#!/bin/sh

# seckey2sshagent: this is a hack of a script to cope with the fact
# that openpgp2ssh currently cannot support encrypted secret keys.

# the basic operating principal is: 

# export the secret key in encrypted format to a new keyring

# remove the passphrase in that keyring

# use that keyring with openpgp2ssh

# Authors: Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
#          Jameson Rollins <jrollins@fifthhorseman.net>


cleanup() {
    echo -n "removing temp gpg home... " 1>&2
    rm -rf $FOO
    echo "done." 1>&2
}

trap cleanup EXIT

#GPGID="$1"
GPGID=$(echo "$1" | cut -c 25-)

FOO=$(mktemp -d)

gpg --export-secret-key $GPGID | GNUPGHOME="$FOO" gpg --import

# idea to script the password stuff.  not working.
# read -s -p "enter gpg password: " PASSWD; echo
# cmd=$(cat <<EOF
# passwd
# $PASSWD
# \n
# \n
# \n
# yes
# save
# EOF
# )
# echo -e "$cmd" | GNUPGHOME="$FOO" gpg --command-fd 0 --edit-key $GPGID

GNUPGHOME="$FOO" gpg --edit-key $GPGID

ln -s /dev/stdin "$FOO"/openpgp

GNUPGHOME="$FOO" gpg --export-secret-key $GPGID | \
    openpgp2ssh $GPGID | ssh-add -c "$FOO"/openpgp