src/share/mh/gen_key



# -*-shell-script-*-
# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)

# Monkeysphere host gen-key subcommand
#
# The monkeysphere scripts are written by:
# Jameson Rollins <jrollins@finestructure.net>
# Jamie McClelland <jm@mayfirst.org>
# Daniel Kahn Gillmor <dkg@fifthhorseman.net>
#
# They are Copyright 2008-2009, and are all released under the GPL,
# version 3 or later.

gen_key() {

local hostName
local keyType="RSA"
local keyLength="2048"
local keyUsage="auth"
local keyExpire="0"
local userID

# get options
while true ; do
    case "$1" in
        -l|--length)
        keyLength="$2"
        shift 2
        ;;
        *)
        if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then
            failure "Unknown option '$1'.
Type '$PGRM help' for usage."
        fi
        break
        ;;
    esac
done

hostName=${1:-$(hostname -f)}
userID="ssh://${hostName}"

# create host home
mkdir -p "$GNUPGHOME_HOST"
chmod 700 "$GNUPGHOME_HOST"

log debug "generating host key..."
gpg_host --batch --gen-key <<EOF
Key-Type: $keyType
Key-Length: $keyLength
Key-Usage: $keyUsage
Name-Real: $userID
Expire-Date: $keyExpire

%commit
%echo done

EOF

# load the new host fpr into the fpr variable
load_fingerprint_secret

# export the host secret key to the monkeysphere ssh sec key file
# NOTE: assumes that the primary key is the proper key to use
log debug "creating ssh secret key file..."
(umask 077 && \
    gpg_host --export-secret-key "$HOST_FINGERPRINT" | \
    openpgp2ssh "$HOST_FINGERPRINT" > "${MHDATADIR}/ssh_host_rsa_key")
log info "SSH host secret key file: ${MHDATADIR}/ssh_host_rsa_key"

# export the host public key to the monkeysphere ssh pub key file
log debug "creating ssh public key file..."
ssh-keygen -y -f "${MHDATADIR}/ssh_host_rsa_key" > "$HOST_KEY_PUB"
log info "SSH host public key file: $HOST_KEY_PUB"

# export to gpg public key to file
create_gpg_pub_file

# show info about new key
show_key

}