[Webfunds-commits] scripts ricardian_keys
Ian Grigg
iang@cypherpunks.ai
Wed, 23 Aug 2000 12:47:16 -0400 (AST)
iang 00/08/23 12:47:16
Added: . ricardian_keys
Log:
Script to drive GPG in batch mode to generate Ricardian keys
Revision Changes Path
1.1 scripts/ricardian_keys
Index: ricardian_keys
===================================================================
usage ()
{
echo "Usage: ${0##*/} { --server | --cert | --contract | --operator } \\"
echo " [--pass phrase] [--sign] \\"
echo " [--id Id] [--email email] [--comment comment]"
exit 1
}
tmp=/tmp/keygen$$
DSA_sign=2
pass=''
server=false
operator=false
contract=false
cert=false
gid=$(id -g)
uid=$(id -u)
pw=":$uid:$gid:"
id=$(sed -e /${pw}/'!d' -e s/.*${pw}// -e s/:.*// < /etc/passwd)
email="${USER}@$(hostname)"
comment="# Name-Comment: (ignored)"
while true
do
case "$1" in
"--server") server=true ;;
"--operator") operator=true ;;
"--cert") cert=true ;;
"--contract") contract=true ;;
"--sign") sign=true ;;
"--pass"*|"-p") pass=$2 ; shift ;;
"--id"*|"-i") id=$2 ; shift ;;
"--email"*|"-e") email=$2 ; shift ;;
"--comment"*|"-c") comment=" Name-Comment: $2" ; shift ;;
"--help"|"-?") usage ;;
*) break ;;
esac
shift
done
$contract || $server || $cert || $operator || usage
if [ -z "$pass" ]
then
echo "Empty Passphrase - Watch Out!"
passphrase="# Passphrase: ${pass}"
else
echo "Don't forget your Passphrase!"
passphrase="Passphrase: ${pass}"
fi
makeit ()
{
echo Insecure FileIO
gpg --batch --gen-key -a <<END_keygen
%echo Generating $1 key
Key-Type: DSA
Key-Length: 1024
# Subkey-Type: ELG-E
# Subkey-Length: 1024
Name-Real: ${id} [$1]
${comment}
Name-Email: ${email}
Expire-Date: 0
${passphrase}
# these are keyfiles not keyrings
%pubring $1.pub
%secring $1.sec
# Do a commit here, so that we can later print "done" :-)
%commit
%echo done
END_keygen
gpg < $1.sec
}
if $server
then
top="operator"
work="server"
makeit "server"
elif $operator
then
top="operator"
work="server"
makeit "operator"
elif $cert
then
top="cert"
work="contract"
makeit "cert"
elif $contract
top="cert"
work="contract"
makeit "contract"
else
echo "No key type specified?"
usage
fi
if $sign
then
echo "signing is not recommended on your real keyring, Continue?"
read answer
case "$answer" in
[yY]*) ;;
*) exit 1 ;;
esac
gpg --import $work.pub
gpg --sign-key -u "[$top]" "[$work]"
gpg -a --export "[$work]" > $work.pub
gpg -v < $work.pub
# gpg --yes --delete-secret-key $top
gpg --yes --delete-key "[$work]"
# gpg --yes --delete-key $top
fi