/mandos/trunk : revision 13

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-keygen

Committer: Björn Påhlsson
Date: 2008-07-20 02:52:20 UTC
Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6

Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server

files added:
ca.pem

cert.pem

client-cert.pem

client-key.pem

crl.pem

key.pem

plugins.d/Makefile

files removed:
.bzr-builddeb

.bzr-builddeb/default.conf

.bzrignore

COPYING

INSTALL

README

common.ent

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.config

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos-client.templates

debian/mandos.README.Debian

debian/mandos.config

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/mandos.templates

debian/po

debian/po/POTFILES.in

debian/po/sv.po

debian/rules

default-mandos

init.d-mandos

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

legalnotice.xml

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.conf

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.xml

plugins.d/password-prompt.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files renamed:
clients.conf => mandos-clients.conf

plugin-runner.c => plugbasedclient.c

plugins.d/mandos-client.c => plugins.d/mandosclient.c

plugins.d/password-prompt.c => plugins.d/passprompt.c

mandos => server.py

files modified:
Makefile

TODO

Show diffs side-by-side

added added

removed removed

mandos-keygen

#!/bin/sh -e

# Mandos key generator - create a new OpenPGP key for a Mandos client

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

# GNU General Public License for more details.

# You should have received a copy of the GNU General Public License

# along with this program. If not, see <http://www.gnu.org/licenses/>.

# Contact the authors at <mandos@fukt.bsnet.se>.

VERSION="1.0"

KEYDIR="/etc/keys/mandos"

KEYTYPE=DSA

KEYLENGTH=2048

SUBKEYTYPE=ELG-E

SUBKEYLENGTH=2048

KEYNAME="`hostname --fqdn 2>/dev/null || hostname`"

KEYEMAIL=""

KEYCOMMENT="Mandos client key"

KEYEXPIRE=0

FORCE=no

KEYCOMMENT_ORIG="$KEYCOMMENT"

mode=keygen

if [ ! -d "$KEYDIR" ]; then

KEYDIR="/etc/mandos/keys"

# Parse options

TEMP=`getopt --options vhpF:d:t:l:s:L:n:e:c:x:f \

--longoptions version,help,password,passfile:,dir:,type:,length:,subtype:,sublength:,name:,email:,comment:,expire:,force \

--name "$0" -- "$@"`

help(){

basename="`basename $0`"

cat <<EOF

Usage: $basename [ -v | --version ]

$basename [ -h | --help ]

Key creation:

$basename [ OPTIONS ]

Encrypted password creation:

$basename { -p | --password } [ --name NAME ] [ --dir DIR]

$basename { -F | --passfile } FILE [ --name NAME ] [ --dir DIR]

Key creation options:

-v, --version Show program's version number and exit

-h, --help Show this help message and exit

-d DIR, --dir DIR Target directory for key files

-t TYPE, --type TYPE Key type. Default is DSA.

-l BITS, --length BITS

Key length in bits. Default is 2048.

-s TYPE, --subtype TYPE

Subkey type. Default is ELG-E.

-L BITS, --sublength BITS

Subkey length in bits. Default is 2048.

-n NAME, --name NAME Name of key. Default is the FQDN.

-e ADDRESS, --email ADDRESS

Email address of key. Default is empty.

-c TEXT, --comment TEXT

Comment field for key. The default value is

"Mandos client key".

-x TIME, --expire TIME

Key expire time. Default is no expiration.

See gpg(1) for syntax.

-f, --force Force overwriting old key files.

Password creation options:

-p, --password Create an encrypted password using the key in

the key directory. All options other than

--dir and --name are ignored.

-F FILE, --passfile FILE

Encrypt a password from FILE using the key in

the key directory. All options other than

--dir and --name are ignored.

