ash_functions: have gpg_auth calls to confirm_gpg_card in subshell loop to force successful authentication

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
This commit is contained in:
Thierry Laurion 2023-11-01 13:15:44 -04:00
parent f5dc5ef5cd
commit c2c32c425b
No known key found for this signature in database
GPG Key ID: E7B4A71658E36A93

View File

@ -101,7 +101,7 @@ confirm_gpg_card() {
echo
#prompt user to select the proper encrypted partition, which should the first one on next prompt
warn "Please select encrypted LUKS on GPG key material backup thumb drive (not public labeled one)"
mount-usb --pass "$gpg_admin_pin" || die "Unable to mount USB with GPG Admin PIN"
mount-usb --pass "$gpg_admin_pin" || die "Unable to mount USB with provided GPG Admin PIN"
echo "++++ Testing detach-sign operation and verifiying against fused public key in ROM"
gpg --pinentry-mode=loopback --passphrase-file <(echo -n "${gpg_admin_pin}") --import /media/subkeys.sec >/dev/null 2>&1 ||
die "Unable to import GPG private subkeys"
@ -112,7 +112,7 @@ confirm_gpg_card() {
die "Unable to detach-sign $CR_NONCE with GPG private signing subkey using GPG Admin PIN"
#verify detached signature against public key in rom
gpg --verify "$CR_SIG" "$CR_NONCE" > /dev/null 2>&1 && \
echo "++++ Imported private subkeys match public key fused in rom and can be used under Heads" || \
echo "++++ Local GPG keyring can be used to sign/encrypt/authenticate in this boot session ++++" || \
die "Unable to verify $CR_SIG detached signature against public key in ROM"
#Wipe any previous CR_NONCE and CR_SIG
shred -n 10 -z -u "$CR_NONCE" "$CR_SIG" >/dev/null 2>&1 || true
@ -123,7 +123,7 @@ confirm_gpg_card() {
fi
fi
# setup the USB so we can reach the GPG card
# setup the USB so we can reach the USB Security Dongle' smartcard
enable_usb
echo -e "\nVerifying presence of GPG card...\n"
@ -158,7 +158,13 @@ gpg_auth() {
# Wipe any existing nonce and signature
shred -n 10 -z -u "$CR_NONCE" "$CR_SIG" 2>/dev/null || true
confirm_gpg_card
# In case of gpg_auth, we require confirmation of the card, so loop with confirm_gpg_card until we get it
false
while [ $? -ne 0 ]; do
# Call confirm_gpg_card in subshell to ensure GPG key material presence
( confirm_gpg_card )
done
# Perform a signing-based challenge-response,
# to authencate that the card plugged in holding