#@IgnoreInspection BashAddShebang # GPG functionality (Koalephant Shell Script Library) # Version: 2.0.0 # Copyright: 2014, Koalephant Co., Ltd # Author: Stephen Reay , Koalephant Packaging Team # List GPG Public Key ID's # # Input: # $1...n - query key id/name/email to query for, if set # # Output: # the public key ID, if one or more keys are found proc k_gpg_list_keys_public { GPG_BIN --batch --no-tty --with-colons --list-public-keys -- @Argv | grep "^pub:" | cut -d ":" -f 5 !2 >/dev/null } # List GPG Secret Key ID's # # Input: # $1...n - query key id/name/email to query for, if set # # Output: # the secret key ID, if one or more keys are found proc k_gpg_list_keys_secret { GPG_BIN --batch --no-tty --with-colons --list-secret-keys -- @Argv | grep "^sec:" | cut -d ":" -f 5 !2 >/dev/null } # Generate a new GPG Key # # Input: # $1 - the name for the key # $2 - the email for the key # $3 - optional comment for the key # $4 - optional passphrase for the key. If not supplied, the key will not be protected with a passphrase! # # Output: # the new Key ID # # Return: # the exit code from gpg, usually 0 for success and 1 for error proc k_gpg_create { var name = '', email = '', comment = '', passphraseLine = '', gpgOut = '', result = '' set name = $(1) set email = $(2) set comment = $(3:-) setglobal commentLine = ''"" setglobal passphrase = $(4:-) set passphraseLine = ''"" if test -n $(comment) { setglobal commentLine = ""Name-Comment: $(comment)"" } if test -n $(passphrase) { set passphraseLine = ""Passphrase: $(passphrase)"" } else { set passphraseLine = '"%no-protection'" } set gpgOut = $[GPG_BIN --no-tty --batch --generate-key !2 > !1 << """ Key-Type: RSA Key-Length: 2048 Name-Real: $(name) $(commentLine) Name-Email: $(email) $(passphraseLine) Expire-Date: 0 %commit """ ] set result = $Status if test $(result) -eq 0 { echo $(gpgOut) | head -n 1 - | cut --delimiter " " --fields 3 } return ${result} } # Prompt for a new GPG Key Passphrase # # Input: # $1 - the ID of the Key to set a passphrase for # # Return: # the exit code from gpg, usually 0 for success and 1 for error proc k_gpg_password_prompt { var gpgKey = '' set gpgKey = $(1) GPG_BIN --quiet --edit-key -- $(gpgKey) passwd save } # Export an ascii-armored GPG Key # # Input # $1 - the ID of the Key to export # $2 - the destination to export the key to. If a directory is given, a file named with the Key ID and a ".asc" extension will be created in the directory # # Return: # the exit code from gpg, usually 0 for success and 1 for error proc k_gpg_export_armored { var key = '', destination = '' set key = $(1) set destination = $(2) if test -d $(destination) { set destination = ""$(destination)/$(key).asc"" } GPG_BIN --armor --export -- $(key) > $(destination) } # Export a binary GPG key # # Input # $1 - the ID of the Key to export # $2 - the destination to export the key to. If a directory is given, a file named with the Key ID and a ".gpg" extension will be created in the directory # # Return: # the exit code from gpg, usually 0 for success and 1 for error proc k_gpg_export { var key = '', destination = '' set key = $(1) set destination = $(2) if test -d $(destination) { set destination = ""$(destination)/$(key).gpg"" } GPG_BIN --export -- $(key) > $(destination) } # Search for public keys on the configured keyserver(s) # # Input: # $1 - the query term - usually a key ID, email or name. # # Output: # The proc k_gpg_search_keys { var query = $1 GPG_BIN --no-tty --with-colons --batch --search-keys -- $(query) !2 >/dev/null } # Add a public key from the configured keyserver(s) # # Input: # $1...n - the key IDs to add # # Output: # The GPG message proc k_gpg_receive_keys { GPG_BIN --no-tty --batch --receive-keys -- @Argv !2 > !1 | head -n -2 | cut -c 6- } # Check if a variable is in a valid key-id format # # Input: # $1 - the variable to check # # Return: # 0 if valid, 1 if not proc k_gpg_keyid_valid { var keyId = $1 if test $(keyId%%0x*) = "" && shell {test $(#keyId) -eq 10 || test $(#keyId) -eq 18} { set keyId = $(keyId#0x) } shell {test $(#keyId) -eq 8 || test $(#keyId) -eq 16} && test $(keyId) = $[printf "%s" $(keyId) | tr -c -d 'ABCDEFabcdef0123456789] }