-# gpg output key fingerprint
-fingerprint_server_key() {
- gpg_host --fingerprint --list-secret-keys
+# add hostname user ID to server key
+add_hostname() {
+ if [ -z "$1" ] ; then
+ failure "You must specify a hostname to add."
+ fi
+
+ userID="ssh://${1}"
+
+ if [ "$(gpg_host --list-key "=${userID}")" ] ; then
+ failure "Host userID '$userID' already exists."
+ fi
+
+ fingerprint=$(fingerprint_server_key)
+
+ adduidCommand=$(cat <<EOF
+adduid
+$userID
+
+
+O
+save
+EOF
+ )
+
+ # add uid
+ echo "$adduidCommand" | gpg_host --quiet --command-fd 0 --edit-key "$fingerprint"
+
+ echo "NOTE: new host userID has not been published."
+ echo "Use '$PGRM publish-key' to publish these changes."
+}
+
+# revoke hostname user ID to server key
+revoke_hostname() {
+ local msg
+ local uidNum
+ local tmpuidMatch
+ local fpr
+ local linenum
+
+ if [ -z "$1" ] ; then
+ failure "You must specify a hostname to revoke."
+ fi
+
+ fpr=$(fingerprint_server_key)
+ tmpuidMatch="u:$(escape "ssh://$1")"
+
+ if linenum=$(gpg_host --list-keys --with-colons --fixed-list-mode "0x$fpr"\! | egrep '^(uid|uat):' | cut -f2,10 -d: | grep -n -x -F "$tmpuidMatch") ; then
+ uidNum=${linenum%%:*}
+ else
+ failure "no non-revoked hostname '$1' is listed."
+ fi
+
+ msg="hostname removed by monkeysphere-server on $(date +%F)"
+
+
+ revuidCommand=$(cat <<EOF
+$uidNum
+revuid
+y
+4
+$msg
+
+y
+save
+EOF
+)
+
+ echo "$revuidCommand" | gpg_host --quiet --command-fd 0 --edit-key "0x$fpr"\!
+
+ echo "NOTE: host userID revokation has not been published."
+ echo "Use '$PGRM publish-key' to publish these changes."