Script for splitting the gpg key

Makefile

@@ -11,6 +11,7 @@ source:
 install:
 	mkdir -p ${DESTDIR}${PREFIX}/bin
 	install -m 755 src/${APP} ${DESTDIR}${PREFIX}/bin
+	install -m 755 src/${APP}-splitkey ${DESTDIR}${PREFIX}/bin
 	install -m 755 src/${APP}-prep ${DESTDIR}${PREFIX}/bin
 	install -m 755 src/${APP}-client ${DESTDIR}${PREFIX}/bin
 	install -m 755 src/${APP}-remote ${DESTDIR}${PREFIX}/bin
@@ -30,6 +31,7 @@ install:
 	install -m 755 src/${APP}-xmpp-pass ${DESTDIR}${PREFIX}/bin
 	mkdir -m 755 -p ${DESTDIR}${PREFIX}/share/man/man1
 	install -m 644 man/${APP}.1.gz ${DESTDIR}${PREFIX}/share/man/man1
+	install -m 644 man/${APP}-splitkey.1.gz ${DESTDIR}${PREFIX}/share/man/man1
 	install -m 644 man/${APP}-prep.1.gz ${DESTDIR}${PREFIX}/share/man/man1
 	install -m 644 man/${APP}-client.1.gz ${DESTDIR}${PREFIX}/share/man/man1
 	install -m 644 man/${APP}-remote.1.gz ${DESTDIR}${PREFIX}/share/man/man1
@@ -49,6 +51,7 @@ install:
 	install -m 644 man/${APP}-xmpp-pass.1.gz ${DESTDIR}${PREFIX}/share/man/man1
 uninstall:
 	rm -f ${PREFIX}/share/man/man1/${APP}.1.gz
+	rm -f ${PREFIX}/share/man/man1/${APP}-splitkey.1.gz
 	rm -f ${PREFIX}/share/man/man1/${APP}-prep.1.gz
 	rm -f ${PREFIX}/share/man/man1/${APP}-client.1.gz
 	rm -f ${PREFIX}/share/man/man1/${APP}-remote.1.gz
@@ -68,6 +71,7 @@ uninstall:
 	rm -f ${PREFIX}/share/man/man1/${APP}-xmpp-pass.1.gz
 	rm -rf ${PREFIX}/share/${APP}
 	rm -f ${PREFIX}/bin/${APP}
+	rm -f ${PREFIX}/bin/${APP}-splitkey
 	rm -f ${PREFIX}/bin/${APP}-prep
 	rm -f ${PREFIX}/bin/${APP}-client
 	rm -f ${PREFIX}/bin/${APP}-remote

debian/source/include-binaries

 man/freedombone.1.gz
+man/freedombone-splitkey.1.gz
 man/freedombone-prep.1.gz
 man/freedombone-client.1.gz
 man/freedombone-remote.1.gz

src/freedombone-splitkey

+#!/bin/bash
+#
+# .---.                  .              .
+# |                      |              |
+# |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.
+# |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'
+# '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'
+#
+#                    Freedom in the Cloud
+#
+# A script which splits a user's gpg key into fragments which
+# may then be shared
+
+# To get a random fragment
+# get a random fragment
+#     fragment_files=($FRAGMENTS_DIR/*)
+#     FRAGMENT_FILE="${files[RANDOM % ${#files[@]}]}"
+
+# License
+# =======
+#
+# Copyright (C) 2015 Bob Mottram <bob@robotics.uk.to>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+KEY_FRAGMENTS=3
+MY_USERNAME=
+MY_EMAIL_ADDRESS=
+
+function show_help {
+    echo ''
+    echo 'freedombone-splitkey -u [username] -n [number of fragments] -e [email address]'
+    echo ''
+    exit 0
+}
+
+while [[ $# > 1 ]]
+do
+key="$1"
+
+case $key in
+    -h|--help)
+    show_help
+    ;;
+    -u|--user)
+    shift
+    MY_USERNAME="$1"
+    ;;
+    -n|--fragments)
+    shift
+    KEY_FRAGMENTS=$1
+    ;;
+    -e|--email)
+    shift
+    MY_EMAIL_ADDRESS=$1
+    ;;
+    *)
+    # unknown option
+    ;;
+esac
+shift
+done
+
+if [ ! $MY_USERNAME ]; then
+    show_help
+fi
+if [ ! -d /home/$MY_USERNAME ]; then
+    echo "User $MY_USERNAME does not exist on the system"
+    exit 7270
+fi
+
+if [ ! -d /home/$MY_USERNAME/.gnupg ]; then
+    echo 'No gpg key found'
+    exit 5393
+fi
+
+FRAGMENTS_DIR=/home/$MY_USERNAME/.gnupg_fragments
+if [ -d $FRAGMENTS_DIR ]; then
+    exit 0
+fi
+
+# get the gpg key ID
+if [ ! $MY_EMAIL_ADDRESS ]; then
+    MY_EMAIL_ADDRESS=$MY_USERNAME@$HOSTNAME
+fi
+KEYID=$(su -c "gpg --list-keys $MY_EMAIL_ADDRESS | grep 'pub '" - \
+        $MY_USERNAME | awk -F ' ' '{print $2}' | awk -F '/' '{print $2}')
+
+# create the key file
+KEYS_FILE=/home/$MY_USERNAME/tempdatafile.asc
+gpg --output /home/$MY_USERNAME/pubkey.txt --armor --export $KEYID
+if [ ! "$?" = "0" ]; then
+    echo "Unable to extract public key for $KEYID"
+    exit 7835
+fi
+gpg --output /home/$MY_USERNAME/privkey.txt --armor --export-secret-key $KEYID
+if [ ! "$?" = "0" ]; then
+    echo "Unable to extract private key for $KEYID"
+    exit 7823
+fi
+cat /home/$MY_USERNAME/pubkey.txt /home/$MY_USERNAME/privkey.txt > $KEYS_FILE
+shred -zu /home/$MY_USERNAME/privkey.txt
+shred -zu /home/$MY_USERNAME/pubkey.txt
+
+# encrypt the keys file with a passphrase
+gpg --output $KEYS_FILE.gpg --symmetric $KEYS_FILE
+if [ ! "$?" = "0" ]; then
+    echo "Unable to encrypt the data prior to splitting"
+    exit 7352
+fi
+shred -zu $KEYS_FILE
+
+# generate fragments
+GPG_KEYS_SIZE_BYTES=$(wc -c <"$KEYS_FILE.gpg")
+GPG_BYTES_PER_FRAGMENT=$((GPG_KEYS_SIZE_BYTES / KEY_FRAGMENTS))
+GPG_BYTES_PER_FRAGMENT=$((GPG_BYTES_PER_FRAGMENT + 1))
+mkdir -p $FRAGMENTS_DIR
+echo "$GPG_BYTES_PER_FRAGMENT / $GPG_KEYS_SIZE_BYTES"
+split --bytes=$GPG_BYTES_PER_FRAGMENT $KEYS_FILE.gpg $FRAGMENTS_DIR/data
+#chown -R $MY_USERNAME:$MY_USERNAME $FRAGMENTS_DIR
+#chmod -R 600 $FRAGMENTS_DIR
+
+# delete the keys file
+shred -zu $KEYS_FILE.gpg
+
+echo "$KEY_FRAGMENTS key fragments created"
+
+exit 0