EOF

}

eval set -- "$TEMP"

while :; do

case "$1" in

-p|--password) mode=password; shift;;

-F|--passfile) mode=password; PASSFILE="$2"; shift 2;;

-d|--dir) KEYDIR="$2"; shift 2;;

-t|--type) KEYTYPE="$2"; shift 2;;

-s|--subtype) SUBKEYTYPE="$2"; shift 2;;

-l|--length) KEYLENGTH="$2"; shift 2;;

100

-L|--sublength) SUBKEYLENGTH="$2"; shift 2;;

101

-n|--name) KEYNAME="$2"; shift 2;;

102

-e|--email) KEYEMAIL="$2"; shift 2;;

103

-c|--comment) KEYCOMMENT="$2"; shift 2;;

104

-x|--expire) KEYEXPIRE="$2"; shift 2;;

105

-f|--force) FORCE=yes; shift;;

106

-v|--version) echo "$0 $VERSION"; exit;;

107

-h|--help) help; exit;;

108

--) shift; break;;

109

*) echo "Internal error" >&2; exit 1;;

110

esac

111

done

112

if [ "$#" -gt 0 ]; then

113

echo "Unknown arguments: '$@'" >&2

114

exit 1

115

116

117

SECKEYFILE="$KEYDIR/seckey.txt"

118

PUBKEYFILE="$KEYDIR/pubkey.txt"

119

120

# Check for some invalid values

121

if [ ! -d "$KEYDIR" ]; then

122

echo "$KEYDIR not a directory" >&2

123

exit 1

124

125

if [ ! -r "$KEYDIR" ]; then

126

echo "Directory $KEYDIR not readable" >&2

127

exit 1

128

129

130

if [ "$mode" = keygen ]; then

131

if [ ! -w "$KEYDIR" ]; then

132

echo "Directory $KEYDIR not writeable" >&2

133

exit 1

134

135

if [ -z "$KEYTYPE" ]; then

136

echo "Empty key type" >&2

137

exit 1

138

139

140

if [ -z "$KEYNAME" ]; then

141

echo "Empty key name" >&2

142

exit 1

143

144

145

if [ -z "$KEYLENGTH" ] || [ "$KEYLENGTH" -lt 512 ]; then

146

echo "Invalid key length" >&2

147

exit 1

148

149

150

if [ -z "$KEYEXPIRE" ]; then

151

echo "Empty key expiration" >&2

152

exit 1

153

154

155

# Make FORCE be 0 or 1

156

case "$FORCE" in

157

[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]) FORCE=1;;

158

[Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|*) FORCE=0;;

159

esac

160

161

if [ $ -e "$SECKEYFILE" -o -e "$PUBKEYFILE" $ \

162

-a "$FORCE" -eq 0 ]; then

163

echo "Refusing to overwrite old key files; use --force" >&2

164

exit 1

165

166

167

# Set lines for GnuPG batch file

168

if [ -n "$KEYCOMMENT" ]; then

169

KEYCOMMENTLINE="Name-Comment: $KEYCOMMENT"

170

171

if [ -n "$KEYEMAIL" ]; then

172

KEYEMAILLINE="Name-Email: $KEYEMAIL"

173

174

175

# Create temporary gpg batch file

176

BATCHFILE="`mktemp -t mandos-keygen-batch.XXXXXXXXXX`"

177

178

179

if [ "$mode" = password ]; then

180

# Create temporary encrypted password file

181

SECFILE="`mktemp -t mandos-keygen-secfile.XXXXXXXXXX`"

182

183

184

# Create temporary key ring directory

185

RINGDIR="`mktemp -d -t mandos-keygen-keyrings.XXXXXXXXXX`"

186

187

# Remove temporary files on exit

188

trap "

189

set +e; \

190

test -n \"$SECFILE\" && shred --remove \"$SECFILE\"; \

191

shred --remove \"$RINGDIR\"/sec*;

192

test -n \"$BATCHFILE\" && rm --force \"$BATCHFILE\"; \

193

rm --recursive --force \"$RINGDIR\";

194

stty echo; \

195

" EXIT

196

197

umask 077

198

199

if [ "$mode" = keygen ]; then

200

# Create batch file for GnuPG

201

cat >"$BATCHFILE" <<-EOF

202

Key-Type: $KEYTYPE

203

Key-Length: $KEYLENGTH

204

#Key-Usage: encrypt,sign,auth

205

Subkey-Type: $SUBKEYTYPE

206

Subkey-Length: $SUBKEYLENGTH

207

#Subkey-Usage: encrypt,sign,auth

208

Name-Real: $KEYNAME

209

$KEYCOMMENTLINE

210

$KEYEMAILLINE

211

Expire-Date: $KEYEXPIRE

212

#Preferences: <string>

213

#Handle: <no-spaces>

214

#%pubring pubring.gpg

215

#%secring secring.gpg

216

%commit

217

EOF

218

219

# Generate a new key in the key rings

220

gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

221

--homedir "$RINGDIR" --trust-model always \

222

--gen-key "$BATCHFILE"

