# -*-shell-script-*-
# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)

# Monkeysphere host gen-key subcommand
#
# The monkeysphere scripts are written by:
# Jameson Rollins <jrollins@finestructure.net>
# Jamie McClelland <jm@mayfirst.org>
# Daniel Kahn Gillmor <dkg@fifthhorseman.net>
#
# They are Copyright 2008-2009, and are all released under the GPL,
# version 3 or later.

gen_key() {

local hostName
local keyType="RSA"
local keyLength="2048"
local keyUsage="auth"
local keyExpire="0"
local userID

# get options
while true ; do
	case "$1" in
	    -l|--length)
		keyLength="$2"
		shift 2
		;;
	    *)
		if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then
		    failure "Unknown option '$1'.
Type '$PGRM help' for usage."
		fi
		break
		;;
	esac
done

hostName=${1:-$(hostname -f)}
userID="ssh://${hostName}"

# create host home
mkdir -p "${MHDATADIR}"
mkdir -p "${MHTMPDIR}"
mkdir -p "${GNUPGHOME_HOST}"
chmod 700 "${GNUPGHOME_HOST}"

log debug "generating host key..."
gpg_host --batch --gen-key <<EOF
Key-Type: $keyType
Key-Length: $keyLength
Key-Usage: $keyUsage
Name-Real: $userID
Expire-Date: $keyExpire

%commit
%echo done

EOF

# load the new host fpr into the fpr variable
load_fingerprint_secret

# export the host secret key to the monkeysphere ssh sec key file
# NOTE: assumes that the primary key is the proper key to use
log debug "creating ssh secret key file..."
(umask 077 && \
    gpg_host --export-secret-key "$HOST_FINGERPRINT" | \
    openpgp2ssh "$HOST_FINGERPRINT" > "${MHDATADIR}/ssh_host_rsa_key")
log info "SSH host secret key file: ${MHDATADIR}/ssh_host_rsa_key"

# export the host public key to the monkeysphere ssh pub key file
log debug "creating ssh public key file..."
ssh-keygen -y -f "${MHDATADIR}/ssh_host_rsa_key" > "$HOST_KEY_PUB"
log info "SSH host public key file: $HOST_KEY_PUB"

# export to gpg public key to file
create_gpg_pub_file

# show info about new key
show_key

}