From: alex <alex@infiniteadaptability.org>
Date: Fri, 24 Jun 2022 01:05:18 +0000 (-0700)
Subject: ...
X-Git-Url: http://git.infiniteadaptability.org/?a=commitdiff_plain;h=8ab2270b4b80e2421a08063f8b1e7e52d49a5601;p=cold
...
---
diff --git a/cold-setup b/cold-setup
index 25a3a10..ea16733 100755
--- a/cold-setup
+++ b/cold-setup
@@ -6,6 +6,10 @@ DATA_DIRECTORY=".data"
M=3
N=7
MODE=
+ENCRYPTION="luks"
+USB_DIRECTORY="$DATA_DIRECTORY/.usb"
+USB_DECRYPT_NAME="cold-usb"
+USB_PATH_PRE_DECRYPT=
BITCOIN_CLI="bitcoin-cli -datadir=$DATA_DIRECTORY -chain=regtest"
@@ -109,6 +113,7 @@ parse_arguments() {
case "$arg" in
"--help") set -- "$@" "-h" ;;
"--interactive") set -- "$@" "-i" ;;
+ "--no-encryption") set -- "$@" "-p" ;;
"--threshold") set -- "$@" "-m" ;;
"--wallets") set -- "$@" "-n" ;;
*) set -- "$@" "$arg" ;;
@@ -117,18 +122,30 @@ parse_arguments() {
# parse short options
OPTIND=1
- while getopts "hm:n:i" opt
+ while getopts "hm:n:ip" opt
do
case "$opt" in
"h") usage ;;
"i") set_mode "interactive" ;;
"m") set_threshold "$OPTARG" ;;
"n") set_wallets "$OPTARG" ;;
+ "p") set_encryption "none" ;;
"?") usage ;;
esac
done
}
+set_encryption() {
+ case "$1" in
+ "luks") ENCRYPTION="luks" ;;
+ "none") ENCRYPTION="" ;;
+ *)
+ log_error "ERROR: unknown encryption \"$1\""
+ usage
+ ;;
+ esac
+}
+
set_mode() {
case "$1" in
"interactive") MODE="interactive" ;;
@@ -168,6 +185,19 @@ usage() {
exit 1
}
+usb_crypt_open() {
+ log_info "usb encrypted... opening..."
+ cryptsetup luksOpen "$USB_PATH" "$USB_DECRYPT_NAME"
+ USB_PATH_PRE_DECRYPT="$USB_PATH"
+ USB_PATH="/dev/mapper/$USB_DECRYPT_NAME"
+}
+
+usb_crypt_close() {
+ log_info "closing encrypted usb..."
+ cryptsetup luksClose "$USB_DECRYPT_NAME"
+ USB_PATH="$USB_PATH_PRE_DECRYPT"
+}
+
usb_detect() {
local DEVNAME
log_msg "plug in usb drive now.\ndetecting..."
@@ -195,35 +225,94 @@ usb_detect() {
echo "$DEVNAME"
}
+usb_encrypt() {
+ log_info "encrypting $USB_PATH..."
+ cryptsetup luksFormat --type luks2 "$USB_PATH"
+}
+
usb_eject() {
- exit 1
+ log_info "ejecting $USB_PATH..."
+ eject "$USB_PATH"
+ log_info "ejected $USB_PATH"
}
usb_load() {
- exit 1
+ log_info "copying descriptors to usb..."
+ wallet_dump_descriptors $1
+
+ cp "$DATA_DIRECTORY/wallet$1.descriptors" "$USB_DIRECTORY/"
+ cp "$DATA_DIRECTORY/descriptors.txt" "$USB_DIRECTORY/"
+
+ local EXPECTED="`b2sum $DATA_DIRECTORY/wallet$1.descriptors $DATA_DIRECTORY/descriptors.txt`"
+ local RESULT="`b2sum $USB_DIRECTORY/wallet$1.descriptors $USB_DIRECTORY/descriptors.txt`"
+
+ if [[ "$EXPECTED" != "$RESULT" ]]; then
+ log_error "ERROR: failed to copy descriptors to usb correctly"
+ exit 1
+ fi
+
+ shred "$DATA_DIRECTORY/wallet$1.descriptors"
+
+ log_info "successfully copied descriptors to usb"
}
usb_mount() {
- exit 1
+ if [[ -n "$ENCRYPTION" ]]; then
+ usb_decrypt
+ fi
+
+ log_info "mounting $USB_PATH at $USB_DIRECTORY"
+ mount "$USB_PATH" "$USB_DIRECTORY"
}
usb_setup() {
- exit 1
+ wipefs -a "$USB_PATH"
+ log_info "filesystem wiped from $USB_PATH"
+
+ if [[ -n "$ENCRYPTION" ]]; then
+ usb_encrypt
+ fi
+
+ log_info "zero'ing $USB_PATH"
+ dd if=/dev/zero of="$USB_PATH"
+ log_info "$USB_PATH filled with zeroes"
+
+ mkfs.ext4 "$USB_PATH"
+ log_info "created new filesystem on $USB_PATH"
}
usb_unmount() {
- exit 1
+ log_info "unmounting $USB_DIRECTORY..."
+ umount "$USB_DIRECTORY"
+
+ if [[ -n "$ENCRYPTION" ]]; then
+ usb_crypt_close
+ fi
}
usbs() {
- local PATH
- local MOUNTPOINT
+ log_msg "creating primary usbs..."
for((i = 1; i <= $N; i++)); do
- PATH="`usb_detect`"
- MOUNTPOINT="`usb_setup "$PATH"`"
- usb_load "$MOUNTPOINT" "$i"
- usb_unmount "$MOUNTPOINT"
- usb_eject "$PATH"
+ log_msg "plug in usb stick for wallet $i..."
+ USB_PATH="`usb_detect`"
+ log_msg "found usb stick $USB_PATH"
+
+ usb_setup
+ usb_load "$i"
+ usb_unmount
+ usb_eject
+ done
+
+ log_msg "creating backup usbs..."
+ for((i = 1; i <= $N; i++)); do
+ log_msg "plug in usb stick for wallet $i..."
+ USB_PATH="`usb_detect`"
+ log_msg "found usb stick $USB_PATH"
+
+ usb_setup
+ usb_load "$i"
+ usb_unmount
+ usb_eject
done
}
@@ -310,6 +399,7 @@ main() {
wallets
multisig_create
+
usbs
wallets_clean