search

Nitrokey / gnupg-docker

Build and use specific GnuPG version using Ubuntu image within Docker's container
GNU General Public License v3.0
9 stars 5 forks source link

Integrate Nitroinit #4

Open szszszsz opened 5 years ago

szszszsz commented 5 years ago

Integrate another tool, Nitroinit, to project. It would be especially useful due to latest version of the GPGME, which is required by this project to run correctly.

szszszsz commented 5 years ago

Added draft of the solution to repository, in a separate branch. To use it please run:

$ git clone https://github.com/Nitrokey/gnupg-docker.git  -b 4-integrate-nitroinit gnupg-docker-nitroinit
$ cd gnupg-docker-nitroinit
$ ./docker-build.sh
# (Build messages ...)
$ ./docker-run.sh
# (Execution messages ...)
$ ./nitroinit.py

This will build and run environment, and the last one is used to run Nitroinit.

Edit: git is required to automatically download the repository with Nitroinit during the installation. Edit: link to branch code: https://github.com/Nitrokey/gnupg-docker/tree/4-integrate-nitroinit

jans23 commented 5 years ago

When executing nitroinit, it fails:

./nitroinit.py --expert 

Nitroinit - Create and import GnuPG keys to the Nitrokey

No keyfile was provided. We create a new key, back it up and then import it to the Nitrokey.
You can provide an existing key via '--keyfile' flag. Please use '--help' for more information.
We start key creation now...

Please select the algorithm and size you want:
   (1)  RSA 2048
   (2)  RSA 3072
   (3)  RSA 4096
   (4)  NIST P-256
   (7)  Brainpool P-256
Your selection? 4

Please provide a user ID to identify your key.
Enter the name for the user ID: Bla
Enter the email address for the user ID: info@example.com
Enter a comment to include (optional): 

Traceback (most recent call last):
  File "./nitroinit.py", line 227, in <module>
    main(args.keyfile, args.expert)
  File "./nitroinit.py", line 179, in main
    keyfile = create_key(expert)
  File "/app/nitroinit/keycreation.py", line 115, in create_key
    pubdata = c.key_export(newkey.fpr)
  File "/usr/lib/python3/dist-packages/gpg/core.py", line 128, in __getattr__
    func = getattr(gpgme, name)
AttributeError: module 'gpg.gpgme' has no attribute 'gpgme_key_export'
szszszsz commented 5 years ago
  1. Does it work for RSA keys?
  2. Will check later again, but it seemed to be working and reproducible. Worked for me surely, on Fedora 29 being a host.
  3. Could you execute please the following to update the local copy of Ubuntu docker image, and try again? 
    sudo docker pull ubuntu:rolling

edit: typo

jans23 commented 5 years ago

It does work with RSA. sudo docker pull ubuntu:rolling doesn't help.

szszszsz commented 5 years ago

I see. Will check again for ECC. It looks like the cause is on the Python bindings side.

szszszsz commented 5 years ago

Perhaps it would be easier for this setup to just switch to Arch Linux Docker image altogether, instead of trying to run it on Ubuntu: https://hub.docker.com/r/archlinux/base/.