Compare commits
3 commits
f022b1fe3c
...
6f2a105188
| Author | SHA1 | Date | |
|---|---|---|---|
| 6f2a105188 | |||
| e0424c61a8 | |||
| 078495815c |
3 changed files with 23 additions and 23 deletions
36
src/zlevis
36
src/zlevis
|
|
@ -12,6 +12,24 @@ if [ "$1" = "--summary" ]; then
|
|||
exit 0
|
||||
fi
|
||||
|
||||
case "$1" in
|
||||
"decrypt")
|
||||
case "$2" in
|
||||
"pool") zfs list -Ho tpm:jwe "$3" | zlevis-decrypt;;
|
||||
"key") zlevis-decrypt;;
|
||||
*) exit 1;;
|
||||
esac
|
||||
;;
|
||||
"encrypt")
|
||||
case "$2" in
|
||||
"pool") read -r -d . key || zfs set tpm:jwe=$(printf "%s" "$key" | zlevis-encrypt "$4") "$3";;
|
||||
"key") zlevis-encrypt "$3";;
|
||||
*) exit 1;;
|
||||
esac
|
||||
;;
|
||||
*) exit 1;;
|
||||
esac
|
||||
|
||||
# Display usage information if input is from a terminal
|
||||
if [ -t 0 ]; then
|
||||
exec >&2
|
||||
|
|
@ -19,23 +37,5 @@ if [ -t 0 ]; then
|
|||
exit 2
|
||||
fi
|
||||
|
||||
case "$1" in
|
||||
decrypt)
|
||||
case "$2" in
|
||||
pool) zfs list -Ho tpm:jwe $3 | zlevis-decrypt;;
|
||||
key) zlevis-decrypt;;
|
||||
*) exit 1;;
|
||||
esac
|
||||
;;
|
||||
encrypt)
|
||||
case "$2" in
|
||||
pool) read -r -d . key || zfs set tpm:jwe=$(printf "%s" "$key" | zlevis-encrypt $4) $3;;
|
||||
key) zlevis-encrypt $3;;
|
||||
*) exit 1;;
|
||||
esac
|
||||
;;
|
||||
*) exit 1;;
|
||||
esac
|
||||
|
||||
# Exit with the status of the last command
|
||||
exit $?
|
||||
|
|
@ -48,19 +48,19 @@ fi
|
|||
|
||||
# Extract required parameters from the JWE header
|
||||
if ! hash="$(printf "%s" "$jhd" | jose fmt -j- -Og zlevis -g tpm2 -g hash -Su-)"; then
|
||||
echo "JWE missing required 'hash' header parameter!" >&2
|
||||
echo "JWE missing required 'hash' header parameter" >&2
|
||||
exit 1
|
||||
fi
|
||||
if ! key="$(printf "%s" "$jhd" | jose fmt -j- -Og zlevis -g tpm2 -g key -Su-)"; then
|
||||
echo "JWE missing required 'key' header parameter!" >&2
|
||||
echo "JWE missing required 'key' header parameter" >&2
|
||||
exit 1
|
||||
fi
|
||||
if ! jwk_pub="$(printf "%s" "$jhd" | jose fmt -j- -Og zlevis -g tpm2 -g jwk_pub -Su-)"; then
|
||||
echo "JWE missing required 'jwk_pub' header parameter!" >&2
|
||||
echo "JWE missing required 'jwk_pub' header parameter" >&2
|
||||
exit 1
|
||||
fi
|
||||
if ! jwk_priv="$(printf "%s" "$jhd" | jose fmt -j- -Og zlevis -g tpm2 -g jwk_priv -Su-)"; then
|
||||
echo "JWE missing required 'jwk_priv' header parameter!" >&2
|
||||
echo "JWE missing required 'jwk_priv' header parameter" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ fi
|
|||
|
||||
# Validate the configuration input
|
||||
if ! cfg="$(jose fmt -j "$1" -Oo- 2>/dev/null)"; then
|
||||
echo "Configuration is malformed" >&2
|
||||
echo "Configuration '{\"property\":\"value\"}' is malformed" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue