X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fshare%2Fmh%2Fimport_key;h=1b6f267b1e15c5c7c8e5a46775533661efc29cb3;hb=9307f58b4fdf8e139c4fd5de5c3a878b8b12d0b1;hp=557bb7faaee6712942bfe5bdd0eb5b195013c505;hpb=3b48f2e80fac8d0fc62537ed07b3d1f1946648cd;p=monkeysphere.git

diff --git a/src/share/mh/import_key b/src/share/mh/import_key
index 557bb7f..1b6f267 100644
--- a/src/share/mh/import_key
+++ b/src/share/mh/import_key
@@ -8,58 +8,54 @@
 # Jamie McClelland <jm@mayfirst.org>
 # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 #
-# They are Copyright 2008-2009 and are all released under the GPL,
+# They are Copyright 2008-2010 and are all released under the GPL,
 # version 3 or later.
 
 import_key() {
 
-local hostName
-local domain
-local userID
+local keyFile="$1"
+local serviceName="$2"
 
-hostName="$1"
+# check that key file specified
+if [ -z "$keyFile" ] ; then
+    failure "Must specify PEM-encoded key file to import, or specify '-' for stdin."
+fi
 
-# use the default hostname if not specified
-if [ -z "$hostName" ] ; then
-    hostName=$(hostname -f)
-    # test that the domain is not obviously illegitimate
-    domain=${foo##*.}
-    case $domain in
-	'local'|'localdomain')
-	    failure "Host domain '$domain' is not legitimate.  Aborting key import."
-	    ;;
-    esac
-    # test that there are at least two parts
-    if (( $(echo "$hostName" | tr . ' ' | wc -w) < 2 )) ; then
-	failure "Host name '$hostName' is not legitimate.  Aborting key import."
-    fi
+# fail if hostname not specified
+if [ -z "$serviceName" ] ; then
+    failure "You must specify a service name for use in the OpenPGP certificate user ID."
 fi
 
-userID="ssh://${hostName}"
+# test that a key with that user ID does not already exist
+check_key_userid "$serviceName" "$serviceName" && \
+    failure "A key with service name '$serviceName' already exists."
+
+# check that the service name is well formatted
+check_service_name "$serviceName"
 
 # create host home
 mkdir -p "${MHDATADIR}"
-mkdir -p "${MHTMPDIR}"
 mkdir -p "${GNUPGHOME_HOST}"
 chmod 700 "${GNUPGHOME_HOST}"
 
-log verbose "importing ssh key..."
-# translate ssh key to a private key
-PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
-    | gpg_host --import 2>&1 | log debug
-
-# load the new host fpr into the fpr variable.  this is so we can
-# create the gpg pub key file.  we have to do this from the secret key
-# ring since we obviously don't have the gpg pub key file yet, since
-# that's what we're trying to produce (see below).
-load_fingerprint_secret
+# import pem-encoded key to an OpenPGP private key
+if [ "$keyFile" = '-' ] ; then
+    log verbose "importing key from stdin..."
+    PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$serviceName" \
+	| gpg_host --import
+else
+    log verbose "importing key from file '$keyFile'..."
+    PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$serviceName" \
+	<"$keyFile" \
+	| gpg_host --import
+fi
 
-# export to gpg public key to file
-update_gpg_pub_file
+# export to OpenPGP public key to file
+update_pgp_pub_file
 
 log info "host key imported:"
 
 # show info about new key
-show_key
+show_key "$serviceName"
 
 }