skissane · January 19, 2018 04:51
diff --git a/testGpg.sh b/testGpg.sh
 #!/bin/bash
 #
 # testGpg.sh - performs test of GPG functionality using generated key
 #

 # This one-liner switches to script directory respecting symlinks
 cd "$([ -L "$0" ] && dirname "$(_link="$0"; while [ -L "${_link}" ]; do _to="$(readlink "${_link}")"; _link="$([[ "${_to}" = /* ]] && echo "${_to}" || echo "$(dirname "${_link}")/${_to}")"; done; echo "${_link}")" || dirname "$0")"

 # Routine to display error message and exit
 abortMsg() {
 	echo 1>&2 "ERROR: $*"
 	exit 1
 }

 # Debug Level setting
 _debugLevel="--debug-level expert"
 #_debugLevel=""

 # Validate argument
 _privateKeyFile="$1"
 [[ -f "${_privateKeyFile}" ]] ||
 	abortMsg "required argument: PRIVATE-KEY-FILE"

 # Temporary directory
 _tempDir="$(mktemp -d)"

 # Cleanup routine
 function _performCleanup() {
 	ps -ef | fgrep gpg-agent | fgrep -- "${_tempDir}" | awk '{print $2}' | xargs kill
 	#rm -rf "${_tempDir}"
 }
 trap _performCleanup EXIT

 # Write passphrase
 _passPhraseFile="${_tempDir}/passPhraseFile"
 uuidgen >"${_passPhraseFile}" || abortMsg "failed writing passphrase"

 # Print version
 echo "INFO: Dumping GPG version"
 echo ""
 gpg --version || abortMsg "failed dumping GPG version"
 echo ""
 echo "SUCCESS: Dumped GPG version"

 # Generate random test data
 echo "INFO: Generating random test data"
 _randomTestData="${_tempDir}/randomTestData.dat"
 dd if=/dev/urandom of="${_randomTestData}" bs=1024 count=64 ||
 	abortMsg "Generating random test data failed"
 echo "SUCCESS: Random test data generation complete"
 _encryptedData="${_tempDir}/randomTestData.encrypted"
 _decryptedData="${_tempDir}/randomTestData.decrypted"

 # Public home (outbound)
 _publicHome="${_tempDir}/public"
 mkdir -p "${_publicHome}" || abortMsg "creating directory '${_publicHome}' failed"
 chmod 700 "${_publicHome}" || abortMsg "setting permissions on directory '${_publicHome}' failed"

 # Private home (inbound)
 _privateHome="${_tempDir}/private"
 mkdir -p "${_privateHome}" || abortMsg "creating directory '${_privateHome}' failed"
 chmod 700 "${_privateHome}" || abortMsg "setting permissions on directory '${_privateHome}' failed"

 # Start GPG agent
 echo "INFO: Starting GPG agent"
 gpg-agent ${_debugLevel} --homedir "${_privateHome}" --daemon
 echo "DONE: Started GPG agent"

 # Import private key into GPG
 echo "INFO: Importing private key into GPG"
 gpg --batch --pinentry-mode loopback --passphrase-file "${_passPhraseFile}" \
 	--homedir "${_privateHome}" --import "${_privateKeyFile}" ||
 		abortMsg "gpg private key import failed"
 echo "SUCCESS: Private key imported into GPG"

 # Set key trust to ultimate
 echo "INFO: Configure GPG to fully trust private key"
 gpg --homedir "${_privateHome}" --list-keys --with-colons |
 	egrep ^fpr: |
 	cut -d: -f10 |
 	sed -e 's/$/:6:/' |
 	gpg --homedir "${_privateHome}" --import-ownertrust ||
 		abortMsg "GPG key trust failed"
 echo "SUCCESS: Configured GPG to fully trust private key"

 # Export public key
 echo "INFO: Exporting public key"
 _privateKeyId="$(gpg --homedir "${_privateHome}" --list-keys | egrep ^uid | awk '{print$3}')"
 [ -n "${_privateKeyId}" ] || abortMsg "Could not determine ID of private key"
 gpg --homedir "${_privateHome}" --output "${_tempDir}/publicKey.out" --export "${_privateKeyId}" ||
 	abortMsg "public key export failed"
 echo "SUCCESS: Public key exported from GPG"

 # Import public key into GPG public home
 echo "INFO: Importing public key into GPG"
 gpg --homedir "${_publicHome}" --import "${_tempDir}/publicKey.out" ||
 	abortMsg "gpg public key import failed"
 echo "SUCCESS: Public key imported into GPG"

 # Set key trust to ultimate
 echo "INFO: Configure GPG to fully trust public key"
 gpg --homedir "${_publicHome}" --list-keys --with-colons |
 	egrep ^fpr: |
 	cut -d: -f10 |
 	sed -e 's/$/:6:/' |
 	gpg --homedir "${_publicHome}" --import-ownertrust ||
 		abortMsg "GPG key trust failed"
 echo "SUCCESS: Configured GPG to fully trust public key"

 # Encrypt the random test data
 echo "INFO: About to encrypt random data using GPG"
 cat "${_randomTestData}" |
 	gpg --batch --homedir "${_publicHome}" --batch --encrypt \
 		-r "${_privateKeyId}" --cipher-algo AES256 --compress-algo none -o "${_encryptedData}" ||
 	abortMsg "encryption of test data fails"
 echo "SUCCESS: Encrypted random data using GPG"

 # Decrypt the data
 gpg ${_debugLevel} --batch --pinentry-mode loopback --passphrase-file "${_passPhraseFile}" \
 	--homedir "${_privateHome}" --output "${_decryptedData}" --decrypt "${_encryptedData}" \
 		|| abortMsg "decryption failed"
	#!/bin/bash
	#
	# testGpg.sh - performs test of GPG functionality using generated key
	#

