summaryrefslogtreecommitdiff
path: root/src/share/m/import_subkey
blob: 8d60f26aaa849cbeeabbeccd8fc2a6f3ea01a9b7 (plain) 
    

  1. # -*-shell-script-*-
    2. 

  2. # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
    3. 

  3. 

  4. # Monkeysphere import-subkey subcommand
    5. 

  5. #
    6. 

  6. # The monkeysphere scripts are written by:
    7. 

  7. # Jameson Rollins <jrollins@finestructure.net>
    8. 

  8. # Jamie McClelland <jm@mayfirst.org>
    9. 

  9. # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
    10. 

  10. #
    11. 

  11. # They are Copyright 2008-2009, and are all released under the GPL,
    12. 

  12. # version 3 or later.
    13. 

  13. 

  14. # import an existing ssh key as a gpg subkey
    15. 

  15. 

  16. ## 2009-02-20 00:49:11-0500: This is not implemented yet, because we
    17. 

  17. ## don't currently have a good way to manipulate the user's OpenPGP
    18. 

  18. ## secret key such that we could make a proper subkey binding
    19. 

  19. ## signature.
    20. 

  20. 

  21. import_subkey() {
    22. 

  22.     local sshKeyFile
    23. 

  23.     local keyID
    24. 

  24.     local gpgSecOut
    25. 

  25.     local fifoDir
    26. 

  26. 

  27.     # FIXME: implement!
    28. 

  28.     failure "import-subkey is not implemented yet.  We welcome patches.  Sorry!"
    29. 

  29. 

  30.     sshKeyFile="$1"
    31. 

  31.     shift
    32. 

  32. 

  33.     # check that key file specified
    34. 

  34.     if [ -z "$sshKeyFile" ] ; then
    35. 

  35.     failure "Must specify ssh key file to import, or specify '-' for stdin."
    36. 

  36.     fi
    37. 

  37. 

  38.     # check that the keyID is unique
    39. 

  39.     keyID=$(check_gpg_sec_key_id "$@")
    40. 

  40. 

  41.     # check that an authentication subkey does not already exist
    42. 

  42.     check_gpg_authentication_subkey "$keyID"
    43. 

  43. 

  44.     # setup the temp fifo dir for retrieving the key password
    45. 

  45.     log debug "creating password fifo..."
    46. 

  46.     fifoDir=$(msmktempdir)
    47. 

  47.     trap "rm -rf $fifoDir" EXIT
    48. 

  48.     (umask 077 && mkfifo "$fifoDir/pass")
    49. 

  49. 

  50.     # import ssh key to as authentication subkey
    51. 

  51.     if [ "$sshKeyFile" = '-' ] ; then
    52. 

  52.     log verbose "importing ssh key from stdin..."
    53. 

  53.     PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
    54. 

  54.         | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import &
    55. 

  55.     else
    56. 

  56.     log verbose "importing ssh key from file '$sshKeyFile'..."
    57. 

  57.     PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" <"$sshKeyFile" \
    58. 

  58.         | gpg_user --passphrase-fd 3 3< "$fifoDir/pass" --expert --command-fd 0 --import &
    59. 

  59.     fi
    60. 

  60. 

  61.     # get the password if needed
    62. 

  62.     passphrase_prompt  "Please enter your passphrase for $keyID: " "$fifoDir/pass"
    63. 

  63. 

  64.     trap - EXIT
    65. 

  65.     rm -rf "$fifoDir"
    66. 

  66.     wait
    67. 

  67.     log verbose "done."
    68. 

  68. }
    69.
generated by cgit v1.2.3 (git 2.46.0) at 2024-11-05 02:29:46 +0000