ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-19 04:57:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
c7085d89c3
heads/initrd/bin/gpg-gui.sh

242 lines
8.6 KiB
Bash
Raw Normal View History

Add GPG GUI It makes more logical sense for GPG functions to be split out into their own menu instead of being part of the "Flash" menu. This creates a gpg-gui.sh script and moves GPG options there while adding a few additional features (like listing keys and initial smartcard key generation support).
2019-02-11 22:29:13 +00:00
#!/bin/sh
#
Revert "Remove "pipefail" so unmatched greps don't cause script to exit" This reverts commit 9279d60a1a7685a18b819811d864d195fba2e1fd.
2019-02-19 14:48:35 +00:00
set -e -o pipefail
Add GPG GUI It makes more logical sense for GPG functions to be split out into their own menu instead of being part of the "Flash" menu. This creates a gpg-gui.sh script and moves GPG options there while adding a few additional features (like listing keys and initial smartcard key generation support).
2019-02-11 22:29:13 +00:00
. /etc/functions
*gui.sh: move common ops to gui_functions Move code duplicated across several GUI scripts into a common gui_functions file and include/use that. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-07-10 17:58:32 +00:00
. /etc/gui_functions
Add GPG GUI It makes more logical sense for GPG functions to be split out into their own menu instead of being part of the "Flash" menu. This creates a gpg-gui.sh script and moves GPG options there while adding a few additional features (like listing keys and initial smartcard key generation support).
2019-02-11 22:29:13 +00:00
. /tmp/config
Add GPG smartcard keygen feature This change updates the very basic GPG smartcard feature in the GPG GUI so that it can properly support generating a key from within Heads. It offers the user the option to copy the generated GPG public key to a USB thumb drive so it's not lost as well as the option to reflash the current Heads BIOS with this new public key added to the keyring. I've moved the common functions required to flash a new ROM with GPG changes into a shared function at the top of the script.
2019-04-10 16:34:31 +00:00
gpg_flash_rom() {
gpg-gui: add option to replace existing key(s) Introduce option to remove any existing key(s) from firmware and add a user-suppled key, before reflashing. Move existing code for adding a new key to a separate function so it can be reused for new feature without duplication. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-09 03:16:57 +00:00
if [ "$1" = "replace" ]; then
# clear local keyring
[ -e /.gnupg/pubring.gpg ] && rm /.gnupg/pubring.gpg
[ -e /.gnupg/pubring.kbx ] && rm /.gnupg/pubring.kbx
[ -e /.gnupg/trustdb.gpg ] && rm /.gnupg/trustdb.gpg
fi
Add GPG smartcard keygen feature This change updates the very basic GPG smartcard feature in the GPG GUI so that it can properly support generating a key from within Heads. It offers the user the option to copy the generated GPG public key to a USB thumb drive so it's not lost as well as the option to reflash the current Heads BIOS with this new public key added to the keyring. I've moved the common functions required to flash a new ROM with GPG changes into a shared function at the top of the script.
