEDIR" "$FILE"))
if [ "$BASENAME" == "append" ]; then
# only display directions if we're running append, not append-batch
- echo " "
- echo "$FILE currently has ${#CONTENT[@]} lines"
- echo " "
- echo "Now please write the content to be appended on $FILE, finnishing with Ctrl-D:"
+ printf "\n%s currently has %d lines\n\n" "$FILE" "${#CONTENT[@]}"
+ printf "Now please write the content to be appended on %s, finnishing with Ctrl-D:\n" "$FILE"
fi
+# FIXME: dkg doesn't know how to check that this does proper escaping
+# (2010-11-16)
+
APPEND=($(cat -))
NEW=( ${CONTENT[@]} ${APPEND[@]} )
diff --git a/share/keyringer/decrypt b/share/keyringer/decrypt
index a3adca7..c0584f2 100755
--- a/share/keyringer/decrypt
+++ b/share/keyringer/decrypt
@@ -5,10 +5,10 @@
# Load functions
LIB="`dirname $0`/../../lib/keyringer/functions"
-source $LIB || exit 1
+source "$LIB" || exit 1
# Get file
-keyringer_get_file $2
+keyringer_get_file "$2"
# Decrypt
-gpg --quiet --use-agent -d $KEYDIR/$FILE
+gpg --quiet --use-agent -d "$KEYDIR/$FILE"
diff --git a/share/keyringer/del b/share/keyringer/del
index befc014..ed09f93 100755
--- a/share/keyringer/del
+++ b/share/keyringer/del
@@ -5,12 +5,12 @@
# Load functions
LIB="`dirname $0`/../../lib/keyringer/functions"
-source $LIB || exit 1
+source "$LIB" || exit 1
# Get file
-keyringer_get_file $2
+keyringer_get_file "$2"
# Remove
if [ -d "$KEYDIR/.git" ]; then
- ./git $KEYDIR rm $FILE --force
+ ./git "$KEYDIR" rm "$FILE" --force
fi
diff --git a/share/keyringer/edit b/share/keyringer/edit
index b4e13a0..0c25f64 100755
--- a/share/keyringer/edit
+++ b/share/keyringer/edit
@@ -5,10 +5,10 @@
# Load functions
LIB="`dirname $0`/../../lib/keyringer/functions"
-source $LIB || exit 1
+source "$LIB" || exit 1
# Get file
-keyringer_get_file $2
+keyringer_get_file "$2"
# Warn user
echo "Make sure that $BASEDIR is atop of an encrypted volume."
@@ -17,15 +17,15 @@ echo "Make sure that $BASEDIR is atop of an encrypted volume."
keyringer_set_tmpfile edit
# Decrypt the information to the file
-gpg --yes -o $TMPWORK --use-agent -d $KEYDIR/$FILE
+gpg --yes -o "$TMPWORK" --use-agent -d "$KEYDIR/$FILE"
# Prompt
echo "Press any key to open the decrypted data into $EDITOR, Ctrl-C to abort"
read key
-$EDITOR $TMPWORK
+"$EDITOR" "$TMPWORK"
# Encrypt again
-gpg --yes -o $KEYDIR/$FILE --use-agent --armor -e -s $(keyringer_recipients $RECIPIENTS) $TMPWORK
+gpg --yes -o "$KEYDIR/$FILE" --use-agent --armor -e -s $(keyringer_recipients "$RECIPIENTS") "$TMPWORK"
# Remove temp file
-keyringer_unset_tmpfile $TMPWORK
+keyringer_unset_tmpfile "$TMPWORK"
diff --git a/share/keyringer/encrypt b/share/keyringer/encrypt
index c073a58..8cbf72a 100755
--- a/share/keyringer/encrypt
+++ b/share/keyringer/encrypt
@@ -5,22 +5,22 @@
# Load functions
LIB="`dirname $0`/../../lib/keyringer/functions"
-source $LIB || exit 1
+source "$LIB" || exit 1
# Aditional parameters
-keyringer_get_new_file $2
+keyringer_get_new_file "$2"
# Encrypt
-mkdir -p $KEYDIR/`dirname $FILE`
+mkdir -p "$KEYDIR/`dirname $FILE`"
if [ "$BASENAME" == "encrypt" ]; then
# Only display directions if we're running encrypt, not encrypt-batch
echo "Type your message and finish your input with EOF (Ctrl-D)."
