blob: 60e918efde4443ec995e87a96d17d6e097b9d2e6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
#!/bin/bash
set -x
export LANG=C
TMPDIR=$(mktemp -d)
trap "rm -rf '${TMPDIR}'" EXIT
KEYSERVER='hkp://pool.sks-keyservers.net'
GPG="gpg --quiet --batch --no-tty --no-permission-warning --keyserver "${KEYSERVER}" --homedir ${TMPDIR}"
pushd "$(dirname "$0")" >/dev/null
$GPG --gen-key <<EOF
%echo Generating Parabola Keyring keychain master key...
Key-Type: RSA
Key-Length: 1024
Key-Usage: sign
Name-Real: Parabola Keyring Keychain Master Key
Name-Email: parabola-keyring@localhost
Expire-Date: 0
%commit
%echo Done
EOF
rm -rf packager parabola-trusted
mkdir packager
while read -ra data; do
keyid="${data[0]}"
username="${data[@]:1}"
${GPG} --recv-keys ${keyid} &>/dev/null
printf 'lsign\ny\ny\nsave\ny\n' | \
${GPG} --command-fd 0 --edit-key ${keyid}
echo "${keyid}:4:" | tee -a parabola-trusted
done < packager-keyids
${GPG} --import-ownertrust < parabola-trusted 2>/dev/null
while read -ra data; do
keyid="${data[0]}"
username="${data[@]:1}"
printf 'clean\nquit\n' | \
${GPG} --command-fd 0 --edit-key ${keyid}
FD=$(mktemp)
exec 4>"${FD}"
if ! ${GPG} --list-keys --with-colons ${keyid} 2>/dev/null | grep -q '^pub:f:'; then
echo "key is not fully trusted: ${keyid} ${username}"
else
${GPG} --armor --output packager/${username}.asc --export ${keyid}
fi
done < packager-keyids
cat packager/*.asc > parabola.gpg
popd >/dev/null
if which neato &>/dev/null ; then
${GPG} --list-sigs | perl ./sig2dot.pl | tee parabola-keyring.dot | neato -Tpng -o parabola-keyring-$(date +%Y.%m.%d).png && \
echo "WoT graphed as parabola-keyring-$(date +%Y-%m%-d).png"
else
echo "Install graphviz to generate a graph of parabola-keyring's web of trust."
fi
echo $TMPDIR
rm /tmp/tmp.*
|