2019-04-10 16:34:31 +00:00
cat "$PUBKEY" | gpg --import
#update /.gnupg/trustdb.gpg to ultimately trust all user provided public keys
gpg --list-keys --fingerprint --with-colons |sed -E -n -e 's/^fpr:::::::::([0-9A-F]+):$/\1:6:/p' |gpg --import-ownertrust
gpg --update-trust
if (cbfs -o /tmp/gpg-gui.rom -l | grep -q "heads/initrd/.gnupg/pubring.kbx"); then
cbfs -o /tmp/gpg-gui.rom -d "heads/initrd/.gnupg/pubring.kbx"
if (cbfs -o /tmp/gpg-gui.rom -l | grep -q "heads/initrd/.gnupg/pubring.gpg"); then
cbfs -o /tmp/gpg-gui.rom -d "heads/initrd/.gnupg/pubring.gpg"
if [ -e /.gnupg/pubring.gpg ];then
rm /.gnupg/pubring.gpg
fi
fi
fi
#to be compatible with gpgv1
if [ -e /.gnupg/pubring.kbx ];then
cbfs -o /tmp/gpg-gui.rom -a "heads/initrd/.gnupg/pubring.kbx" -f /.gnupg/pubring.kbx
if [ -e /.gnupg/pubring.gpg ];then
rm /.gnupg/pubring.gpg
fi
fi
if [ -e /.gnupg/pubring.gpg ];then
cbfs -o /tmp/gpg-gui.rom -a "heads/initrd/.gnupg/pubring.gpg" -f /.gnupg/pubring.gpg
fi
if (cbfs -o /tmp/gpg-gui.rom -l | grep -q "heads/initrd/.gnupg/trustdb.gpg") then
cbfs -o /tmp/gpg-gui.rom -d "heads/initrd/.gnupg/trustdb.gpg"
fi
gpg_flash_rom(): ensure files exist before adding to CBFS Check that any files added to cbfs exist before attempting to add them, so flashing doesn't fail after a reset. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-09 16:41:31 +00:00
if [ -e /.gnupg/trustdb.gpg ]; then
cbfs -o /tmp/gpg-gui.rom -a "heads/initrd/.gnupg/trustdb.gpg" -f /.gnupg/trustdb.gpg
fi
Add GPG smartcard keygen feature This change updates the very basic GPG smartcard feature in the GPG GUI so that it can properly support generating a key from within Heads. It offers the user the option to copy the generated GPG public key to a USB thumb drive so it's not lost as well as the option to reflash the current Heads BIOS with this new public key added to the keyring. I've moved the common functions required to flash a new ROM with GPG changes into a shared function at the top of the script.
2019-04-10 16:34:31 +00:00
#Remove old method owner trust exported file
if (cbfs -o /tmp/gpg-gui.rom -l | grep -q "heads/initrd/.gnupg/otrust.txt") then
cbfs -o /tmp/gpg-gui.rom -d "heads/initrd/.gnupg/otrust.txt"
fi
gpg_flash_rom: persist user config when flashing If the user has changed the /boot config but not yet flashed, it's reasonable for them to expect that flashing to add/update a GPG key won't revert those changes. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-08 01:45:36 +00:00
# persist user config changes
if (cbfs -o /tmp/gpg-gui.rom -l | grep -q "heads/initrd/etc/config.user") then
cbfs -o /tmp/gpg-gui.rom -d "heads/initrd/etc/config.user"
fi
gpg_flash_rom(): ensure files exist before adding to CBFS Check that any files added to cbfs exist before attempting to add them, so flashing doesn't fail after a reset. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-09 16:41:31 +00:00
if [ -e /etc/config.user ]; then
cbfs -o /tmp/gpg-gui.rom -a "heads/initrd/etc/config.user" -f /etc/config.user
fi
Add GPG smartcard keygen feature This change updates the very basic GPG smartcard feature in the GPG GUI so that it can properly support generating a key from within Heads. It offers the user the option to copy the generated GPG public key to a USB thumb drive so it's not lost as well as the option to reflash the current Heads BIOS with this new public key added to the keyring. I've moved the common functions required to flash a new ROM with GPG changes into a shared function at the top of the script.
2019-04-10 16:34:31 +00:00
/bin/flash.sh /tmp/gpg-gui.rom
gpg-gui: prompt user to update checksums after adding key In order to streamline the initial setup, prompt user to update checksums/sign /boot files after adding a key and updating the firmware, in order to avoid an extra reboot. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-05 22:07:06 +00:00
if (whiptail --title 'BIOS Flashed Successfully' \
--yesno "Would you like to update the checksums and sign all of the files in /boot?\n\nYou will need your GPG key to continue and this will modify your disk.\n\nOtherwise the system will reboot immediately." 16 90) then
update_checksums
else
/bin/reboot
fi
whiptail --title 'Files in /boot Updated Successfully'\
--msgbox "Checksums have been updated and /boot files signed.\n\nPress Enter to reboot" 16 60
Add GPG smartcard keygen feature This change updates the very basic GPG smartcard feature in the GPG GUI so that it can properly support generating a key from within Heads. It offers the user the option to copy the generated GPG public key to a USB thumb drive so it's not lost as well as the option to reflash the current Heads BIOS with this new public key added to the keyring. I've moved the common functions required to flash a new ROM with GPG changes into a shared function at the top of the script.
