diff options
Diffstat (limited to 'z-distfiles/scripts-gw/gpg-update')
-rwxr-xr-x | z-distfiles/scripts-gw/gpg-update | 144 |
1 files changed, 144 insertions, 0 deletions
diff --git a/z-distfiles/scripts-gw/gpg-update b/z-distfiles/scripts-gw/gpg-update new file mode 100755 index 0000000..23e73af --- /dev/null +++ b/z-distfiles/scripts-gw/gpg-update @@ -0,0 +1,144 @@ +#!/usr/bin/perl -w + +use strict; +use warnings; + +use Crypt::GPG; +use Date::Manip; + +sub promptUser { + + my ($promptString) = @_; + + print $promptString, ": "; + + $| = 1; # force a flush after our print + $_ = <>; # get the input from STDIN (presumably the keyboard) + + chomp; + + return $_; +} + + +sub printKey($) +{ + + my $key = shift; + + print "ID: " . $key->{ID} . "\n"; + print "Owner: " . $key->{UIDs}->[0]->{UID} . "\n"; + +} + +my $date1; +my $date2; +my $flag; +my $info; +my $name; +my $mail; +my @earray; +my $pass; +my $spass; +my $status; +my $delete; +my $finger; + +my $gpg = new Crypt::GPG; + +my @keys = $gpg->keydb(); + +my %expired; + +$ENV{'LC_ALL'}="en_US"; + +foreach my $key (@keys) +{ + if (not $key->{Expires} eq "") + { + $date1 = ParseDate($key->{Expires}); + $date2 = ParseDate("now"); + $flag = Date_Cmp($date1,$date2); + if ($flag < 0) + { + # key expired + print "=> Found expired key.\n\n"; + printKey($key); + print "\nAction required!\n"; + print "--------------------------------------------------------\n"; + push @{$expired{$key->{ID}}}, $key; + } + else + { + print "=> Found key that has not yet expired.\n\n"; + printKey($key); + print "\nNo action required!\n"; + print "--------------------------------------------------------\n"; + } + } + else + { + print "=> Found non-expiring key.\n\n"; + printKey($key); + print "\nNo action required!\n"; + print "--------------------------------------------------------\n"; + } +} + +print "\n########################################################\n\n"; + +foreach my $keypair (keys %expired) +{ + if (scalar (@{$expired{$keypair}}) == 2) + { + print "Expired keypair (" . $keypair . ") will be regenerated!\n"; + print "--------------------------------------------------------\n"; + $info = $expired{$keypair}->[0]->{UIDs}->[0]->{UID}; + ($name = $info) =~ s/\s*\(.*//; + ($mail = $info) =~ s/.*<(.+@.+)>/$1/; + print "User: " . $name . "\n"; + print "Mail: <" . $mail . ">\n"; + $pass = promptUser("New passphrase for this key"); + $status = $gpg->keygen($name, $mail, 'ELG-E', 1024, '90', $pass); + while (<$status>) + { + $pass = $_; + chomp $pass; + print $pass; + } + close $status; + $delete = promptUser("\nReally delete the old key?"); + if ($delete eq "yes") + { + foreach my $key (@{$expired{$keypair}}) + { + $gpg->delkey($key); + } + } + print "--------------------------------------------------------\n"; + } + else + { + print "Expired key (" . $keypair . ") has no matching partner!\n"; + print "--------------------------------------------------------\n"; + } +} + +@keys = $gpg->keydb(); + +print "\n########################################################\n\n"; + +foreach my $key (@keys) +{ + if (scalar (@{$key->{UIDs}->[0]->{Signatures}}) == 1) + { + print "Found key without signature.\n"; + printKey($key); + print "\nExpires: " . $key->{Expires} . "\n"; + print "\nYou might want to consider signing this key with:\n"; + print "\ngpg --default-key post\@gunnarwrobel.de --sign-key " . $key->{ID} . "\n"; + print "\nYou can then send the key to a server with:\n"; + print "\ngpg --send-key " . $key->{ID} . "\n"; + print "--------------------------------------------------------\n"; + } +} |