summaryrefslogtreecommitdiff
path: root/src/share/m/import_subkey
blob: 3571c7b4697bc298dfd487230de06af4d7444aaf (plain)
  1. # -*-shell-script-*-
  2. # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
  3. # Monkeysphere import-subkey subcommand
  4. #
  5. # The monkeysphere scripts are written by:
  6. # Jameson Rollins <jrollins@finestructure.net>
  7. # Jamie McClelland <jm@mayfirst.org>
  8. # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
  9. #
  10. # They are Copyright 2008-2009, and are all released under the GPL,
  11. # version 3 or later.
  12. # import an existing ssh key as a gpg subkey
  13. ## 2009-02-20 00:49:11-0500: This is not implemented yet, because we
  14. ## don't currently have a good way to manipulate the user's OpenPGP
  15. ## secret key such that we could make a proper subkey binding
  16. ## signature.
  17. import_subkey() {
  18. local sshKeyFile
  19. local keyID
  20. local gpgSecOut
  21. local fifoDir
  22. # FIXME: implement!
  23. failure "import-subkey is not implemented yet. We welcome patches. Sorry!"
  24. sshKeyFile="$1"
  25. shift
  26. # check that key file specified
  27. if [ -z "$sshKeyFile" ] ; then
  28. failure "Must specify ssh key file to import, or specify '-' for stdin."
  29. fi
  30. # check that the keyID is unique
  31. keyID=$(check_gpg_sec_key_id "$@")
  32. # check that an authentication subkey does not already exist
  33. check_gpg_authentication_subkey "$keyID"
  34. # setup the temp fifo dir for retrieving the key password
  35. log debug "creating password fifo..."
  36. fifoDir=$(msmktempdir)
  37. trap "rm -rf $fifoDir" EXIT
  38. (umask 077 && mkfifo "$fifoDir/pass")
  39. # import ssh key to as authentication subkey
  40. if [ "$sshKeyFile" = '-' ] ; then
  41. log verbose "importing ssh key from stdin..."
  42. PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
  43. | gpg_user --batch --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import &
  44. else
  45. log verbose "importing ssh key from file '$sshKeyFile'..."
  46. PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" <"$sshKeyFile" \
  47. | gpg_user --batch --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import &
  48. fi
  49. # get the password if needed
  50. passphrase_prompt "Please enter your passphrase for $keyID: " "$fifoDir/pass"
  51. trap - EXIT
  52. rm -rf "$fifoDir"
  53. wait
  54. log verbose "done."
  55. }