diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2016-12-21 10:19:49 -0200 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2016-12-21 10:19:49 -0200 |
commit | 46654f78de44630d8ea7f247ad65bb15908c2479 (patch) | |
tree | 58b07a5ac1f051287d28d27f34e7aa10571909f2 /lib | |
parent | 4386b9572591046e75dd98adbcaa518319873dca (diff) | |
parent | 491ea8e72879c9c9244c2740e8a428b97249b58a (diff) | |
download | keyringer-46654f78de44630d8ea7f247ad65bb15908c2479.tar.gz keyringer-46654f78de44630d8ea7f247ad65bb15908c2479.tar.bz2 |
Merge tag 'upstream_keyringer_0.5.0' into debian
Upstream version 0.5.0
Diffstat (limited to 'lib')
-rwxr-xr-x | lib/keyringer/actions/preferences | 2 | ||||
-rwxr-xr-x | lib/keyringer/actions/pwgen | 35 | ||||
-rwxr-xr-x | lib/keyringer/actions/sclip | 9 | ||||
-rw-r--r-- | lib/keyringer/completions/bash/keyringer | 4 | ||||
-rw-r--r-- | lib/keyringer/completions/zsh/_keyringer | 4 | ||||
-rwxr-xr-x | lib/keyringer/functions | 14 |
6 files changed, 57 insertions, 11 deletions
diff --git a/lib/keyringer/actions/preferences b/lib/keyringer/actions/preferences index 6e36ef4..ffabc4c 100755 --- a/lib/keyringer/actions/preferences +++ b/lib/keyringer/actions/preferences @@ -30,7 +30,7 @@ fi if [ "$COMMAND" == "ls" ]; then cat "$PREFERENCES" elif [ "$COMMAND" == "edit" ]; then - "$EDITOR" "$PREFERENCES" + $EDITOR "$PREFERENCES" elif [ "$COMMAND" == "add" ]; then shift 2 [[ -n $* ]] && echo $* >> "$PREFERENCES" diff --git a/lib/keyringer/actions/pwgen b/lib/keyringer/actions/pwgen new file mode 100755 index 0000000..45d2bf9 --- /dev/null +++ b/lib/keyringer/actions/pwgen @@ -0,0 +1,35 @@ +#!/usr/bin/env bash +# +# Generates passphrases. +# + +# Load functions +LIB="`dirname $0`/../functions" +source "$LIB" || exit 1 + +# Parameters +SIZE="$3" +FILE="$2" + +# Generates a random passphrase +function keyringer_pwgen { + ENTROPY_BYTES=${1:-20} # in bytes + ENTROPY_SOURCE="${ENTROPY_SOURCE:-/dev/urandom}" + + # Strip possible newlines if output is wrapped. + # Also strip trailing = signs as they add nothing to the password's entropy. + head -c $ENTROPY_BYTES $ENTROPY_SOURCE | base64 | tr -d '\n=' + echo +} + +# Check +if [ -z "$FILE" ]; then + echo "Usage: keyringer <keyring> $BASENAME <secret> [size]" + exit 1 +elif [ ! -z "$SIZE" ] && ! echo $SIZE | egrep -q '^[0-9]+$'; then + echo "$SIZE is not a number" + exit 1 +fi + +# Encrypt and store a randomly-generated secret +keyringer_pwgen $SIZE | keyringer_exec encrypt "$BASEDIR" "$FILE" diff --git a/lib/keyringer/actions/sclip b/lib/keyringer/actions/sclip index e4c88fa..6016f2b 100755 --- a/lib/keyringer/actions/sclip +++ b/lib/keyringer/actions/sclip @@ -11,13 +11,18 @@ source "$LIB" || exit 1 shift keyringer $KEYRING xclip $* +# Se window switch combo +if [ -z "$XDOTOOL_NEXT_WINDOW" ]; then + XDOTOOL_NEXT_WINDOW="alt+Tab" +fi + # Move to the next window if which xdotool &> /dev/null; then - xdotool key alt+Tab + xdotool key $XDOTOOL_NEXT_WINDOW fi # Sleep sleep 5 # Overwrite clipboard -cat $RANDOM | sha256sum | base64 -d | xclip +echo $RANDOM | sha256sum | base64 | xclip diff --git a/lib/keyringer/completions/bash/keyringer b/lib/keyringer/completions/bash/keyringer