3 ### Key type for GNU Privacy Guard
5 ### (c) 2011 Mark Wooding
8 ###----- Licensing notice ---------------------------------------------------
10 ### This file is part of the distorted.org.uk key management suite.
12 ### distorted-keys is free software; you can redistribute it and/or modify
13 ### it under the terms of the GNU General Public License as published by
14 ### the Free Software Foundation; either version 2 of the License, or
15 ### (at your option) any later version.
17 ### distorted-keys is distributed in the hope that it will be useful,
18 ### but WITHOUT ANY WARRANTY; without even the implied warranty of
19 ### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 ### GNU General Public License for more details.
22 ### You should have received a copy of the GNU General Public License
23 ### along with distorted-keys; if not, write to the Free Software Foundation,
24 ### Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
28 ## Run GnuPG with some standard options.
30 gpg --homedir="$base" --no-permission-warning -q --batch \
35 defprops k_props <<EOF
37 main_length t $R_NUMERIC
39 sub_length t $R_NUMERIC
42 cipher_prefs t $R_WORDSEQ
43 digest_prefs t $R_WORDSEQ
44 compress_prefs t $R_WORDSEQ
50 : ${kprop_main_type=RSA} ${kprop_main_length=3072}
51 : ${kprop_sub_type=ELG-E} ${kprop_sub_length=3072}
52 : ${kprop_cipher_prefs=AES256 AES TWOFISH 3DES BLOWFISH CAST5}
53 : ${kprop_digest_prefs=SHA256 SHA1 RIPEMD160}
54 : ${kprop_compress_prefs=ZLIB ZIP}
56 : ${kprop_realname=%{realname\}} ${kprop_email=%{email\}}
57 : ${kprop_comment=%{comment-nil\}}
63 prefs="$kprop_cipher_prefs $kprop_digest_prefs $kprop_compress_prefs"
65 case ${kprop_s2k_cipher+t} in
67 *) set -- $kprop_cipher_prefs; kprop_s2k_cipher=$1 ;;
69 case ${kprop_s2k_digest+t} in
71 *) set -- $kprop_digest_prefs; kprop_s2k_digest=$1 ;;
74 cat >"$base/gpg.conf" <<EOF
75 ### GnuPG configuration
77 ## Annoying copyright notice and other tedious warnings.
82 ## Algorithm selection
83 s2k-cipher-algo $kprop_s2k_cipher
84 s2k-digest-algo $kprop_s2k_digest
85 personal-cipher-preferences $kprop_cipher_prefs
86 personal-digest-preferences $kprop_digest_prefs
87 personal-compress-preferences $kprop_compress_prefs
88 default-preference-list $prefs
92 Key-Type: $kprop_main_type
93 Key-Length: $kprop_main_length
94 Passphrase: $(cat "$nub")
96 case ${kprop_sub_type-nil} in
99 Subkey-Type: $kprop_sub_type
100 Subkey-Length: $kprop_sub_length
103 real=$(subst "\`realname' value" "$kprop_realname" kopt_ "$R_LINE")
104 email=$(subst "\`email' value" "$kprop_email" kopt_ "$R_LINE")
109 comment=$(subst "\`comment' value" "$kprop_comment" kopt_ "$R_LINE")
112 Name-Comment: $comment
116 } | run_gnupg "$base" --gen-key
118 ## Commit the new key.
119 run_gnupg "$base" --fingerprint --with-colons | \
120 grep '^fpr:' | cut -d: -f10 >"$base/fpr"
121 run_gnupg "$base" --export --armor --output="$base/pub"
126 run_gnupg "$base" --encrypt --armor --recipient=$(cat "$base/fpr")
131 run_gnupg "$base" --passphrase-file "$nub" --decrypt
136 run_gnupg "$base" --passphrase-file "$nub" --detach-sign --armor
141 echo "$sig" >$tmp/sig
142 if run_gnupg "$base" --verify $tmp/sig - >/dev/null 2>$tmp/err
150 ###----- That's all, folks --------------------------------------------------