From 1ab20d5fea38a45da42a29c5a0bb7b69912d9742 Mon Sep 17 00:00:00 2001 From: drduh Date: Sat, 10 May 2025 16:27:14 -0700 Subject: [PATCH] gen key functions --- scripts/generate.sh | 43 ++++++++++++++++++++++++++++++------------- 1 file changed, 30 insertions(+), 13 deletions(-) diff --git a/scripts/generate.sh b/scripts/generate.sh index 3be3c0a..e04000f 100755 --- a/scripts/generate.sh +++ b/scripts/generate.sh @@ -11,7 +11,7 @@ export LC_ALL="C" export GNUPGHOME=$(mktemp -d -t $(date +%Y.%m.%d)-XXXX) -cd "${GNUPGHOME}" ; pwd +cd "${GNUPGHOME}" ; printf "saving to %s\n" "$(pwd)" export IDENTITY="YubiKey User " @@ -30,23 +30,40 @@ get_pass () { export CERTIFY_PASS="$(get_pass)" -echo "$CERTIFY_PASS" | \ - gpg --batch --passphrase-fd 0 \ - --quick-generate-key "$IDENTITY" "$KEY_TYPE" cert never +gen_key_certify () { + # Generates Certify key with no expiration. + echo "$CERTIFY_PASS" | \ + gpg --batch --passphrase-fd 0 \ + --quick-generate-key "$IDENTITY" \ + "$KEY_TYPE" "cert" "never" +} -export KEYID=$(gpg -k --with-colons "$IDENTITY" | \ - awk -F: '/^pub:/ { print $5; exit }') +set_key_id_fp () { + # Sets Key ID and Fingerprint environment vars. + export KEYID=$(gpg -k --with-colons "$IDENTITY" | \ + awk -F: '/^pub:/ { print $5; exit }') + export KEYFP=$(gpg -k --with-colons "$IDENTITY" | \ + awk -F: '/^fpr:/ { print $10; exit }') +} -export KEYFP=$(gpg -k --with-colons "$IDENTITY" | \ - awk -F: '/^fpr:/ { print $10; exit }') +gen_key_certify + +set_key_id_fp printf "\nKey ID: %40s\nKey FP: %40s\n\n" "$KEYID" "$KEYFP" -for SUBKEY in sign encrypt auth ; do \ - echo "$CERTIFY_PASS" | \ - gpg --batch --pinentry-mode=loopback --passphrase-fd 0 \ - --quick-add-key "$KEYFP" "$KEY_TYPE" "$SUBKEY" "$KEY_EXPIRATION" -done +gen_key_subs () { + # Generates Subkeys with specified expiration. + for SUBKEY in sign encrypt auth ; do \ + echo "$CERTIFY_PASS" | \ + gpg --batch --passphrase-fd 0 \ + --pinentry-mode=loopback \ + --quick-add-key "$KEYFP" \ + "$KEY_TYPE" "$SUBKEY" "$KEY_EXPIRATION" + done +} + +gen_key_subs gpg -K