From 642a3da6c3b1811b272223b8c903737b5e3f2d25 Mon Sep 17 00:00:00 2001 From: Matěj Cepl Date: Thu, 18 May 2023 23:35:06 +0200 Subject: chore: conversion of the Python script to bash. It is syntactically correct, and that's probably everything good I can say about it. --- pinentry-rofi.sh | 150 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 150 insertions(+) create mode 100755 pinentry-rofi.sh (limited to 'pinentry-rofi.sh') diff --git a/pinentry-rofi.sh b/pinentry-rofi.sh new file mode 100755 index 0000000..661152e --- /dev/null +++ b/pinentry-rofi.sh @@ -0,0 +1,150 @@ +#!/bin/bash + +# SPDX-FileCopyrightText: 2016 Quentin "Sardem FF7" Glidic +# SPDX-FileCopyrightText: 2018-2023 Fredrik Salomonsson +# +# SPDX-License-Identifier: GPL-3.0-or-later + +# Some documentation +# https://info2html.sourceforge.net/cgi-bin/info2html-demo/info2html?(pinentry)Protocol +# https://superuser.com/a/1655428 +# TODO https://superuser.com/questions/1457167/i-want-to-make-pinentry-use-gui-locally-and-cli-on-ssh + +# Although it is called a PIN-Entry, it does allow to enter reasonably +# long strings (at least 2048 characters are supported by every +# pinentry). + +# The client using the PIN-Entry has to check for correctness. + +# Note that all strings are expected to be encoded as UTF-8; +# PINENTRY takes care of converting it to the locally used codeset. +# To include linefeeds or other special characters, you may +# percent-escape them (i.e. a line feed is encoded as `%0A', the +# percent sign itself is encoded as `%25'). + +VERSION="0.0.1" + +log_debug() { + echo "$@" >> /tmp/pinentry-log.txt +} + +rofi_cmd="rofi -dmenu -input /dev/null -password" + + +assuan_send() { + log_debug "assuan_send: $*" + echo "$@" +} + +assuan_send "OK Please go ahead" + +win_title="Prompt for password" +win_prompt="Password" +win_mesg="" + +# gpg-agent[676]: DBG: chan_9 -> OK Pleased to meet you, process 3073 +# gpg-agent[676]: DBG: chan_9 <- RESET +# gpg-agent[676]: DBG: chan_9 -> OK +# gpg-agent[676]: DBG: chan_9 <- OPTION ttyname=/dev/pts/0 +# gpg-agent[676]: DBG: chan_9 -> OK +# gpg-agent[676]: DBG: chan_9 <- OPTION ttytype=xterm-256color +# gpg-agent[676]: DBG: chan_9 -> OK +# gpg-agent[676]: DBG: chan_9 <- OPTION display=:0 +# gpg-agent[676]: DBG: chan_9 -> OK +# gpg-agent[676]: DBG: chan_9 <- OPTION putenv=WAYLAND_DISPLAY=wayland-1 +# gpg-agent[676]: DBG: chan_9 -> OK +# gpg-agent[676]: DBG: chan_9 <- OPTION putenv=XDG_SESSION_TYPE=wayland +# gpg-agent[676]: DBG: chan_9 -> OK +# gpg-agent[676]: DBG: chan_9 <- OPTION putenv=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus +# gpg-agent[676]: DBG: chan_9 -> OK +# gpg-agent[676]: DBG: chan_9 <- OPTION lc-ctype=en_US.UTF-8 +# gpg-agent[676]: DBG: chan_9 -> OK +# gpg-agent[676]: DBG: chan_9 <- OPTION lc-messages=cs_CZ.utf8 +# gpg-agent[676]: DBG: chan_9 -> OK +# gpg-agent[676]: DBG: chan_9 <- GETINFO version +# gpg-agent[676]: DBG: chan_9 -> D 2.3.8 +# gpg-agent[676]: DBG: chan_9 -> OK +# gpg-agent[676]: DBG: chan_9 <- OPTION allow-pinentry-notify +# gpg-agent[676]: DBG: chan_9 -> OK +# gpg-agent[676]: DBG: chan_9 <- OPTION agent-awareness=2.1.0 +# gpg-agent[676]: DBG: chan_9 -> OK +# gpg-agent[676]: DBG: chan_9 <- KEYINFO 8EA96F4B4BD616DA44A2E297F31C0448A74B9D33 + +while : ; do + read -r line + log_debug "line=$line" + if [[ "$line" =~ ^OPTION ]] ; then + # OPTION grab + # OPTION ttyname=/dev/pts/1 + # OPTION ttytype=tmux-256color + # OPTION lc-messages=C + assuan_send "OK" + elif [[ "$line" =~ ^GETINFO ]] ; then + # https://www.gnupg.org/documentation/manuals/gnupg/Agent-GETINFO.html + # version or pid of this script? + # gpg-agent --version works but it must be filtered + IFS=" " read -ra line_arr <<< "$line" + subcommand=${line_arr[1]} + log_debug "subcommand=${subcommand}" + if [[ "$subcommand" == "version" ]] ; then + assuan_send "D ${VERSION}" + elif [[ "$subcommand" == "pid" ]] ; then + assuan_send f"D {os.getpid()}" + fi + assuan_send "OK" + elif [[ "$line" =~ ^SETKEYINFO ]] ; then + # TODO SETKEYINFO s/FINGERPRINT + assuan_send "OK" + elif [[ "$line" =~ ^SETOK|^SETNOTOK|^SETERROR|^SETCANCEL|^SETTIMEOUT|^SETQUALITYBAR|^SETGENPIN ]] ; then + assuan_send "OK" + elif [[ "$line" =~ ^CONFIRM|^MESSAGE ]] ; then + assuan_send "OK" + elif [[ "$line" =~ ^SETDESC ]] ; then + #SETDESC Please enter the passphrase for the ssh key%0A ke:yf:in:ge:rp:ri:nt + # rofi << "-mesg" << $1.gsub("<", "<").gsub(/%([0-9A-Fa-f]{2})/) { $1.to_i(16).chr } + IFS=" " read -ra line_arr <<< "$line" + unset "line_arr[0]" + win_mesg="${line_arr[*]}" + assuan_send "OK" + elif [[ "$line" =~ ^SETPROMPT ]] ; then + #SETPROMPT Passphrase: + IFS=" " read -ra line_arr <<< "$line" + win_prompt="${line_arr[1]}" + assuan_send "OK" + elif [[ "$line" =~ ^GETPIN ]] ; then + passw=None + sys_env="$(systemctl --user show-environment)" + IFS=" " read -ra sys_env_arr <<< "$sys_env" + for env_line in "${sys_env_arr[@]}" ; do + log_debug "env_line=${env_line}" + # GPIN_VALID=re.compile(r) + if [[ "$env_line" =~ ^[A-Za-z_]+=\(.\+\)$ ]] ; then + log_debug "env_match=${BASH_REMATCH[*]}" + export "${BASH_REMATCH[1]}=${BASH_REMATCH[2]}" + fi + done + + rofi_cmd+=" -p ${win_prompt}" + rofi_cmd+=" -title ${win_title}" + if [[ -n "${win_mesg}" ]] ; then + rofi_cmd+=" -mesg ${win_mesg}" + fi + passw="$(eval ${rofi_cmd})" + passw_err=$? + if [[ ${passw_err} -ne 0 ]] ; then + # assuan_send "ERR 83886179 Operation cancelled " + log_debug "rofi failed to run: ${passw} (${passw_err})" + exit $passw_err + else + if [[ -n ${passw} ]] ; then + assuan_send "D ${passw}" + fi + fi + assuan_send "OK" + elif [[ ${line} =~ ^BYE ]] ; then + exit 0 + else + assuan_send "BYE" + exit 1 + fi +done -- cgit