2 # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
4 # Monkeysphere authentication list-certifiers subcommand
6 # The monkeysphere scripts are written by:
7 # Jameson Rollins <jrollins@fifthhorseman.net>
8 # Jamie McClelland <jm@mayfirst.org>
9 # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
11 # They are Copyright 2008-2009, and are all released under the GPL,
14 # list the host certifiers
22 # find trusted keys in sphere keychain
23 log debug "finding trusted keys..."
25 # FIXME: this assumes that the keygrip (16 hex chars) is unique; we're
26 # only searching by keygrip at the moment.
28 authgrip=$(core_fingerprint | cut -b 25-40)
30 # We're walking the list of known signatures, and extracting all trust
31 # signatures made by the core fingerprint and known to the sphere
34 # for each one of these, we're printing (colon-delimited): the
35 # fingerprint, the trust depth, the trust level (60 == marginal, 120
36 # == full), and the domain regex (if any):
38 gpg_sphere "--fingerprint --with-colons --fixed-list-mode --check-sigs" | \
39 cut -f 1,2,5,8,9,10 -d: | \
40 egrep '^(fpr:::::|sig:!:'"$authgrip"':[[:digit:]]+ [[:digit:]]+:)' | \
41 while IFS=: read -r type validity grip trustparams trustdomain fpr ; do
43 'fpr') # this is a new key
46 'sig') # print all trust signatures, including regexes if present
47 trustdepth=${trustparams%% *}
48 trustlevel=${trustparams##* }
50 # FIXME: this is clumsy and not human-friendly. we should
51 # print out more human-readable information, if possible.
52 printf "%s:%d:%d:%s\n" "$keyfpr" "$trustdepth" "$trustlevel" "$trustdomain"