diff --git a/LICENSE b/LICENSE index 7bca53b..dadedf7 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2015 Kevin +Copyright (c) 2015 Kevin Douglas Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index 4aa2a2f..77ce25a 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,28 @@ -# asc-key-to-qr-code +# Paper Backups of Ascii PGP Keys + Shell scripts to convert between ascii armor PGP keys and QR codes for paper backup + +# Convert Ascii Armor Key Files To QR Code Images + + [kevin@computer]$ asc2qr.sh ~/gpg_public_key.asc + generating QR1.png + generating QR2.png + + [kevin@computer]$ ls -l + total 24 + -rw-r--r-- 1 kevin group 6873 Mar 7 11:30 QR1.png + -rw-r--r-- 1 kevin group 1251 Mar 7 11:30 QR2.png + +# Convert QR Code Images to Ascii Armor Key Files + + [kevin@computer]$ qr2asc.sh *.png + decoding QR1.png + decoding QR2.png + + [kevin@computer]$ ls -l + total 32 + -rw-r--r-- 1 kevin group 3127 Mar 7 11:30 mykey.asc + + [kevin@computer]$ diff ~/gpg_public_key.asc mykey.asc + [kevin@computer]$ + diff --git a/asc2qr.sh b/asc2qr.sh new file mode 100755 index 0000000..c5d6ea8 --- /dev/null +++ b/asc2qr.sh @@ -0,0 +1,82 @@ +#!/bin/bash + +##### +# +# Author: Kevin Douglas +# +# Simple command line script to backup ascii armor gpg keys to paper. You can +# use the following commands to export your keys in ascii armor format: +# +# gpg --armor --export > pgp-public-keys.asc +# gpg --armor --export-secret-keys > pgp-private-keys.asc +# gpg --armor --gen-revoke [your key ID] > pgp-revocation.asc +# +# These can then be used to restore your keys if necessary. +# +# This script will allow you to convert the above ascii armor keys into a +# printable QR code for long-term archival. +# +# This script depends on the following libraries/applications: +# +# libqrencode (http://fukuchi.org/works/qrencode/) +# +# If you need to backup or restore binary keys, see this link to get started: +# +# https://gist.github.com/joostrijneveld/59ab61faa21910c8434c#file-gpg2qrcodes-sh +# +##### + +# Maximum chuck size to send to the QR encoder. QR version 40 supports +# 2,953 bytes of storage. +file_split_size=2800 + +# Prefix string for the PNG images that are produced +image_prefix="QR" + +# Argument/usage check +if [ $# -ne 1 ]; then + echo "usage: `basename ${0}` " + exit 1 +fi + +asc_key=${1} +if [ ! -f ${asc_key} ]; then + echo "key file not found: ${asc_key}" + exit 1 +fi + +# Create a temp file to use as a pattern for splitting the input key file. +# This helps protect against file collisions in the current directory. +export TMPDIR="" +tmp_file=$(mktemp keyparts.XXXXXX) +if [ $? -ne 0 ]; then + echo "failed to create temporary file" + exit 1 +fi + +# Split the key file into usable chunks that the QR encoder can consume +split -b ${file_split_size} ${asc_key} "${tmp_file}." + +# For each chunk, encode it into a qc image +index=1 +for file in ${tmp_file}.*; do + img="${image_prefix}${index}.png" + echo "generating ${img}" + cat ${file} | qrencode -o ${img} + if [ $? -ne 0 ]; then + echo "failed to encode image" + exit 2 + fi + index=$((index+1)) +done + +# Find the correct secure deletion utility (srm on Mac, shred on Linux) +sec_del="srm" +which ${sec_del} 2>&1 1>/dev/null +if [ $? -ne 0 ]; then + sec_del="shred --remove" +fi + +# Securely clean up temporary files +${sec_del} ${tmp_file} +${sec_del} ${tmp_file}.* diff --git a/qr2asc.sh b/qr2asc.sh new file mode 100755 index 0000000..fdb4e8f --- /dev/null +++ b/qr2asc.sh @@ -0,0 +1,74 @@ +#!/bin/bash + +##### +# +# Author: Kevin Douglas +# +# Simple command line script to restore ascii armor gpg keys from a QR image. +# You can use the following commands to import your restored keys: +# +# gpg --import pgp-public-keys.asc +# gpg --import pgp-private-keys.asc +# +# This script will allow you to convert QR images created with asc2qr.sh +# info an ascii armor pgp key. +# +# This script depends on the following libraries/applications: +# +# libqrencode (http://fukuchi.org/works/qrencode/) +# zbar (http://zbar.sourceforge.net) +# +# If you need to backup or restore binary keys, see this link to get started: +# +# https://gist.github.com/joostrijneveld/59ab61faa21910c8434c#file-gpg2qrcodes-sh +# +##### + +# Name of the output key after decoding +output_key_name="mykey.asc" + +# Argument/usage check +if [ $# -lt 1 ]; then + echo "usage: `basename ${0}` [QR image 2] [...]" + exit 1 +fi + +# Create a temp file to use as a pattern for splitting the input key file. +# This helps protect against file collisions in the current directory. +export TMPDIR="" +tmp_file=$(mktemp keyparts.XXXXXX) +if [ $? -ne 0 ]; then + echo "failed to create temporary file" + exit 1 +fi + +# For each image on the command line, decode it into text +index=1 +for img in "$@"; do + if [ ! -f ${img} ]; then + echo "image file not found: ${img}" + exit 1 + fi + asc_key="${tmp_file}.${index}" + echo "decoding ${img}" + zbarimg --raw ${img} 2>/dev/null | perl -p -e 'chomp if eof' > ${asc_key} + if [ $? -ne 0 ]; then + echo "failed to decode QR image" + exit 2 + fi + index=$((index+1)) +done + +echo "creating ${output_key_name}" +cat ${tmp_file}.* > ${output_key_name} + +# Find the correct secure deletion utility (srm on Mac, shred on Linux) +sec_del="srm" +which ${sec_del} 2>&1 1>/dev/null +if [ $? -ne 0 ]; then + sec_del="shred --remove" +fi + +# Securely clean up temporary files +${sec_del} ${tmp_file} +${sec_del} ${tmp_file}.*