74 lines
3.6 KiB
Bash
Executable File
74 lines
3.6 KiB
Bash
Executable File
#!/bin/bash
|
|
# ADD QR/sec CODE & DUNIKEY TO MEDIAKEY
|
|
# Fabrique ou récupère un PASS pour fabriquer le QRCode "privé" sécurisé avec openssl
|
|
# ~/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/${G1PUB}/QRsec.png
|
|
# http://127.0.0.1:8080/ipns/${IPFSNODEID}/.${IPFSNODEID}/KEY/${MEDIAKEY}/${G1PUB}/QRsec.png
|
|
|
|
for MEDIAKEY in $(ipfs key list);
|
|
do
|
|
|
|
echo "MEDIAKEY = $MEDIAKEY"
|
|
[[ "$MEDIAKEY" == "self" ]] && continue
|
|
KEYFILE=$(~/.zen/astrXbian/zen/tools/give_me_keystore_filename.py "$MEDIAKEY")
|
|
|
|
[[ ! -f $HOME/.ipfs/keystore/$KEYFILE ]] && echo "NO $KEYFILE in keystore. EXIT." && exit 1
|
|
[[ ! -d $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY} ]] && echo "NO $MEDIAKEY in .${IPFSNODEID}/KEY. CONTINUE." && continue
|
|
[[ "$KEYFILE" == "key_" ]] && echo "FATAL $KEYFILE ERROR." && exit 1
|
|
|
|
|
|
## DUNIKEY PASS ALREADY DONE, or NOT
|
|
if [[ -f $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/${G1PUB}/.pass.encrypt ]]; then
|
|
|
|
echo "# DECRYPT TO GET PASS"
|
|
~/.zen/astrXbian/zen/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/${G1PUB}/.pass.encrypt" -o "/tmp/${MEDIAKEY}.pass"
|
|
PASS=$(cat "/tmp/${MEDIAKEY}.pass")
|
|
|
|
[[ ! $PASS ]] && echo "PASS EMPTY. EXIT." && exit 1
|
|
echo "# DECODING DUNIKEY"
|
|
openssl enc -aes-256-cbc -d -in "$HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/dunikey.enc" -out "/tmp/${MEDIAKEY}.dunikey" -k $PASS
|
|
~/.zen/astrXbian/zen/tools/natools.py privkey -f ipfs-keystore -k $HOME/.ipfs/keystore/$KEYFILE -F pubsec -o /tmp/${MEDIAKEY}.dunikey
|
|
PubFromDunikey=$(cat /tmp/${MEDIAKEY}.dunikey | grep "pub" | cut -d ' ' -f2)
|
|
echo ">>>> GOT $PASS for $PubFromDunikey"
|
|
[[ ! $PubFromDunikey ]] && echo "PubFromDunikey EMPTY. EXIT." && exit 1
|
|
|
|
else
|
|
|
|
echo "# CREATE 6 DIGIT PASS"
|
|
PASS=$(echo "${RANDOM}${RANDOM}${RANDOM}${RANDOM}" | tail -c-7) && echo "$PASS" > /tmp/${MEDIAKEY}.pass
|
|
|
|
echo "# MAKE DUNIKEY FROM MEDIAKEY"
|
|
~/.zen/astrXbian/zen/tools/natools.py privkey -f ipfs-keystore -k $HOME/.ipfs/keystore/$KEYFILE -F pubsec -o /tmp/${MEDIAKEY}.dunikey
|
|
|
|
echo "# PASS openssl CYPHER DUNIKEY"
|
|
openssl enc -aes-256-cbc -salt -in /tmp/${MEDIAKEY}.dunikey -out "$HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/dunikey.enc" -k $PASS
|
|
|
|
echo "# KEEP/PUBLISH PASS & KEYFILE"
|
|
~/.zen/astrXbian/zen/tools/natools.py encrypt -p $G1PUB -i /tmp/${MEDIAKEY}.pass -o $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/${G1PUB}/.pass.encrypt
|
|
~/.zen/astrXbian/zen/tools/natools.py encrypt -p $G1PUB -i $HOME/.ipfs/keystore/$KEYFILE -o $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/${G1PUB}/.ipns.mediakey.encrypt
|
|
|
|
echo "# MAKE QR CODE"
|
|
PubFromDunikey=$(cat /tmp/${MEDIAKEY}.dunikey | grep "pub" | cut -d ' ' -f2)
|
|
[[ ! $PubFromDunikey ]] && echo "PubFromDunikey EMPTY. EXIT." && exit 1
|
|
qrencode -s 6 -o "$HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/QR.png" "$PubFromDunikey"
|
|
|
|
echo "PubFromDunikey = $PubFromDunikey ($PASS) $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/QR.png"
|
|
fi
|
|
|
|
if [[ -f $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/QRsec.png ]]; then
|
|
echo "## $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/QRsec.png ($PASS) is made"
|
|
|
|
else
|
|
secFromDunikey=$(cat /tmp/${MEDIAKEY}.dunikey | grep "sec" | cut -d ' ' -f2)
|
|
echo "$secFromDunikey" > /tmp/${MEDIAKEY}.sec
|
|
openssl enc -aes-256-cbc -salt -in /tmp/${MEDIAKEY}.sec -out "/tmp/${MEDIAKEY}.sec.enc" -k $PASS
|
|
|
|
PASsec=$(cat /tmp/${MEDIAKEY}.sec.enc | base58)
|
|
qrencode -s 6 -o "$HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/QRsec.png" "$PASsec"
|
|
echo "## $PASsec ($PASS) => $HOME/.zen/ipfs/.${IPFSNODEID}/KEY/${MEDIAKEY}/QRsec.png"
|
|
|
|
fi
|
|
|
|
|
|
|
|
done
|