X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fshare%2Fma%2Fadd_certifier;h=e9731cc8da17740da7d73d4287286ccb2c5d73b3;hb=3b81cd012e8224490a3836cccbd7d082a061658e;hp=0c3c647663db387a98ed70e88574f7b8e9ca4cdc;hpb=b5cdb9cff70a5ab6982e79c7acd0c9bc0a010c49;p=monkeysphere.git diff --git a/src/share/ma/add_certifier b/src/share/ma/add_certifier index 0c3c647..e9731cc 100644 --- a/src/share/ma/add_certifier +++ b/src/share/ma/add_certifier @@ -3,6 +3,20 @@ # Monkeysphere authentication add-certifier subcommand # +# This function adds a certifier whose signatures will be used to +# calculate validity of keys used to connect to user accounts on the +# server. The specified certifier key is first retrieved from the Web +# of Trust with the monkeysphere-user-controlled gpg_sphere keyring. +# Once then new key is retrieved, it is imported into the core +# keyring. The gpg_core then ltsigns the key with the desired trust +# level, and then the key is exported back to the gpg_sphere keyring. +# The gpg_sphere has ultimate owner trust of the core key, so the core +# ltsigs on the new certifier key can then be used by gpg_sphere +# calculate validity for keys inserted in the authorized_keys file. +# +# This is all to keep the monkeysphere user that connects to the +# keyservers from accessing the core secret key. +# # The monkeysphere scripts are written by: # Jameson Rollins # Jamie McClelland @@ -11,24 +25,17 @@ # They are Copyright 2008-2009, and are all released under the GPL, # version 3 or later. -# retrieve key from web of trust, import it into the host keyring, and -# ltsign the key in the host keyring so that it may certify other keys - add_certifier() { -local domain -local trust -local depth +local domain= +local trust=full +local depth=1 local keyID +local importinfo local fingerprint local ltsignCommand local trustval -# set default values for trust depth and domain -domain= -trust=full -depth=1 - # get options while true ; do case "$1" in @@ -59,7 +66,7 @@ if [ -z "$keyID" ] ; then failure "You must specify the key ID of a key to add, or specify a file to read the key from." fi if [ -f "$keyID" ] ; then - echo "Reading key from file '$keyID':" + log info "Reading key from file '$keyID':" importinfo=$(gpg_sphere "--import" < "$keyID" 2>&1) || failure "could not read key from '$keyID'" # FIXME: if this is tried when the key database is not # up-to-date, i got these errors (using set -x): @@ -79,7 +86,7 @@ if [ -f "$keyID" ] ; then keyID=$(echo "$importinfo" | grep '^gpg: key ' | cut -f2 -d: | cut -f3 -d\ ) if [ -z "$keyID" ] || [ $(echo "$keyID" | wc -l) -ne 1 ] ; then - failure "Expected there to be a single gpg key in the file." + failure "There was not exactly one gpg key in the file." fi else # get the key from the key server @@ -96,8 +103,7 @@ if [ -z "$fingerprint" ] ; then failure "Key '$keyID' not found." fi -echo -echo "key found:" +log info -e "\nkey found:" gpg_sphere "--fingerprint 0x${fingerprint}!" echo "Are you sure you want to add the above key as a" @@ -106,18 +112,23 @@ if [ "${OK/y/Y}" != 'Y' ] ; then failure "Identity certifier not added." fi -# export the key to the host keyring +# export the key to the core keyring so that the core can sign the +# new certifier key gpg_sphere "--export 0x${fingerprint}!" | gpg_core --import -if [ "$trust" = marginal ]; then - trustval=1 -elif [ "$trust" = full ]; then - trustval=2 -else - failure "Trust value requested ('$trust') was unclear (only 'marginal' or 'full' are supported)." -fi - -# ltsign command +case "$trust" in + 'marginal') + trustval=1 + ;; + 'full') + trustval=2 + ;; + *) + failure "Trust value requested ('$trust') was unclear (only 'marginal' or 'full' are supported)." + ;; +esac + +# edit-key script to ltsign key # NOTE: *all* user IDs will be ltsigned ltsignCommand=$(cat <