renaming m-h update_gpg_pub_file to update_pgp_pub_file

[monkeysphere.git] / src / share / mh / import_key

diff --git a/src/share/mh/import_key b/src/share/mh/import_key
index 74dc0b3816d7584b2483498238efb6599299896b..1b6f267b1e15c5c7c8e5a46775533661efc29cb3 100644 (file)
--- a/src/share/mh/import_key
+++ b/src/share/mh/import_key
@@ -8,38 +8,54 @@
 # Jamie McClelland <jm@mayfirst.org>
 # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 #
-# They are Copyright 2008-2009 and are all released under the GPL,
+# They are Copyright 2008-2010 and are all released under the GPL,
 # version 3 or later.
 
 import_key() {
 
-local hostName
-local userID
+local keyFile="$1"
+local serviceName="$2"
 
-hostName=${1:-$(hostname -f)}
-userID="ssh://${hostName}"
+# check that key file specified
+if [ -z "$keyFile" ] ; then
+    failure "Must specify PEM-encoded key file to import, or specify '-' for stdin."
+fi
+
+# fail if hostname not specified
+if [ -z "$serviceName" ] ; then
+    failure "You must specify a service name for use in the OpenPGP certificate user ID."
+fi
+
+# test that a key with that user ID does not already exist
+check_key_userid "$serviceName" "$serviceName" && \
+    failure "A key with service name '$serviceName' already exists."
+
+# check that the service name is well formatted
+check_service_name "$serviceName"
 
 # create host home
 mkdir -p "${MHDATADIR}"
-mkdir -p "${MHTMPDIR}"
 mkdir -p "${GNUPGHOME_HOST}"
 chmod 700 "${GNUPGHOME_HOST}"
 
-log verbose "importing ssh key..."
-# translate ssh key to a private key
-PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" \
-    | gpg_host --import
+# import pem-encoded key to an OpenPGP private key
+if [ "$keyFile" = '-' ] ; then
+    log verbose "importing key from stdin..."
+    PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$serviceName" \
+       | gpg_host --import
+else
+    log verbose "importing key from file '$keyFile'..."
+    PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$serviceName" \
+       <"$keyFile" \
+       | gpg_host --import
+fi
 
-# load the new host fpr into the fpr variable.  this is so we can
-# create the gpg pub key file.  we have to do this from the secret key
-# ring since we obviously don't have the gpg pub key file yet, since
-# that's what we're trying to produce (see below).
-load_fingerprint_secret
+# export to OpenPGP public key to file
+update_pgp_pub_file
 
-# export to gpg public key to file
-create_gpg_pub_file
+log info "host key imported:"
 
 # show info about new key
-show_key
+show_key "$serviceName"
 
 }