blob: 05004f66ee07a1e065b05d1d2765283552d87459 (
plain)
- # -*-shell-script-*-
- # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
- # Monkeysphere gen-subkey subcommand
- #
- # The monkeysphere scripts are written by:
- # Jameson Rollins <jrollins@finestructure.net>
- # Jamie McClelland <jm@mayfirst.org>
- # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
- #
- # They are Copyright 2008-2009, and are all released under the GPL,
- # version 3 or later.
- # generate a subkey with the 'a' usage flags set
- gen_subkey(){
- local keyLength
- local gpgSecOut
- local keyID
- local editCommands
- local fifoDir
- # get options
- while true ; do
- case "$1" in
- -l|--length)
- keyLength="$2"
- shift 2
- ;;
- *)
- if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then
- failure "Unknown option '$1'.
- Type '$PGRM help' for usage."
- fi
- break
- ;;
- esac
- done
- # check that the keyID is unique
- keyID=$(check_gpg_sec_key_id "$@")
- # check that an authentication subkey does not already exist
- check_gpg_authentication_subkey "$keyID"
- # generate the list of commands that will be passed to edit-key
- editCommands="addkey
- 7
- S
- E
- A
- Q
- $keyLength
- 0
- save"
- # setup the temp fifo dir for retrieving the key password
- log debug "creating password fifo..."
- fifoDir=$(msmktempdir)
- (umask 077 && mkfifo "$fifoDir/pass")
- # FIXME: are we adequately cleaning up any trailing gpg process here?
- trap "rm -rf $fifoDir; kill %% || true" EXIT
- echo "$editCommands" | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --edit-key "$keyID" &
- log debug "Prompting for passphrase"
- # FIXME: this needs to fail more gracefully if the passphrase is incorrect
- passphrase_prompt "Please enter your passphrase for $keyID: " "$fifoDir/pass"
- log info "Generating subkey. This may take a long time..."
- trap - EXIT
- rm -rf "$fifoDir"
- wait
- log verbose "done."
- }
|