fi
-gpg --use-agent --armor -e -s $(keyringer_recipients $RECIPIENTS) - > $KEYDIR/$FILE
+gpg --use-agent --armor -e -s $(keyringer_recipients "$RECIPIENTS") - > "$KEYDIR/$FILE"
# Stage
if [ -d "$BASEDIR/.git" ]; then
- keyringer_exec git $BASEDIR add "keys/$FILE"
+ keyringer_exec git "$BASEDIR" add "keys/$FILE"
fi
diff --git a/share/keyringer/genpair b/share/keyringer/genpair
index 89ee828..a71e472 100755
--- a/share/keyringer/genpair
+++ b/share/keyringer/genpair
@@ -12,20 +12,20 @@ function genpair_ssh {
read -p "Hit ENTER to continue." prompt
# TODO: programatically enter blank passphrase twice
- ssh-keygen -t dsa -f $TMPWORK/id_dsa -C "root@$NODE"
+ ssh-keygen -t dsa -f "$TMPWORK/id_dsa" -C "root@$NODE"
# Encrypt the result
echo "Encrypting secret key into keyringer..."
- cat $TMPWORK/id_dsa | keyringer_exec encrypt $BASEDIR $FILE
+ cat "$TMPWORK/id_dsa" | keyringer_exec encrypt "$BASEDIR" "$FILE"
echo "Encrypting public key into keyringer..."
- cat $TMPWORK/id_dsa.pub | keyringer_exec encrypt $BASEDIR $FILE.pub
+ cat "$TMPWORK/id_dsa.pub" | keyringer_exec encrypt "$BASEDIR" "$FILE.pub"
# TODO: add outfiles into version control
if [ ! -z "$OUTFILE" ]; then
mkdir -p `dirname $OUTFILE`
- echo Saving copies at $OUTFILE and $OUTFILE.pub
- cat $TMPWORK/id_dsa > $OUTFILE
- cat $TMPWORK/id_dsa.pub > $OUTFILE.pub
+ printf "Saving copies at %s and %s.pub\n" "$OUTFILE" "$OUTFILE"
+ cat "$TMPWORK/id_dsa" > "$OUTFILE"
+ cat "$TMPWORK/id_dsa.pub" > "$OUTFILE.pub"
fi
echo "Done"
@@ -39,7 +39,7 @@ function genpair_gpg {
# TODO: insert 279 random bytes
# TODO: custom Name-Comment and Name-Email
# TODO: allow for empty passphrases
- gpg --homedir $TMPWORK --gen-key --batch <<EOF
+ gpg --homedir "$TMPWORK" --gen-key --batch <<EOF
Key-Type: RSA
Key-Length: 4096
Subkey-Type: ELG-E
@@ -54,18 +54,18 @@ EOF
# Encrypt the result
echo "Encrypting secret key into keyringer..."
- gpg --armor --homedir $TMPWORK --export-secret-keys | keyringer_exec encrypt $BASEDIR $FILE
+ gpg --armor --homedir "$TMPWORK" --export-secret-keys | keyringer_exec encrypt "$BASEDIR" "$FILE"
echo "Encrypting public key into keyringer..."
- gpg --armor --homedir $TMPWORK --export | keyringer_exec encrypt $BASEDIR $FILE.pub
+ gpg --armor --homedir "$TMPWORK" --export | keyringer_exec encrypt "$BASEDIR" "$FILE.pub"
echo "Encrypting passphrase into keyringer..."