index ccc8fb9..10b852e 100644 --- a/lib/keyringer/completions/bash/keyringer +++ b/lib/keyringer/completions/bash/keyringer @@ -93,7 +93,7 @@ _keyringer() { recipients) opts="ls edit" ;; - ls|tree|mkdir|encrypt|encrypt-batch|decrypt|edit|append|append-batch|del|rm|recrypt|open|clip|xclip|sclip|find|mv|cp) + ls|tree|mkdir|encrypt|encrypt-batch|pwgen|decrypt|edit|append|append-batch|del|rm|recrypt|open|clip|xclip|sclip|find|mv|cp) cur="`echo ${cur} | sed -e "s|^/*||"`" # avoid leading slash opts="$(bash -c "set -f && export KEYRINGER_CHECK_RECIPIENTS=false && export KEYRINGER_CHECK_VERSION=false && keyringer $instance ls -p -d ${cur}*" 2> /dev/null)" ;; @@ -128,7 +128,7 @@ _keyringer() { # TODO opts="$(_keyringer_git_complete ${prev} ${cur})" ;; - encrypt|encrypt-batch) + encrypt|encrypt-batch|pwgen) cur="$(_keyringer_path_complete ${cur})" opts="`compgen -o default "${cur}"`" ;; diff --git a/lib/keyringer/completions/zsh/_keyringer b/lib/keyringer/completions/zsh/_keyringer index ff74933..7562352 100644 --- a/lib/keyringer/completions/zsh/_keyringer +++ b/lib/keyringer/completions/zsh/_keyringer @@ -49,7 +49,7 @@ _keyringer() { recipients) compadd "$@" ls edit ;; - ls|tree|mkdir|encrypt|encrypt-batch|decrypt|edit|append|append-batch|del|rm|recrypt|open|clip|xclip|sclip|find|mv|cp) + ls|tree|mkdir|encrypt|encrypt-batch|pwgen|decrypt|edit|append|append-batch|del|rm|recrypt|open|clip|xclip|sclip|find|mv|cp) words[4]="`echo $words[4] | sed -e "s|^/*||"`" # avoid leading slash compadd "$@" $(KEYRINGER_CHECK_RECIPIENTS=false KEYRINGER_CHECK_VERSION=false keyringer $words[2] ls -p -d $words[4]'*' 2> /dev/null) ;; @@ -83,7 +83,7 @@ _keyringer() { git) compadd "$@" $(_keyringer_git_complete $words[4] $words[5]) ;; - encrypt|encrypt-batch) + encrypt|encrypt-batch|pwgen) _files ;; *) diff --git a/lib/keyringer/functions b/lib/keyringer/functions index 09b004d..bd87fd6 100755 --- a/lib/keyringer/functions +++ b/lib/keyringer/functions @@ -703,7 +703,7 @@ function keyringer_check_expiration { seconds="`date +%s`" # Check the main key - expiry="`gpg --with-colons --fixed-list-mode --list-keys "$recipient" | grep ^pub | cut -d : -f 7`" + expiry="`gpg --with-colons --fixed-list-mode --list-keys "$recipient" | grep ^pub | head -n1 | cut -d : -f 7`" # TODO: Time to expire can be configured via repository options. ahead="$((86400 * 30 + $seconds))" @@ -722,8 +722,14 @@ function keyringer_check_expiration { fi # Check the subkeys - expiry="" - for expiry in `gpg --with-colons --fixed-list-mode --list-keys "$recipient" | grep ^sub | cut -d : -f 7`; do + local subkey="" + for subkey in $(gpg --with-colons --fixed-list-mode --list-keys "$recipient" | grep ^sub); do + local expiry=$(cut -d : -f 7 <<< "$subkey") + + if [[ -z "$expiry" ]]; then + not_expired=1 + fi + if [[ "$seconds" -lt "$expiry" ]]; then not_expired="1" @@ -734,7 +740,7 @@ function keyringer_check_expiration { done # All subkeys are expired - if [ ! -z "$expiry" ] && [ "$not_expired" != "1" ]; then + if [ ! -z "$subkey" ] && [ "$not_expired" != "1" ]; then echo "Fatal: key $recipient has no keys suitable for encryption: all subkeys expired." exit 1 fi |