	# This one-liner switches to script directory respecting symlinks
	cd "$([ -L "$0" ] && dirname "$(_link="$0"; while [ -L "${_link}" ]; do _to="$(readlink "${_link}")"; _link="$([[ "${_to}" = /* ]] && echo "${_to}" \|\| echo "$(dirname "${_link}")/${_to}")"; done; echo "${_link}")" \|\| dirname "$0")"

	# Routine to display error message and exit
	abortMsg() {
	echo 1>&2 "ERROR: $*"
	exit 1
	}

	# Debug Level setting
	_debugLevel="--debug-level expert"
	#_debugLevel=""

	# Validate argument
	_privateKeyFile="$1"
	[[ -f "${_privateKeyFile}" ]] \|\|
	abortMsg "required argument: PRIVATE-KEY-FILE"

	# Temporary directory
	_tempDir="$(mktemp -d)"

	# Cleanup routine
	function _performCleanup() {
	ps -ef \| fgrep gpg-agent \| fgrep -- "${_tempDir}" \| awk '{print $2}' \| xargs kill
	#rm -rf "${_tempDir}"
	}
	trap _performCleanup EXIT

	# Write passphrase
	_passPhraseFile="${_tempDir}/passPhraseFile"
	uuidgen >"${_passPhraseFile}" \|\| abortMsg "failed writing passphrase"

	# Print version
	echo "INFO: Dumping GPG version"
	echo ""
	gpg --version \|\| abortMsg "failed dumping GPG version"
	echo ""
	echo "SUCCESS: Dumped GPG version"

	# Generate random test data
	echo "INFO: Generating random test data"
	_randomTestData="${_tempDir}/randomTestData.dat"
	dd if=/dev/urandom of="${_randomTestData}" bs=1024 count=64 \|\|
	abortMsg "Generating random test data failed"
	echo "SUCCESS: Random test data generation complete"
	_encryptedData="${_tempDir}/randomTestData.encrypted"
	_decryptedData="${_tempDir}/randomTestData.decrypted"

	# Public home (outbound)
	_publicHome="${_tempDir}/public"
	mkdir -p "${_publicHome}" \|\| abortMsg "creating directory '${_publicHome}' failed"
	chmod 700 "${_publicHome}" \|\| abortMsg "setting permissions on directory '${_publicHome}' failed"

	# Private home (inbound)
	_privateHome="${_tempDir}/private"
	mkdir -p "${_privateHome}" \|\| abortMsg "creating directory '${_privateHome}' failed"
	chmod 700 "${_privateHome}" \|\| abortMsg "setting permissions on directory '${_privateHome}' failed"

	# Start GPG agent
	echo "INFO: Starting GPG agent"
	gpg-agent ${_debugLevel} --homedir "${_privateHome}" --daemon
	echo "DONE: Started GPG agent"

	# Import private key into GPG
	echo "INFO: Importing private key into GPG"
	gpg --batch --pinentry-mode loopback --passphrase-file "${_passPhraseFile}" \
	--homedir "${_privateHome}" --import "${_privateKeyFile}" \|\|
	abortMsg "gpg private key import failed"
	echo "SUCCESS: Private key imported into GPG"

	# Set key trust to ultimate
	echo "INFO: Configure GPG to fully trust private key"
	gpg --homedir "${_privateHome}" --list-keys --with-colons \|
	egrep ^fpr: \|
	cut -d: -f10 \|
	sed -e 's/$/:6:/' \|
	gpg --homedir "${_privateHome}" --import-ownertrust \|\|
	abortMsg "GPG key trust failed"
	echo "SUCCESS: Configured GPG to fully trust private key"

	# Export public key
	echo "INFO: Exporting public key"
	_privateKeyId="$(gpg --homedir "${_privateHome}" --list-keys \| egrep ^uid \| awk '{print$3}')"
	[ -n "${_privateKeyId}" ] \|\| abortMsg "Could not determine ID of private key"
	gpg --homedir "${_privateHome}" --output "${_tempDir}/publicKey.out" --export "${_privateKeyId}" \|\|
	abortMsg "public key export failed"
	echo "SUCCESS: Public key exported from GPG"

	# Import public key into GPG public home
	echo "INFO: Importing public key into GPG"
	gpg --homedir "${_publicHome}" --import "${_tempDir}/publicKey.out" \|\|
	abortMsg "gpg public key import failed"
	echo "SUCCESS: Public key imported into GPG"

	# Set key trust to ultimate
	echo "INFO: Configure GPG to fully trust public key"
	gpg --homedir "${_publicHome}" --list-keys --with-colons \|
	egrep ^fpr: \|
	cut -d: -f10 \|
	sed -e 's/$/:6:/' \|
	gpg --homedir "${_publicHome}" --import-ownertrust \|\|
	abortMsg "GPG key trust failed"
	echo "SUCCESS: Configured GPG to fully trust public key"

	# Encrypt the random test data
	echo "INFO: About to encrypt random data using GPG"
	cat "${_randomTestData}" \|
	gpg --batch --homedir "${_publicHome}" --batch --encrypt \
	-r "${_privateKeyId}" --cipher-algo AES256 --compress-algo none -o "${_encryptedData}" \|\|
	abortMsg "encryption of test data fails"
	echo "SUCCESS: Encrypted random data using GPG"

	# Decrypt the data
	gpg ${_debugLevel} --batch --pinentry-mode loopback --passphrase-file "${_passPhraseFile}" \
	--homedir "${_privateHome}" --output "${_decryptedData}" --decrypt "${_encryptedData}" \
	\|\| abortMsg "decryption failed"