2019-04-10 16:34:31 +00:00
/bin/reboot
gpg-gui: prompt user to update checksums after adding key In order to streamline the initial setup, prompt user to update checksums/sign /boot files after adding a key and updating the firmware, in order to avoid an extra reboot. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-05 22:07:06 +00:00
Add GPG smartcard keygen feature This change updates the very basic GPG smartcard feature in the GPG GUI so that it can properly support generating a key from within Heads. It offers the user the option to copy the generated GPG public key to a USB thumb drive so it's not lost as well as the option to reflash the current Heads BIOS with this new public key added to the keyring. I've moved the common functions required to flash a new ROM with GPG changes into a shared function at the top of the script.
2019-04-10 16:34:31 +00:00
}
Add a "Factory reset" GPG option This mimics tlauion's OEM work in the sense that a user (or OEM) could choose this option and it will reset an OpenPGP smart card and automatically generate a random key on it. The idea is to allow an OEM to set up a Librem Key and Heads on a machine before shipping with a random key, so the user can test for tampering when they receive the machine, and then the user can choose to reset all of the keys with their chosen keys after that fact.
2019-04-19 15:35:01 +00:00
gpg_post_gen_mgmt() {
GPG_GEN_KEY=`grep -A1 pub /tmp/gpg_card_edit_output | tail -n1 | sed -nr 's/^([ ])*//p'`
gpg --export --armor $GPG_GEN_KEY > "/tmp/${GPG_GEN_KEY}.asc"
if (whiptail --title 'Add Public Key to USB disk?' \
Add option to export pubkey
2020-06-23 13:32:51 +00:00
--yesno "Would you like to copy the GPG public key you generated to a USB disk?\n\nYou may need it, if you want to use it outside of Heads later.\n\nThe file will show up as ${GPG_GEN_KEY}.asc" 16 90) then
Add a "Factory reset" GPG option This mimics tlauion's OEM work in the sense that a user (or OEM) could choose this option and it will reset an OpenPGP smart card and automatically generate a random key on it. The idea is to allow an OEM to set up a Librem Key and Heads on a machine before shipping with a random key, so the user can test for tampering when they receive the machine, and then the user can choose to reset all of the keys with their chosen keys after that fact.
2019-04-19 15:35:01 +00:00
mount_usb
mount -o remount,rw /media
cp "/tmp/${GPG_GEN_KEY}.asc" "/media/${GPG_GEN_KEY}.asc"
if [ $? -eq 0 ]; then
whiptail --title "The GPG Key Copied Successfully" \
--msgbox "${GPG_GEN_KEY}.asc copied successfully." 16 60
else
whiptail $CONFIG_ERROR_BG_COLOR --title 'ERROR: Copy Failed' \
--msgbox "Unable to copy ${GPG_GEN_KEY}.asc to /media" 16 60
fi
umount /media
fi
if (whiptail --title 'Add Public Key to Running BIOS?' \
--yesno "Would you like to add the GPG public key you generated to the BIOS?\n\nThis makes it a trusted key used to sign files in /boot\n\n" 16 90) then
/bin/flash.sh -r /tmp/gpg-gui.rom
if [ ! -s /tmp/gpg-gui.rom ]; then
whiptail $CONFIG_ERROR_BG_COLOR --title 'ERROR: BIOS Read Failed!' \
--msgbox "Unable to read BIOS" 16 60
exit 1
fi
PUBKEY="/tmp/${GPG_GEN_KEY}.asc"
gpg_flash_rom
fi
}
Add GPG GUI It makes more logical sense for GPG functions to be split out into their own menu instead of being part of the "Flash" menu. This creates a gpg-gui.sh script and moves GPG options there while adding a few additional features (like listing keys and initial smartcard key generation support).
