Recover gpg key from fragments

Makefile

@@ -12,6 +12,7 @@ install:
 	mkdir -p ${DESTDIR}${PREFIX}/bin
 	install -m 755 src/${APP} ${DESTDIR}${PREFIX}/bin
 	install -m 755 src/${APP}-splitkey ${DESTDIR}${PREFIX}/bin
+	install -m 755 src/${APP}-recoverkey ${DESTDIR}${PREFIX}/bin
 	install -m 755 src/${APP}-prep ${DESTDIR}${PREFIX}/bin
 	install -m 755 src/${APP}-client ${DESTDIR}${PREFIX}/bin
 	install -m 755 src/${APP}-remote ${DESTDIR}${PREFIX}/bin
@@ -32,6 +33,7 @@ install:
 	mkdir -m 755 -p ${DESTDIR}${PREFIX}/share/man/man1
 	install -m 644 man/${APP}.1.gz ${DESTDIR}${PREFIX}/share/man/man1
 	install -m 644 man/${APP}-splitkey.1.gz ${DESTDIR}${PREFIX}/share/man/man1
+	install -m 644 man/${APP}-recoverkey.1.gz ${DESTDIR}${PREFIX}/share/man/man1
 	install -m 644 man/${APP}-prep.1.gz ${DESTDIR}${PREFIX}/share/man/man1
 	install -m 644 man/${APP}-client.1.gz ${DESTDIR}${PREFIX}/share/man/man1
 	install -m 644 man/${APP}-remote.1.gz ${DESTDIR}${PREFIX}/share/man/man1
@@ -52,6 +54,7 @@ install:
 uninstall:
 	rm -f ${PREFIX}/share/man/man1/${APP}.1.gz
 	rm -f ${PREFIX}/share/man/man1/${APP}-splitkey.1.gz
+	rm -f ${PREFIX}/share/man/man1/${APP}-recoverkey.1.gz
 	rm -f ${PREFIX}/share/man/man1/${APP}-prep.1.gz
 	rm -f ${PREFIX}/share/man/man1/${APP}-client.1.gz
 	rm -f ${PREFIX}/share/man/man1/${APP}-remote.1.gz
@@ -72,6 +75,7 @@ uninstall:
 	rm -rf ${PREFIX}/share/${APP}
 	rm -f ${PREFIX}/bin/${APP}
 	rm -f ${PREFIX}/bin/${APP}-splitkey
+	rm -f ${PREFIX}/bin/${APP}-recoverkey
 	rm -f ${PREFIX}/bin/${APP}-prep
 	rm -f ${PREFIX}/bin/${APP}-client
 	rm -f ${PREFIX}/bin/${APP}-remote

debian/source/include-binaries

@@ -1,5 +1,6 @@
 man/freedombone.1.gz
 man/freedombone-splitkey.1.gz
+man/freedombone-recoverkey.1.gz
 man/freedombone-prep.1.gz
 man/freedombone-client.1.gz
 man/freedombone-remote.1.gz

src/freedombone-recoverkey

@@ -0,0 +1,119 @@
+#!/bin/bash
+#
+# .---.                  .              .
+# |                      |              |
+# |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.
+# |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'
+# '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'
+#
+#                    Freedom in the Cloud
+#
+# A script which recovers a user's gpg key from a number of fragments
+
+# License
+# =======
+#
+# Copyright (C) 2015 Bob Mottram <bob@robotics.uk.to>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+function show_help {
+    echo ''
+    echo 'freedombone-recoverkey -u [username]'
+    echo ''
+    exit 0
+}
+
+while [[ $# > 1 ]]
+do
+key="$1"
+
+case $key in
+    -h|--help)
+    show_help
+    ;;
+    -u|--user)
+    shift
+    MY_USERNAME="$1"
+    ;;
+    *)
+    # unknown option
+    ;;
+esac
+shift
+done
+
+if [ ! $MY_USERNAME ]; then
+    show_help
+fi
+if [ ! -d /home/$MY_USERNAME ]; then
+    echo "User $MY_USERNAME does not exist on the system"
+    exit 7270
+fi
+
+if [ ! $MY_USERNAME ]; then
+    echo 'No username given'
+    exit 3578
+fi
+if [ ! -d /home/$MY_USERNAME ]; then
+    echo "User $MY_USERNAME does not exist on the system"
+    exit 7270
+fi
+FRAGMENTS_DIR=/home/$MY_USERNAME/.gnupg_fragments
+if [ ! -d $FRAGMENTS_DIR ]; then
+    echo 'No fragments have been recovered, so the key cannot be recovered'
+    exit 7483
+fi
+
+# join the fragments
+if [ ! -d /home/$MY_USERNAME/.tempgnupg ]; then
+    mkdir /home/$MY_USERNAME/.tempgnupg
+fi
+KEYS_FILE=/home/$MY_USERNAME/.tempgnupg/tempfile.asc
+cat $FRAGMENTS_DIR/data* > $KEYS_FILE.gpg
+if [ ! "$?" = "0" ]; then
+    echo 'Unable to find key fragments'
+    exit 8727
+fi
+
+# decrypt the file
+cd /home/$MY_USERNAME/.tempgnupg
+gpg -d $KEYS_FILE.gpg -o $KEYS_FILE
+if [ ! "$?" = "0" ]; then
+    echo 'Unable to decrypt data. This may mean that not enough fragments are available'
+    exit 6283
+fi
+shred -zu $KEYS_FILE.gpg
+if [ ! -f $KEYS_FILE ]; then
+    echo 'Unable to find decrypted key file. This may mean that not enough fragments are available'
+    exit 8358
+fi
+echo 'Key fragments decrypted'
+
+# import the gpg key
+su -c "gpg --allow-secret-key-import --import $KEYS_FILE" - $MY_USERNAME
+if [ ! "$?" = "0" ]; then
+    echo 'Unable to import gpg key'
+    shred -zu $KEYS_FILE
+    rm -rf /home/$MY_USERNAME/.tempgnupg
+    exit 3682
+fi
+shred -zu $KEYS_FILE
+chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
+chmod -R 600 /home/$MY_USERNAME/.gnupg
+rm -rf /home/$MY_USERNAME/.tempgnupg
+
+echo 'GPG key was recovered'
+
+exit 0