MHDATADIR="${SYSDATADIR}/host"
# host pub key files
-HOST_KEY_FILE="${SYSDATADIR}/host_keys.pub.gpg"
+HOST_KEY_FILE="${SYSDATADIR}/host_keys.pub.pgp"
# UTC date in ISO 8601 format if needed
DATE=$(date -u '+%FT%T')
# list the info about the a key, in colon format, to stdout
gpg_host_list_keys() {
- gpg_host --list-keys --with-colons --fixed-list-mode \
- --with-fingerprint --with-fingerprint \
- "$1"
+ if [ "$1" ] ; then
+ gpg_host --list-keys --with-colons --fixed-list-mode \
+ --with-fingerprint --with-fingerprint \
+ "$1"
+ else
+ gpg_host --list-keys --with-colons --fixed-list-mode \
+ --with-fingerprint --with-fingerprint
+ fi
}
# edit key scripts, takes scripts on stdin, and keyID as first input
gpg_host --command-fd 0 --edit-key "$@"
}
-# export the monkeysphere gpg pub key file
-update_gpg_pub_file() {
+# export the monkeysphere OpenPGP pub key file
+update_pgp_pub_file() {
log debug "updating openpgp public key file '$HOST_KEY_FILE'..."
- gpg_host --export --armor --export-options export-minimal > "$HOST_KEY_FILE"
- log debug "updating fingerprint file '$HOST_KEY_FPR_FILE'..."
- gpg_host --list-secret-key --with-colons --with-fingerprint \
- | awk -F: '/^fpr:/{ print $10 }' > "$HOST_KEY_FPR_FILE"
-}
-
-host_fingerprints() {
- local fprs=($(<"$HOST_KEY_FILE" "$SYSSHAREDIR/keytrans" listfprs))
-
- log debug "host key fingerprints:"
- printf '%s\n' "${fprs[@]}" | log debug
- printf '%s\n' "${fprs[@]}"
+ gpg_host --export --armor --export-options export-minimal \
+ $(gpg_host --list-secret-keys --with-colons --fingerprint | grep ^fpr | cut -f10 -d:) \
+ > "$HOST_KEY_FILE"
}
# check that the service name is well formed
check_key_input() {
local keyID="$1"
# array of fingerprints
- local fprs=($(host_fingerprints))
+ local fprs=($(list_primary_fingerprints <"$HOST_KEY_FILE"))
case ${#fprs[@]} in
0)
*)
if [ -z "$keyID" ] ; then
failure "Your host keyring contains multiple keys.
-Please specify one to act on (see 'monkeysphere-host show-key')."
+Please specify one to act on (see 'monkeysphere-host show-keys')."
fi
;;
esac
grep -q -x -F "$tmpuidMatch" 2>/dev/null
}
+prompt_userid_exists() {
+ local userID="$1"
+ local gpgOut
+ local fingerprint
+
+ if gpgOut=$(gpg_host_list_keys "=${userID}" 2>/dev/null) ; then
+ fingerprint=$(echo "$gpgOut" | grep '^fpr:' | cut -d: -f10)
+ if [ "$PROMPT" != "false" ] ; then
+ printf "Service name '%s' is already being used by key '%s'.\nAre you sure you want to use it again? (y/N) " "$fingerprint" "$userID" >&2
+ read OK; OK=${OK:=N}
+ if [ "${OK/y/Y}" != 'Y' ] ; then
+ failure "Service name not added."
+ fi
+ else
+ log info "Key '%s' is already using the service name '%s'." "$fingerprint" "$userID" >&2
+ fi
+ fi
+}
+
# run command looped over keys
multi_key() {
local cmd="$1"
shift
local keys=$@
local i=0
- local fprs=($(host_fingerprints))
+ local fprs=($(list_primary_fingerprints <"$HOST_KEY_FILE"))
local key
check_no_keys
diagnostics
;;
- 'update-gpg-pub-file')
- update_gpg_pub_file
+ 'update-pgp-pub-file')
+ update_pgp_pub_file
;;
'version'|'v')