2019-02-11 22:29:13 +00:00
gpg-gui: add option to replace existing key(s) Introduce option to remove any existing key(s) from firmware and add a user-suppled key, before reflashing. Move existing code for adding a new key to a separate function so it can be reused for new feature without duplication. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-09 03:16:57 +00:00
gpg_add_key_reflash() {
if (whiptail --title 'GPG public key required' \
--yesno "This requires you insert a USB drive containing:\n* Your GPG public key (*.key or *.asc)\n\nAfter you select this file, this program will copy and reflash your BIOS\n\nDo you want to proceed?" 16 90) then
mount_usb
if grep -q /media /proc/mounts ; then
find /media -name '*.key' > /tmp/filelist.txt
find /media -name '*.asc' >> /tmp/filelist.txt
file_selector "/tmp/filelist.txt" "Choose your GPG public key"
gpg_add_key_reflash: handle user cancellation if user chooses abort option, exit without flashing ROM Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-09 21:53:40 +00:00
# bail if user didn't select a file
if [ "$FILE" = "" ]; then
return
else
PUBKEY=$FILE
fi
gpg-gui: add option to replace existing key(s) Introduce option to remove any existing key(s) from firmware and add a user-suppled key, before reflashing. Move existing code for adding a new key to a separate function so it can be reused for new feature without duplication. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-09 03:16:57 +00:00
/bin/flash.sh -r /tmp/gpg-gui.rom
if [ ! -s /tmp/gpg-gui.rom ]; then
whiptail $CONFIG_ERROR_BG_COLOR --title 'ERROR: BIOS Read Failed!' \
--msgbox "Unable to read BIOS" 16 60
exit 1
fi
if (whiptail --title 'Update ROM?' \
--yesno "This will reflash your BIOS with the updated version\n\nDo you want to proceed?" 16 90) then
gpg_flash_rom
else
exit 0
fi
fi
fi
}
Add GPG GUI It makes more logical sense for GPG functions to be split out into their own menu instead of being part of the "Flash" menu. This creates a gpg-gui.sh script and moves GPG options there while adding a few additional features (like listing keys and initial smartcard key generation support).
2019-02-11 22:29:13 +00:00
while true; do
unset menu_choice
whiptail --clear --title "GPG Management Menu" \
--menu 'Select the GPG function to perform' 20 90 10 \
'r' ' Add GPG key to running BIOS + reflash' \
'a' ' Add GPG key to standalone BIOS image + flash' \
gpg-gui: add option to replace existing key(s) Introduce option to remove any existing key(s) from firmware and add a user-suppled key, before reflashing. Move existing code for adding a new key to a separate function so it can be reused for new feature without duplication. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-09 03:16:57 +00:00
'e' ' Replace GPG key(s) in the current ROM + reflash' \
Add GPG GUI It makes more logical sense for GPG functions to be split out into their own menu instead of being part of the "Flash" menu. This creates a gpg-gui.sh script and moves GPG options there while adding a few additional features (like listing keys and initial smartcard key generation support).
2019-02-11 22:29:13 +00:00
'l' ' List GPG keys in your keyring' \
Add option to export pubkey
2020-06-23 13:32:51 +00:00
'p' ' Export public GPG key to USB drive' \
Add a "Factory reset" GPG option This mimics tlauion's OEM work in the sense that a user (or OEM) could choose this option and it will reset an OpenPGP smart card and automatically generate a random key on it. The idea is to allow an OEM to set up a Librem Key and Heads on a machine before shipping with a random key, so the user can test for tampering when they receive the machine, and then the user can choose to reset all of the keys with their chosen keys after that fact.
