X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=src%2Fshare%2Fmh%2Fimport_key;h=f7c69c3eaeb007becc0f59fc5d4fa74ec6f5c3e6;hb=bb8f498db80efcfffdf60ef317254d7355ea54ef;hp=6a897b6122ff9caed1c2c7fe300842e3311b9101;hpb=f728df69bbb04ed21a437832c486590cc5a83684;p=monkeysphere.git

diff --git a/src/share/mh/import_key b/src/share/mh/import_key
index 6a897b6..f7c69c3 100644
--- a/src/share/mh/import_key
+++ b/src/share/mh/import_key
@@ -13,34 +13,53 @@
 
 import_key() {
 
+local sshKeyFile
 local hostName
+local domain
 local userID
-local fingerprint
 
-# check for presence of secret key
-# FIXME: is this the proper test to be doing here?
-fingerprint_host_key >/dev/null \
-	&& failure "An OpenPGP host key already exists."
+sshKeyFile="$1"
+hostName="$2"
 
-hostName=${1:-$(hostname -f)}
+# check that key file specified
+if [ -z "$sshKeyFile" ] ; then
+    failure "Must specify ssh key file to import, or specify '-' for stdin."
+fi
+
+# fail if hostname not specified
+if [ -z "$hostName" ] ; then
+    failure "You must specify a fully-qualified domain name for use in the host certificate user ID."
+fi
 
 userID="ssh://${hostName}"
 
 # create host home
-mkdir -p "$GNUPGHOME_HOST"
-chmod 700 "$GNUPGHOME_HOST"
+mkdir -p "${MHDATADIR}"
+mkdir -p "${GNUPGHOME_HOST}"
+chmod 700 "${GNUPGHOME_HOST}"
+
+# import ssh key to a private key
+if [ "$sshKeyFile" = '-' ] ; then
+    log verbose "importing ssh key from stdin..."
+    PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
+	| gpg_host --import
+else
+    log verbose "importing ssh key from file '$sshKeyFile'..."
+    PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
+	<"$sshKeyFile" \
+	| gpg_host --import
+fi
 
-log verbose "importing ssh key..."
-# translate ssh key to a private key
-PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" | \
-    gpg_host --import
+# load the new host fpr into the fpr variable.  this is so we can
+# create the gpg pub key file.  we have to do this from the secret key
+# ring since we obviously don't have the gpg pub key file yet, since
+# that's what we're trying to produce (see below).
+load_fingerprint_secret
 
-# find the key fingerprint of the newly converted key
-HOST_FINGERPRINT=$(fingerprint_host_key)
-export HOST_FINGERPRINT
+# export to gpg public key to file
+update_gpg_pub_file
 
-# export public key to file
-gpg_host_export_to_ssh_file
+log info "host key imported:"
 
 # show info about new key
 show_key