223

rm --force "$BATCHFILE"

224

225

# Backup any old key files

226

if cp --backup=numbered --force "$SECKEYFILE" "$SECKEYFILE" \

227

2>/dev/null; then

228

shred --remove "$SECKEYFILE"

229

230

if cp --backup=numbered --force "$PUBKEYFILE" "$PUBKEYFILE" \

231

2>/dev/null; then

232

rm --force "$PUBKEYFILE"

233

234

235

FILECOMMENT="Mandos client key for $KEYNAME"

236

if [ "$KEYCOMMENT" != "$KEYCOMMENT_ORIG" ]; then

237

FILECOMMENT="$FILECOMMENT ($KEYCOMMENT)"

238

239

240

if [ -n "$KEYEMAIL" ]; then

241

FILECOMMENT="$FILECOMMENT <$KEYEMAIL>"

242

243

244

# Export key from key rings to key files

245

gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

246

--homedir "$RINGDIR" --armor --export-options export-minimal \

247

--comment "$FILECOMMENT" --output "$SECKEYFILE" \

248

--export-secret-keys

249

gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

250

--homedir "$RINGDIR" --armor --export-options export-minimal \

251

--comment "$FILECOMMENT" --output "$PUBKEYFILE" --export

252

253

254

if [ "$mode" = password ]; then

255

# Import key into temporary key rings

256

gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

257

--homedir "$RINGDIR" --trust-model always --armor \

258

--import "$SECKEYFILE"

259

gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

260

--homedir "$RINGDIR" --trust-model always --armor \

261

--import "$PUBKEYFILE"

262

263

# Get fingerprint of key

264

FINGERPRINT="`gpg --quiet --batch --no-tty --no-options \

265

--enable-dsa2 --homedir \"$RINGDIR\" --trust-model always \

266

--fingerprint --with-colons \

267

| sed --quiet \

268

--expression='/^fpr:/{s/^fpr:.*:\$[0-9A-Z]*\$:\$/\\1/p;q}'`"

269

270

test -n "$FINGERPRINT"

271

272

FILECOMMENT="Encrypted password for a Mandos client"

273

274

if [ -n "$PASSFILE" ]; then

275

cat "$PASSFILE"

276

else

277

stty -echo

278

echo -n "Enter passphrase: " >&2

279

first="$(head --lines=1 | tr --delete '\n')"

280

echo -n -e "\nRepeat passphrase: " >&2

281

second="$(head --lines=1 | tr --delete '\n')"

282

echo >&2

283

stty echo

284

if [ "$first" != "$second" ]; then

285

echo -e "Passphrase mismatch" >&2

286

false

287

else

288

echo -n "$first"

289

290

fi | gpg --quiet --batch --no-tty --no-options --enable-dsa2 \

291

--homedir "$RINGDIR" --trust-model always --armor --encrypt \

292

--recipient "$FINGERPRINT" --comment "$FILECOMMENT" \

293

> "$SECFILE"

294

status="${PIPESTATUS[0]}"

295

if [ "$status" -ne 0 ]; then

296

exit "$status"

297

298

299

cat <<-EOF

300

[$KEYNAME]

301

host = $KEYNAME

302

fingerprint = $FINGERPRINT

303

secret =

304

EOF

305

sed --quiet --expression='

306

/^-----BEGIN PGP MESSAGE-----$/,/^-----END PGP MESSAGE-----$/{

307

/^$/,${

308

# Remove 24-bit Radix-64 checksum

309

s/=....$//

310

# Indent four spaces

311

/^[^-]/s/^/ /p

312

}

313

}' < "$SECFILE"

314

315

316

trap - EXIT

317

318

set +e

319

# Remove the password file, if any

320

if [ -n "$SECFILE" ]; then

321

shred --remove "$SECFILE"

322

323

# Remove the key rings

324

shred --remove "$RINGDIR"/sec*

325

rm --recursive --force "$RINGDIR"

Older »