diff options
Diffstat (limited to 'pinentry.sh')
-rw-r--r-- | pinentry.sh | 353 |
1 files changed, 353 insertions, 0 deletions
diff --git a/pinentry.sh b/pinentry.sh new file mode 100644 index 0000000..fce4404 --- /dev/null +++ b/pinentry.sh @@ -0,0 +1,353 @@ +#/bin/bash + +VERSION="0.1.0" +TIMEOUT="0" +DESCRIPTION="Enter password for GPG key" +PROMPT="Password:" +TITLE="GPG Key Credentials" +CREDENTIALPREFIX="gpgkey://" +KEYINFO="" +OKBUTTON="&OK" +CANCELBUTTON="&Cancel" +NOTOKBUTTON="&Do not do this" +PINERROR="" +EXTPASSCACHE=0 +REPEATPASSWORD=0 +REPEATDESCRIPTION="Confirm password for GPG key" +REPEATERROR="Error: Passwords did not match." + +assuan_result() { + #echo -n $(( (5 << 24) | $1 )) + case $1 in + 0) + echo -n "ERR 0 no error" + ;; + 62) + echo -n "ERR 83886142 timeout" + ;; + 99) + echo -n "ERR 83886179 cancelled" + ;; + 114) + echo -n "ERR 83886194 not confirmed" + ;; + 174) + echo -n "ERR 83886254 invalid option" + ;; + 257) + echo -n "ERR 83886337 general error" + ;; + 261) + echo -n "ERR 83886341 invalid value" + ;; + 275) + echo -n "ERR 83886355 unknown command" + ;; + esac +} + +getpassword() { + echo "$PINERROR" + echo "$DESCRIPTION" + return + local cmd_prompt=$(cat <<-DLM + \$cred = \$Host.ui.PromptForCredential("$TITLE", + "$PINERROR$DESCRIPTION", + "$KEYINFO", + "gpgkey://$KEYINFO", + "Generic", + "None,ReadOnlyUserName") + if (\$cred) { + Write-Output \$cred.GetNetworkCredential().Password + } +DLM + ) + local cmd_repeat=$(cat <<-DLM + \$cred = \$Host.ui.PromptForCredential("$TITLE", + "$REPEATDESCRIPTION", + "$KEYINFO", + "gpgkey://$KEYINFO", + "Generic", + "None,ReadOnlyUserName") + if (\$cred) { + Write-Output \$cred.GetNetworkCredential().Password + } +DLM + ) + local cmd_lookup=$(cat <<-DLM + \$cred = Get-StoredCredential -Target "$CREDENTIALPREFIX$KEYINFO" -Type GENERIC + if (\$cred) { + Write-Output \$cred.GetNetworkCredential().Password + } +DLM + ) + local credpassword + local credpasswordrepeat + local passwordfromcache=0 + PINERROR="" + if [ "$REPEATPASSWORD" -eq "0" ]; then + if [ "$EXTPASSCACHE" -eq "1" ]; then + if [ -n "$KEYINFO" ]; then + credpassword="$(powershell.exe -nologo -noprofile -noninteractive -command "$cmd_lookup")" + if [ -n "$credpassword" ]; then + echo -en "S PASSWORD_FROM_CACHE\nD $credpassword\nOK" + return + fi + fi + fi + fi + credpassword="$(powershell.exe -nologo -noprofile -noninteractive -command "$cmd_prompt")" + if [ -n "$credpassword" ]; then + if [ "$REPEATPASSWORD" -eq "1" ]; then + credpasswordrepeat="$(powershell.exe -nologo -noprofile -noninteractive -command "$cmd_repeat")" + if [ "$credpassword" == "$credpasswordrepeat" ]; then + echo -en "S PIN_REPEATED\nD $credpassword\nOK" + else + message "$REPEATERROR" > /dev/null + echo -n "$(assuan_result 114)" # unsure this is the correct error + fi + else + echo -en "D $credpassword\nOK" + fi + else + echo -n "$(assuan_result 99)" + fi +} + +removepassword() { + if [ -z "$1" ]; then + echo -n "$(assuan_result 261)" + return + fi + local cmd_remove=$(cat <<-DLM + try { + Remove-StoredCredential -Target "$CREDENTIALPREFIX$1" -Type GENERIC -ErrorAction Stop + } + catch { + Write-Output "$(assuan_result 261)" + return + } + Write-Output "OK" +DLM + ) + echo -n "$(powershell.exe -nologo -noprofile -noninteractive -command "$cmd_remove")" +} + +message() { + local desc + if [ -n "$1" ]; then + desc="$1" + else + desc="$DESCRIPTION" + fi + local cmd=$(cat <<-DLM + \$options = [System.Management.Automation.Host.ChoiceDescription[]] @("$OKBUTTON") + [int]\$defaultchoice = 0 + \$result = \$host.UI.PromptForChoice("$TITLE", + "$desc", + \$options, + \$defaultchoice) +DLM + ) + powershell.exe -nologo -noprofile -noninteractive -command "$cmd" > /dev/null + echo -n "OK" +} + +confirm() { + PINERROR="" + if [ "$1" == "--one-button" ]; then + echo "$(message)" + return + fi + local cmd=$(cat <<-DLM + \$options = [System.Management.Automation.Host.ChoiceDescription[]] @("$OKBUTTON", "$CANCELBUTTON") + [int]\$defaultchoice = 0 + \$result = \$host.UI.PromptForChoice("$TITLE", + "$DESCRIPTION", + \$options, + \$defaultchoice) + if (\$result) { + switch(\$result) + { + 0 { Write-Output "OK"} + 1 { Write-Output "$(assuan_result 99)"} + 2 { Write-Output "$(assuan_result 114)"} + } + } + else { + Write-Output "$(assuan_result 114)" + } +DLM + ) + local result="$(powershell.exe -nologo -noprofile -noninteractive -command "$cmd")" + echo -n "$result" +} + +settimeout() { + # https://stackoverflow.com/questions/21176487/adding-a-timeout-to-batch-powershell + TIMEOUT="$1" + echo -n OK +} + +setdescription() { + DESCRIPTION="$1" + echo -n OK +} + +setprompt() { + PROMPT="$1" + echo -n OK +} + +settitle() { + TITLE="$1" + echo -n OK +} + +setpinerror() { + PINERROR="** $1 ** " + echo -n "$PINERROR" +} + +setkeyinfo() { + if [ "$1" == "--clear" ]; then + KEYINFO="" + else + KEYINFO="$1" + fi + echo -n OK +} + +setrepeatpassword() { + REPEATPASSWORD=1 + REPEATDESCRIPTION="$1" + echo -n OK +} + +setrepeaterror () { + REPEATERROR="$1" + echo -n OK +} + +setokbutton() { + OKBUTTON="${$1//_/&}" + echo -n OK +} + +setcancelbutton() { + CANCELBUTTON="${$1//_/&}" + echo -n OK +} + +setnotokbutton() { + NOTOKBUTTON="${$1//_/&}" + echo -n OK +} + +getinfo() { + if [ "$1" == "version" ]; then + echo -en "D $VERSION\nOK" + elif [ "$1" == "pid" ]; then + echo -en "D $BASHPID\nOK" + else + echo -n "$(assuan_result 275)" + fi +} + +setoption() { + local key="$(echo "$1" | cut -d'=' -s -f1)" + local value="$(echo "$1" | cut -d'=' -s -f2)" + case $key in + allow-external-password-cache) + EXTPASSCACHE=1 + echo -n "OK" + ;; + default-ok) + echo -n $(setokbutton "$value") + ;; + default-cancel) + echo -n $(setcancelbutton "$value") + ;; + default-notok) + echo -n $(setnotokbutton "$value") + ;; + default-prompt) + echo -n $(setprompt "$value") + ;; + *) + echo -n "OK" + ;; + esac +} + +echo "OK Your orders please" +while IFS= read -r line; do + #echo "$line" >> /home/dalep/tracepin.txt + action="$(echo $line | cut -d' ' -f1)" + args="$(echo $line | cut -d' ' -s -f2-)" + #echo "action:$action:" + #echo "args:$args:" + case $action in + BYE) + echo "OK closing connection" + exit 0 + ;; + GETPIN) + echo "$(getpassword)" + ;; + SETTIMEOUT) + echo "$(settimeout "$args")" + ;; + SETDESC) + echo "$(setdescription "$args")" + ;; + SETPROMPT) + echo "$(setprompt "$args")" + ;; + SETTITLE) + echo "$(settitle "$args")" + ;; + SETKEYINFO) + echo "$(setkeyinfo "$args")" + ;; + SETOK) + echo "$(setokbutton "$args")" + ;; + SETCANCEL) + echo "$(setcancelbutton "$args")" + ;; + SETNOTOK) + echo "$(setnotokbutton "$args")" + ;; + CONFIRM) + echo "$(confirm "$args")" + ;; + MESSAGE) + echo "$(message)" + ;; + SETERROR) + echo "$(setpinerror "$args")" + ;; + GETINFO) + echo "$(getinfo "$args")" + ;; + OPTION) + echo "$(setoption "$args")" + ;; + SETREPEAT) + echo "$(setrepeatpassword "$args")" + ;; + SETREPEATERROR) + echo "$(setrepeaterror "$args")" + ;; + CLEARPASSPHRASE) + echo "$(removepassword "$args")" + ;; + RESET) + echo "OK" + ;; + *) + echo "OK" + ;; + esac +done |