- echo "Passphrase for $FILE: $passphrase" | keyringer_exec encrypt $BASEDIR $FILE.passwd
+ echo "Passphrase for $FILE: $passphrase" | keyringer_exec encrypt "$BASEDIR" "$FILE.passwd"
# TODO: add outfiles into version control
if [ ! -z "$OUTFILE" ]; then
mkdir -p `dirname $OUTFILE`
- echo Saving copies at $OUTFILE and $OUTFILE.pub
- gpg --armor --homedir $TMPWORK --export-secret-keys > $OUTFILE
- gpg --armor --homedir $TMPWORK --export > $OUTFILE.pub
+ printf "Saving copies at %s and %s.pub\n" "$OUTFILE" "$OUTFILE"
+ gpg --armor --homedir "$TMPWORK" --export-secret-keys > "$OUTFILE"
+ gpg --armor --homedir "$TMPWORK" --export > "$OUTFILE.pub"
fi
echo "Done"
@@ -77,42 +77,42 @@ function genpair_ssl {
read -p "Hit ENTER to continue." prompt
# Setup
- cd $TMPWORK
+ cd "$TMPWORK"
# Generate certificate
- $LIB/csr.sh $NODE
+ "$LIB/csr.sh" "$NODE"
# Self-sign
- openssl x509 -in $NODE"_csr.pem" -out $NODE.crt -req -signkey $NODE"_privatekey.pem" -days 365
- chmod 600 $NODE"_privatekey.pem"
+ openssl x509 -in "${NODE}_csr.pem" -out "$NODE.crt" -req -signkey "${NODE}_privatekey.pem" -days 365
+ chmod 600 "${NODE}_privatekey.pem"
# Encrypt the result
echo "Encrypting private key into keyringer..."
- cat $NODE"_privatekey.pem" | keyringer_exec encrypt $BASEDIR $FILE.pem
+ cat "${NODE}_privatekey.pem" | keyringer_exec encrypt "$BASEDIR" "$FILE.pem"
echo "Encrypting certificate request into keyringer..."
- cat $NODE"_csr.pem" | keyringer_exec encrypt $BASEDIR $FILE.csr
+ cat "${NODE}_csr.pem" | keyringer_exec encrypt "$BASEDIR" "$FILE.csr"
echo "Encrypting certificate into keyringer..."
- cat $NODE.crt | keyringer_exec encrypt $BASEDIR $FILE.crt
+ cat "$NODE.crt" | keyringer_exec encrypt "$BASEDIR" "$FILE.crt"
- cd $CWD
+ cd "$CWD"
if [ ! -z "$OUTFILE" ]; then
mkdir -p `dirname $OUTFILE`
- echo Saving copies at $OUTFILE.pem, $OUTFILE.csr and $OUTFILE.crt
- cat $TMPWORK/$NODE"_privatekey.pem" > $OUTFILE.pem
- cat $TMPWORK/$NODE"_csr.pem" > $OUTFILE.csr
- cat $TMPWORK/$NODE.crt > $OUTFILE.crt
+ printf "Saving copies at %s.pem, %s.csr and %s.crt\n" "$OUTFILE" "$OUTFILE" "$OUTFILE"
+ cat "$TMPWORK/${NODE}_privatekey.pem" > "$OUTFILE.pem"
+ cat "$TMPWORK/${NODE}_csr.pem" > "$OUTFILE.csr"
+ cat "$TMPWORK/$NODE.crt" > "$OUTFILE.crt"
fi
# Show cert fingerprint
- openssl x509 -noout -in $TMPWORK/$NODE.crt -fingerprint
+ openssl x509 -noout -in "$TMPWORK/$NODE.crt" -fingerprint
echo "Done"
}
# Load functions
LIB="`dirname $0`/../../lib/keyringer"
-source $LIB/functions || exit 1
+source "$LIB/functions" || exit 1
# Aditional parameters
KEYTYPE="$2"
@@ -140,9 +140,9 @@ keyringer_set_tmpfile genpair -d
# Dispatch
echo "Generating $KEYTYPE for $NODE..."
