summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexandre Pujol <alexandre@pujol.io>2017-01-31 16:23:29 (GMT)
committer Alexandre Pujol <alexandre@pujol.io>2017-02-03 23:57:52 (GMT)
commitb23e9aa0280b6e27ccf1b4daf4467d39bfe46a56 (patch)
treed4f35c919ec2cdfa1cd0f363c75270f414ca1a5a
parente2fe8e508e49b270131ebfe1077bb6862203b3b2 (diff)
Add --tomb-pwd support for GPG key on steganography functions
-rwxr-xr-xextras/test/runtests11
-rwxr-xr-xtomb16
2 files changed, 16 insertions, 11 deletions
diff --git a/extras/test/runtests b/extras/test/runtests
index cdf9e18..3d2ff22 100755
--- a/extras/test/runtests
+++ b/extras/test/runtests
@@ -142,22 +142,21 @@ test-tomb-recip() {
cp -f arditi.jpg /tmp/recip.jpg
sudo rm -f /tmp/recip.steg.key
- # The implementation does not support "--unsafe --tomb-pwd ${dummypass}" yet
- tt bury -k /tmp/recip.tomb.key \
+ tt --unsafe --tomb-pwd ${dummypass} bury -k /tmp/recip.tomb.key \
/tmp/recip.jpg -r "$gpgid_1"
{ test $? = 0 } && { results+=(recip-stgin SUCCESS) }
- tt exhume -k /tmp/recip.steg.key \
- /tmp/recip.jpg
+ tt --unsafe --tomb-pwd ${dummypass} exhume -k /tmp/recip.steg.key \
+ /tmp/recip.jpg
{ test $? = 0 } && { results+=(recip-stgout SUCCESS) }
- tt open -k /tmp/recip.steg.key \
+ tt --unsafe --tomb-pwd ${dummypass} open -k /tmp/recip.steg.key \
/tmp/recip.tomb -r "$gpgid_1"
{ test $? = 0 } && { results+=(recip-stgopen SUCCESS) }
${T} close recip
notice "test using open -k image.jpeg"
- tt open -k /tmp/recip.jpg \
+ tt --unsafe --tomb-pwd ${dummypass} open -k /tmp/recip.jpg \
/tmp/recip.tomb -r "$gpgid_1"
{ test $? = 0 } && { results+=(recip-stgimpl SUCCESS) }
tt close recip
diff --git a/tomb b/tomb
index a1463dd..cd104bf 100755
--- a/tomb
+++ b/tomb
@@ -1015,7 +1015,10 @@ get_lukskey() {
# key needs to be exhumed from an image
elif [[ -r $TOMBKEYFILE && $(file $TOMBKEYFILE) =~ "JP.G" ]]; then
# When using a GPG key, the tomb key is buried using a steganography password
- if option_is_set -r; then
+ if option_is_set -r && option_is_set --tomb-pwd; then
+ _password="`option_value --tomb-pwd`"
+ _verbose "tomb-pwd = ::1 tomb pass::" $_password
+ elif option_is_set -r; then
_password=$(ask_password "Insert password to exhume key from $imagefile")
[[ $? != 0 ]] && {
_warning "User aborted password dialog."
@@ -1289,9 +1292,9 @@ bury_key() {
# usability.
# However, steganography cannot be done with GPG key. Therefore,
# if using a GPG key, we test if the user can decrypt the tomb
- # with its key and we ask for a the steganography password.
+ # with its key and we ask for a steganography password.
- { option_is_set --tomb-pwd } && {
+ { option_is_set --tomb-pwd } && { ! option_is_set -r } && {
local tombpwd="`option_value --tomb-pwd`"
_verbose "tomb-pwd = ::1 tomb pass::" $tombpwd
ask_key_password "$tombpwd"
@@ -1302,7 +1305,10 @@ bury_key() {
_warning "Wrong password supplied."
_failure "You shall not bury a key whose password is unknown to you." }
- if option_is_set -r; then
+ if option_is_set -r && option_is_set --tomb-pwd; then
+ TOMBPASSWORD="`option_value --tomb-pwd`"
+ _verbose "tomb-pwd = ::1 tomb pass::" $TOMBPASSWORD
+ elif option_is_set -r; then
tombpass=""
tombpasstmp=""
while true; do
@@ -1862,7 +1868,7 @@ mount_tomb() {
# take the name only, strip extensions
_verbose "Tomb name: ::1 tomb name:: (to be engraved)" $TOMBNAME
- { option_is_set --tomb-pwd } && {
+ { option_is_set --tomb-pwd } && { ! option_is_set -r } && {
tomb_pwd="`option_value --tomb-pwd`"
_verbose "tomb-pwd = ::1 tomb pass::" $tomb_pwd
ask_key_password "$tomb_pwd"