#!/bin/bash # ADD QR/sec CODE & DUNIKEY TO MEDIAKEY # Fabrique ou récupère un PASS pour fabriquer le QRCode "privé" sécurisé avec openssl # ~/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/${G1PUB}/QRsec.png # http://127.0.0.1:8080/ipns/${IPFSNODEID}/.${IPFSNODEID}/KEY/${MEDIAKEY}/${G1PUB}/QRsec.png for MEDIAKEY in $(ipfs key list); do echo "MEDIAKEY = $MEDIAKEY" [[ "$MEDIAKEY" == "self" ]] && continue KEYFILE=$(~/.zen/astrXbian/zen/tools/give_me_keystore_filename.py "$MEDIAKEY") [[ ! -f $HOME/.ipfs/keystore/$KEYFILE ]] && echo "NO $KEYFILE in keystore. EXIT." && exit 1 [[ ! -d $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY} ]] && echo "NO $MEDIAKEY in .${IPFSNODEID}/KEY. CONTINUE." && continue [[ "$KEYFILE" == "key_" ]] && echo "FATAL $KEYFILE ERROR." && exit 1 ## DUNIKEY PASS ALREADY DONE, or NOT if [[ -f $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/${G1PUB}/.pass.encrypt ]]; then echo "# DECRYPT TO GET PASS" ~/.zen/astrXbian/zen/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/${G1PUB}/.pass.encrypt" -o "/tmp/${MEDIAKEY}.pass" PASS=$(cat "/tmp/${MEDIAKEY}.pass") [[ ! $PASS ]] && echo "PASS EMPTY. EXIT." && exit 1 echo "# DECODING DUNIKEY" openssl enc -aes-256-cbc -d -in "$HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/dunikey.enc" -out "/tmp/${MEDIAKEY}.dunikey" -k $PASS ~/.zen/astrXbian/zen/tools/natools.py privkey -f ipfs-keystore -k $HOME/.ipfs/keystore/$KEYFILE -F pubsec -o /tmp/${MEDIAKEY}.dunikey PubFromDunikey=$(cat /tmp/${MEDIAKEY}.dunikey | grep "pub" | cut -d ' ' -f2) echo ">>>> GOT $PASS for $PubFromDunikey" [[ ! $PubFromDunikey ]] && echo "PubFromDunikey EMPTY. EXIT." && exit 1 else echo "# CREATE 6 DIGIT PASS" PASS=$(echo "${RANDOM}${RANDOM}${RANDOM}${RANDOM}" | tail -c-7) && echo "$PASS" > /tmp/${MEDIAKEY}.pass echo "# MAKE DUNIKEY FROM MEDIAKEY" ~/.zen/astrXbian/zen/tools/natools.py privkey -f ipfs-keystore -k $HOME/.ipfs/keystore/$KEYFILE -F pubsec -o /tmp/${MEDIAKEY}.dunikey echo "# PASS openssl CYPHER DUNIKEY" openssl enc -aes-256-cbc -salt -in /tmp/${MEDIAKEY}.dunikey -out "$HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/dunikey.enc" -k $PASS echo "# KEEP/PUBLISH PASS & KEYFILE" ~/.zen/astrXbian/zen/tools/natools.py encrypt -p $G1PUB -i /tmp/${MEDIAKEY}.pass -o $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/${G1PUB}/.pass.encrypt ~/.zen/astrXbian/zen/tools/natools.py encrypt -p $G1PUB -i $HOME/.ipfs/keystore/$KEYFILE -o $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/${G1PUB}/.ipns.mediakey.encrypt echo "# MAKE QR CODE" PubFromDunikey=$(cat /tmp/${MEDIAKEY}.dunikey | grep "pub" | cut -d ' ' -f2) [[ ! $PubFromDunikey ]] && echo "PubFromDunikey EMPTY. EXIT." && exit 1 qrencode -s 6 -o "$HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/QR.png" "$PubFromDunikey" echo "PubFromDunikey = $PubFromDunikey ($PASS) $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/QR.png" fi if [[ -f $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/QRsec.png ]]; then echo "## $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/QRsec.png ($PASS) is made" else secFromDunikey=$(cat /tmp/${MEDIAKEY}.dunikey | grep "sec" | cut -d ' ' -f2) echo "$secFromDunikey" > /tmp/${MEDIAKEY}.sec openssl enc -aes-256-cbc -salt -in /tmp/${MEDIAKEY}.sec -out "/tmp/${MEDIAKEY}.sec.enc" -k $PASS PASsec=$(cat /tmp/${MEDIAKEY}.sec.enc | base58) qrencode -s 6 -o "$HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/QRsec.png" "$PASsec" echo "## $PASsec ($PASS) => $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/QRsec.png" fi done