- if [ -f "${SYSDATADIR}/ssh_host_rsa_key.pub" ] ; then
- fingerprintSSH=$(ssh-keygen -l -f "${SYSDATADIR}/ssh_host_rsa_key.pub" | \
- awk '{ print $1, $2, $4 }')
- echo "ssh fingerprint: $fingerprintSSH"
+# load the host fingerprint into the fingerprint variable, using the
+# gpg host secret key
+load_fingerprint_secret() {
+ HOST_FINGERPRINT=$( \
+ gpg_host --quiet --list-secret-key \
+ --with-colons --with-fingerprint \
+ | grep '^fpr:' | cut -d: -f10 )
+}
+
+# fail if host key present
+check_host_key() {
+ [ ! -s "$HOST_KEY_FILE" ] \
+ || failure "An OpenPGP host key already exists."
+}
+
+# fail if host key not present
+check_host_no_key() {
+ [ -s "$HOST_KEY_FILE" ] \
+ || failure "You don't appear to have a Monkeysphere host key on this server. Please run 'monkeysphere-host import-key' first."
+}
+
+# output the index of a user ID on the host key
+# return 1 if user ID not found
+find_host_userid() {
+ local userID="$1"
+ local tmpuidMatch
+ local line
+
+ # match to only ultimately trusted user IDs
+ tmpuidMatch="u:$(echo $userID | gpg_escape)"
+
+ # find the index of the requsted user ID
+ # NOTE: this is based on circumstantial evidence that the order of
+ # this output is the appropriate index
+ line=$(gpg_host_list | egrep '^(uid|uat):' | cut -f2,10 -d: | \
+ grep -n -x -F "$tmpuidMatch" 2>/dev/null)
+
+ if [ "$line" ] ; then
+ echo ${line%%:*}
+ return 0