ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-20 05:28:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

gpg-gui: remove OEM factory reset option

Browse Source 
superseded by newer version in main options menu

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
This commit is contained in:
Matt DeVillier 2019-08-16 09:35:40 -05:00
parent d8bcc7b841
commit ba23fb7ac2
No known key found for this signature in database
GPG Key ID: 2BBB776A35B978FD
1 changed files with 0 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
initrd/bin/gpg-gui.sh
View File

@ -164,29 +164,6 @@ gpg_post_gen_mgmt() {
gpg_flash_rom gpg_flash_rom
fi fi
} }
gpg_sc_oem_reset() {
GPG_KEY_NAME=`date +%Y%m%d%H%M%S`
# Factory reset GPG card
{
echo admin
echo factory-reset
echo y
echo yes
} | gpg --command-fd=0 --status-fd=1 --pinentry-mode=loopback --card-edit > /tmp/gpg_card_edit_output || return 1
# Generate OEM GPG keys
{
echo admin
echo generate
echo n
echo 12345678
echo 123456
echo 0
echo y
echo "OEM Key"
echo "oem-${GPG_KEY_NAME}@example.com"
echo "OEM-generated key"
} | gpg --command-fd=0 --status-fd=2 --pinentry-mode=loopback --card-edit > /tmp/gpg_card_edit_output || return 2
}
gpg_add_key_reflash() { gpg_add_key_reflash() {
if (whiptail --title 'GPG public key required' \ if (whiptail --title 'GPG public key required' \
@ -229,7 +206,6 @@ while true; do
'e' ' Replace GPG key(s) in the current ROM + reflash' \ 'e' ' Replace GPG key(s) in the current ROM + reflash' \
'l' ' List GPG keys in your keyring' \ 'l' ' List GPG keys in your keyring' \
'g' ' Generate GPG keys manually on a USB security token' \ 'g' ' Generate GPG keys manually on a USB security token' \
'o' ' OEM Factory reset + auto keygen USB security token' \
'x' ' Exit' \ 'x' ' Exit' \
2>/tmp/whiptail || recovery "GUI menu failed" 2>/tmp/whiptail || recovery "GUI menu failed"
@ -303,24 +279,6 @@ while true; do
gpg_post_gen_mgmt gpg_post_gen_mgmt
fi fi
;; ;;
"o" )
if (whiptail $CONFIG_WARNING_BG_COLOR --title 'WARNING: Factory Reset USB Security Token?' \
--yesno "This will perform a FACTORY RESET of the USB security token!\n\nThis will:\n* Reset all security token passwords to default\n* Erase any keys on the security token\n* Generate new automated GPG keys on the token\n\nAny data now on the USB security token will be LOST!\n\nDo you want to proceed?" 16 120) then
confirm_gpg_card
gpg_sc_oem_reset
if [ $? -eq 0 ]; then
gpg_post_gen_mgmt
elif [ $? -eq 1 ]; then
GPG_OUTPUT=`cat /tmp/gpg_card_edit_output`
whiptail $CONFIG_ERROR_BG_COLOR --title 'ERROR: Factory Reset Failed!' \
--msgbox "Factory Reset Failed!\n\n$GPG_OUTPUT" 16 120
elif [ $? -eq 2 ]; then
GPG_OUTPUT=`cat /tmp/gpg_card_edit_output`
whiptail $CONFIG_ERROR_BG_COLOR --title 'ERROR: Automatic Keygen Failed!' \
--msgbox "Automatic Keygen Failed!\n\n$GPG_OUTPUT" 16 120
fi
fi
;;
esac esac
done done