1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
#!/bin/sh
# Converts a keyring into a bunch of changesets, one per key.
# Only intended to be used for initial import of keyring.
set -e
if [ -z "$1" ] || [ -z "$2" ]; then
echo "Usage: keyring-expode keyring changesetdir" >&2
exit 1
fi
# avoid gnupg touching ~/.gnupg
GNUPGHOME=$(mktemp -d -t jetring.XXXXXXXX)
export GNUPGHOME
trap cleanup exit
cleanup () {
rm -rf "$GNUPGHOME"
}
keyring=$(readlink -f "$1") # gpg works better with absolute keyring paths
changesetdir="$2"
basename=$(basename "$keyring")
date=`date -R`
if [ -n "$JETRING_SIGN" ] && [ -e "$changesetdir/index" ]; then
JETRING_SIGN=$(readlink -f "$JETRING_SIGN")
gpg --no-auto-check-trustdb --options /dev/null \
--no-default-keyring --keyring "$JETRING_SIGN" \
--verify "$changesetdir/index.gpg" "$changesetdir/index"
fi
mkdir -p "$changesetdir"
touch "$changesetdir/index"
for key in $(gpg --no-auto-check-trustdb --options /dev/null --no-default-keyring --keyring "$keyring" --list-keys|grep '^pub' | sed -e 's!.*/!!' -e 's/ .*//'); do
out="$changesetdir/add-$key"
echo "$out"
(
echo "Comment: extracted from $basename by jetring-explode"
echo "Date: $date"
echo "Action: import"
echo "Data:"
gpg --no-auto-check-trustdb --options /dev/null \
--no-default-keyring --keyring "$keyring" \
-a --export "$key" |
sed 's/^/ /'
) > "$out"
echo "sha256-$(sha256sum "$out" | cut -d " " -f 1) add-$key" >> "$changesetdir/index"
done
if [ -n "$JETRING_SIGN" ] || [ -e "$changesetdir/index.gpg" ]; then
jetring-signindex "$changesetdir"
fi
|