-genpair_$KEYTYPE
+"genpair_$KEYTYPE"
# Cleanup
-cd $CWD
-rm -rf $TMPWORK
+cd "$CWD"
+rm -rf "$TMPWORK"
trap - EXIT
diff --git a/share/keyringer/git b/share/keyringer/git
index 439198a..cd2a188 100755
--- a/share/keyringer/git
+++ b/share/keyringer/git
@@ -5,12 +5,12 @@
# Load functions
LIB="`dirname $0`/../../lib/keyringer/functions"
-source $LIB || exit 1
+source "$LIB" || exit 1
# Aditional parameters
CWD="`pwd`"
# Run git command
shift
-mkdir -p $BASEDIR && cd $BASEDIR && git $*
-cd $CWD
+mkdir -p "$BASEDIR" && cd "$BASEDIR" && git $*
+cd "$CWD"
diff --git a/share/keyringer/ls b/share/keyringer/ls
index e28637b..31e8805 100755
--- a/share/keyringer/ls
+++ b/share/keyringer/ls
@@ -5,12 +5,12 @@
# Load functions
LIB="`dirname $0`/../../lib/keyringer/functions"
-source $LIB || exit 1
+source "$LIB" || exit 1
# Aditional parameters
CWD="`pwd`"
# Run list command
shift
-cd $KEYDIR && ls $*
-cd $CWD
+cd "$KEYDIR" && ls $*
+cd "$CWD"
diff --git a/share/keyringer/options b/share/keyringer/options
index 9eb2a1f..3047380 100755
--- a/share/keyringer/options
+++ b/share/keyringer/options
@@ -5,26 +5,26 @@
# Load functions
LIB="`dirname $0`/../../lib/keyringer"
-source $LIB/functions || exit 1
+source "$LIB/functions" || exit 1
# Command parser
-keyringer_get_command $2
+keyringer_get_command "$2"
# Create options file if old repository
if [ ! -e "$OPTIONS" ]; then
echo "Creating options file..."
- touch $OPTIONS
- keyringer_exec git $BASEDIR add config/options
+ touch "$OPTIONS"
+ keyringer_exec git "$BASEDIR" add config/options
fi
if [ "$COMMAND" == "ls" ]; then
- cat $OPTIONS
+ cat "$OPTIONS"
elif [ "$COMMAND" == "edit" ]; then
- $EDITOR $OPTIONS
+ "$EDITOR" "$OPTIONS"
elif [ "$COMMAND" == "add" ]; then
shift 2
- echo $* >> $OPTIONS
+ echo $* >> "$OPTIONS"
else
- echo "$BASENAME: No such command $COMMAND"
+ printf "%s: No such command %s\n" "$BASENAME" "$COMMAND"
exit 1
fi
diff --git a/share/keyringer/recipients b/share/keyringer/recipients
index 593a994..c9dbdbb 100755
--- a/share/keyringer/recipients
+++ b/share/keyringer/recipients
@@ -5,16 +5,16 @@
# Load functions
LIB="`dirname $0`/../../lib/keyringer"
-source $LIB/functions || exit 1
+source "$LIB/functions" || exit 1
# Command parser
-keyringer_get_command $2
+keyringer_get_command "$2"
if [ "$COMMAND" == "ls" ]; then
- cat $RECIPIENTS
+ cat "$RECIPIENTS"
elif [ "$COMMAND" == "edit" ]; then
- $EDITOR $RECIPIENTS
+ "$EDITOR" "$RECIPIENTS"
else
- echo "$BASENAME: No such command $COMMAND"
+ printf "%s: No such command %s\n" "$BASENAME" "$COMMAND"
exit 1
fi
diff --git a/share/keyringer/recrypt b/share/keyringer/recrypt
index 48a5f87..a7607e0 100755
--- a/share/keyringer/recrypt
+++ b/share/keyringer/recrypt
@@ -5,10 +5,10 @@
# Load functions
LIB="`dirname $0`/../../lib/keyringer/functions"
-source $LIB || exit 1
+source "$LIB" || exit 1
# Get file
-keyringer_get_file $2
+keyringer_get_file "$2"
# Recrypt
-gpg --use-agent -d $KEYDIR/$FILE | gpg --use-agent --armor -e -s $(keyringer_recipients $RECIPIENTS) > $KEYDIR/$FILE
+gpg --use-agent -d "$KEYDIR/$FILE" | gpg --use-agent --armor -e -s $(keyringer_recipients "$RECIPIENTS") > "$KEYDIR/$FILE"