2 ##############################################
3 # Script for Secure Linux Project #
4 # Copyright(c) 2005, 2006 by Roland Haeder #
5 ##############################################
6 # Purpose: Create keys and key-images #
7 ##############################################
8 # This software is licensed under the GNU #
9 # General Public License Version 2 or either #
10 # and comes with ABSOLUTELY NO WARRANTY #
11 # neither implied nor explicit. #
12 ##############################################
14 . ./.settings.sh || exit 3
15 mkdir $VERBOSE -p $BASEDIR/setup/{images,keys}
17 if test -e $BASEDIR/.seed; then
18 echo "$0: Using saved seed... "
19 losetup -d $LOOP_ASSET > /dev/null 2>&1
21 echo -n "$0: Creating seed... "
22 head -c $SEED_LEN $RAND | uuencode -m - | head -2 | tail -1 > $BASEDIR/.seed
26 if test -e $BASEDIR/.stick_seed; then
27 echo "$0: Using saved stick seed... "
28 losetup -d $LOOP_ASSET > /dev/null 2>&1
30 echo -n "$0: Creating seed... "
31 head -c $SEED_LEN $RAND | uuencode -m - | head -2 | tail -1 > $BASEDIR/.stick_seed
35 for user in $USERS; do
36 if ! test -e "$BASEDIR/setup/keys/$user-$MULTI_KEY_SUFFIX"; then
37 echo "$0: Generate key for $user..."
38 gpg $OPENPGP --quiet --gen-key --cipher-algo $CIPHER
40 echo "$0: Key found for $user."
44 if ! test -e "$MASTER"; then
45 echo -n "$0: Generating master key... "
46 head -c 2925 $RAND | uuencode -m - | head -n 66 | tail -n 65 | gpg $OPENPGP --cipher-algo $CIPHER -e -a -r $MASTER_USER > $MASTER 2> /dev/null
49 echo "$0: Master key found."
52 mkdir $VERBOSE $KEYS > /dev/null 2>&1
55 # Generate options list
57 for user in $USERS; do
58 OPTIONS="$OPTIONS -r $user"
61 # Write multi-key for encrypting disc
62 if ! test -e "$MULTI_KEY"; then
63 gpg $OPENPGP --decrypt < "$MASTER" | gpg $OPENPGP -e -a --always-trust $OPTIONS > "$MULTI_KEY" || exit 1
65 echo "$0: User-key found."
68 # Write another multi-key for accessing the stick
69 if ! test -e "$STICK_KEY"; then
70 gpg $OPENPGP --decrypt < "$MASTER" | gpg $OPENPGP -e -a --always-trust $OPTIONS > "$STICK_KEY" || exit 1
72 echo "$0: Stick-key found."
75 # Write additional keys
76 for key in $EXTRA_KEYS; do
77 FILE="$BASEDIR/setup/keys/$key"
78 if ! test -e "$FILE"; then
79 echo "$0: Generating key $key..."
80 gpg $OPENPGP --decrypt < "$MULTI_KEY" | gpg $OPENPGP -e -a --always-trust $OPTIONS > "$FILE" || exit 1
82 echo "$0: Key $key found."
86 # Write keys for the users
87 for user in $USERS; do
88 if ! test -e "$BASEDIR/setup/keys/$user-$MULTI_KEY_SUFFIX"; then
89 echo "$0: Generating key-file for $user ..."
90 gpg $OPENPGP --decrypt < "$MULTI_KEY" | gpg $OPENPGP -e -a --always-trust -r "$user" > "$BASEDIR/setup/keys/$user-$MULTI_KEY_SUFFIX"
92 echo "$0: Key found for $user."
98 echo "Now you may want to execute asset.sh to continue"
99 echo "You can also customize some things now."