2019-04-19 15:35:01 +00:00
'g' ' Generate GPG keys manually on a USB security token' \
Add GPG GUI It makes more logical sense for GPG functions to be split out into their own menu instead of being part of the "Flash" menu. This creates a gpg-gui.sh script and moves GPG options there while adding a few additional features (like listing keys and initial smartcard key generation support).
2019-02-11 22:29:13 +00:00
'x' ' Exit' \
2>/tmp/whiptail || recovery "GUI menu failed"
menu_choice=$(cat /tmp/whiptail)
case "$menu_choice" in
"x" )
exit 0
;;
"a" )
if (whiptail --title 'ROM and GPG public key required' \
--yesno "This requires you insert a USB drive containing:\n* Your GPG public key (*.key or *.asc)\n* Your BIOS image (*.rom)\n\nAfter you select these files, this program will reflash your BIOS\n\nDo you want to proceed?" 16 90) then
mount_usb
if grep -q /media /proc/mounts ; then
find /media -name '*.key' > /tmp/filelist.txt
find /media -name '*.asc' >> /tmp/filelist.txt
file_selector "/tmp/filelist.txt" "Choose your GPG public key"
if [ "$FILE" == "" ]; then
return
else
PUBKEY=$FILE
fi
find /media -name '*.rom' > /tmp/filelist.txt
file_selector "/tmp/filelist.txt" "Choose the ROM to load your key onto"
if [ "$FILE" == "" ]; then
return
else
ROM=$FILE
fi
cp "$ROM" /tmp/gpg-gui.rom
if (whiptail --title 'Flash ROM?' \
--yesno "This will replace your old ROM with $ROM\n\nDo you want to proceed?" 16 90) then
Add GPG smartcard keygen feature This change updates the very basic GPG smartcard feature in the GPG GUI so that it can properly support generating a key from within Heads. It offers the user the option to copy the generated GPG public key to a USB thumb drive so it's not lost as well as the option to reflash the current Heads BIOS with this new public key added to the keyring. I've moved the common functions required to flash a new ROM with GPG changes into a shared function at the top of the script.
2019-04-10 16:34:31 +00:00
gpg_flash_rom
Add GPG GUI It makes more logical sense for GPG functions to be split out into their own menu instead of being part of the "Flash" menu. This creates a gpg-gui.sh script and moves GPG options there while adding a few additional features (like listing keys and initial smartcard key generation support).
2019-02-11 22:29:13 +00:00
else
exit 0
fi
fi
fi
;;
"r" )
gpg-gui: add option to replace existing key(s) Introduce option to remove any existing key(s) from firmware and add a user-suppled key, before reflashing. Move existing code for adding a new key to a separate function so it can be reused for new feature without duplication. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-09 03:16:57 +00:00
gpg_add_key_reflash
exit 0;
;;
"e" )
# clear local keyring
[ -e /.gnupg/pubring.gpg ] && rm /.gnupg/pubring.gpg
[ -e /.gnupg/pubring.kbx ] && rm /.gnupg/pubring.kbx
[ -e /.gnupg/trustdb.gpg ] && rm /.gnupg/trustdb.gpg
# add key and reflash
gpg_add_key_reflash
Add GPG GUI It makes more logical sense for GPG functions to be split out into their own menu instead of being part of the "Flash" menu. This creates a gpg-gui.sh script and moves GPG options there while adding a few additional features (like listing keys and initial smartcard key generation support).
