tools/mail-signed-keys

   1 #!/bin/sh
   2
   3 if [ -z "$1" -o -z "$2" ]; then
   4    echo "usage: mail-signed-keys keyring signedby" >&2
   5    exit 1
   6 fi
   7
   8 if [ ! -f $1 ]; then
   9     echo "mail-signed-keys: '$1': no such file" >&2
  10     exit 1
  11 fi
  12
  13 [ -f '.#tdb.tmp' ] && rm '.#tdb.tmp'
  14 ro="--trustdb-name=./.#tdb.tmp --dry-run --lock-never --no-default-keyring --keyring $1"
  15
  16 signedby=`gpg $ro --fast-list-mode --list-keys --with-colons $2 \
  17           2>/dev/null | awk -F: '$1=="pub" {print $5; exit 0}'`
  18
  19 if [ -z "$signedby" ]; then
  20     echo "mail-signed-keys: '$2': no such signator" >&2
  21     exit 1
  22 fi
  23
  24 echo "About to send the the keys signed by $signedby" >&2
  25 echo -n "to their owners.  Do you really want to do this? (y/N)" >&2
  26 read
  27 [ "$REPLY" != "y" -a "$REPLY" != "Y" ] && exit 0
  28
  29
  30 gpg $ro --check-sigs --with-colons 2>/dev/null \
  31      | awk -F: -v signedby="$signedby" -v gpgopt="$ro" '
  32 BEGIN         { sendmail="/usr/lib/sendmail -oi -t " }
  33 $1 == "pub"   { nextkid=$5; nextuid=$10
  34                 if( uidcount > 0 ) { myflush() }
  35                 kid=nextkid; uid=nextuid; next
  36               }
  37 $1 == "uid"   { uid=$10 ; next }
  38 $1 == "sig" && $2 == "!" && $5 == signedby  { uids[uidcount++] = uid; next }
  39 END           {  if( uidcount > 0 ) { myflush() } }
  40
  41 function myflush()
  42 {
  43        if ( kid == signedby ) { uidcount=0; return }
  44        print "sending key " substr(kid,9) " to" | "cat >&2"
  45        for(i=0; i < uidcount; i++ ) {
  46            print "    " uids[i] | "cat >&2"
  47            if( i == 0 ) {
  48                 printf "To: %s", uids[i]   | sendmail
  49            }
  50            else {
  51                 printf ",\n    %s", uids[i]   | sendmail
  52            }
  53        }
  54        printf "\n"                                        | sendmail
  55        print "Subject: I signed your key " substr(kid,9)  | sendmail
  56        print ""                                           | sendmail
  57        print "Hi,"                                        | sendmail
  58        print ""                                           | sendmail
  59        print "Here you get back the signed key."          | sendmail
  60        print ""                                           | sendmail
  61        print "ciao,"                                      | sendmail
  62        print "     your Key Signator"                     | sendmail
  63        print ""                                           | sendmail
  64        cmd = "gpg " gpgopt " --export -a " kid " 2>/dev/null"
  65        while( (cmd | getline) > 0 ) {
  66            print | sendmail
  67        }
  68        print ""                                           | sendmail
  69        close(cmd)
  70        close( sendmail )
  71        uidcount=0
  72 }
  73 '
  74
  75