2019-02-11 22:29:13 +00:00
;;
"l" )
GPG_KEYRING=`gpg -k`
whiptail --title 'GPG Keyring' \
--msgbox "${GPG_KEYRING}" 16 60
;;
Add option to export pubkey
2020-06-23 13:32:51 +00:00
"p" )
if (whiptail --title 'Export Public Key(s) to USB drive?' \
--yesno "Would you like to copy GPG public key(s) to a USB drive?\n\nThe file will show up as public-key.asc" 16 90) then
mount_usb
mount -o remount,rw /media
gpg --export --armor > "/tmp/public-key.asc"
cp "/tmp/public-key.asc" "/media/public-key.asc"
if [ $? -eq 0 ]; then
whiptail --title "The GPG Key Copied Successfully" \
--msgbox "public-key.asc copied successfully." 16 60
else
whiptail $CONFIG_ERROR_BG_COLOR --title 'ERROR: Copy Failed' \
--msgbox "Unable to copy public-key.asc to /media" 16 60
fi
umount /media
fi
;;
Add GPG GUI It makes more logical sense for GPG functions to be split out into their own menu instead of being part of the "Flash" menu. This creates a gpg-gui.sh script and moves GPG options there while adding a few additional features (like listing keys and initial smartcard key generation support).
2019-02-11 22:29:13 +00:00
"g" )
confirm_gpg_card
Add GPG smartcard keygen feature This change updates the very basic GPG smartcard feature in the GPG GUI so that it can properly support generating a key from within Heads. It offers the user the option to copy the generated GPG public key to a USB thumb drive so it's not lost as well as the option to reflash the current Heads BIOS with this new public key added to the keyring. I've moved the common functions required to flash a new ROM with GPG changes into a shared function at the top of the script.
2019-04-10 16:34:31 +00:00
echo -e "\n\n\n\n"
Add GPG GUI It makes more logical sense for GPG functions to be split out into their own menu instead of being part of the "Flash" menu. This creates a gpg-gui.sh script and moves GPG options there while adding a few additional features (like listing keys and initial smartcard key generation support).
2019-02-11 22:29:13 +00:00
echo "********************************************************************************"
echo "*"
echo "* INSTRUCTIONS:"
echo "* Type 'admin' and then 'generate' and follow the prompts to generate a GPG key."
Add GPG smartcard keygen feature This change updates the very basic GPG smartcard feature in the GPG GUI so that it can properly support generating a key from within Heads. It offers the user the option to copy the generated GPG public key to a USB thumb drive so it's not lost as well as the option to reflash the current Heads BIOS with this new public key added to the keyring. I've moved the common functions required to flash a new ROM with GPG changes into a shared function at the top of the script.
2019-04-10 16:34:31 +00:00
echo "* Type 'quit' once you have generated the key to exit GPG."
Add GPG GUI It makes more logical sense for GPG functions to be split out into their own menu instead of being part of the "Flash" menu. This creates a gpg-gui.sh script and moves GPG options there while adding a few additional features (like listing keys and initial smartcard key generation support).
2019-02-11 22:29:13 +00:00
echo "*"
echo "********************************************************************************"
Add GPG smartcard keygen feature This change updates the very basic GPG smartcard feature in the GPG GUI so that it can properly support generating a key from within Heads. It offers the user the option to copy the generated GPG public key to a USB thumb drive so it's not lost as well as the option to reflash the current Heads BIOS with this new public key added to the keyring. I've moved the common functions required to flash a new ROM with GPG changes into a shared function at the top of the script.
2019-04-10 16:34:31 +00:00
gpg --card-edit > /tmp/gpg_card_edit_output
if [ $? -eq 0 ]; then
Add a "Factory reset" GPG option This mimics tlauion's OEM work in the sense that a user (or OEM) could choose this option and it will reset an OpenPGP smart card and automatically generate a random key on it. The idea is to allow an OEM to set up a Librem Key and Heads on a machine before shipping with a random key, so the user can test for tampering when they receive the machine, and then the user can choose to reset all of the keys with their chosen keys after that fact.
2019-04-19 15:35:01 +00:00
gpg_post_gen_mgmt
fi
;;
Add GPG GUI It makes more logical sense for GPG functions to be split out into their own menu instead of being part of the "Flash" menu. This creates a gpg-gui.sh script and moves GPG options there while adding a few additional features (like listing keys and initial smartcard key generation support).
2019-02-11 22:29:13 +00:00
esac
done
exit 0
Reference in New Issue Copy Permalink