From 827db94875107b8272dcbb5b551b10d83b725657 Mon Sep 17 00:00:00 2001
From: Andrew Cady <d@jerkface.net>
Date: Tue, 28 Sep 2021 18:22:12 -0400
Subject: cryptonomic-gpg implemented

---
 selfpublish.sh | 92 ++++++++++++++++++++++++++++++++++++++++++++--------------
 1 file changed, 71 insertions(+), 21 deletions(-)

(limited to 'selfpublish.sh')

diff --git a/selfpublish.sh b/selfpublish.sh
index 7a600ba..2f6caae 100644
--- a/selfpublish.sh
+++ b/selfpublish.sh
@@ -181,6 +181,12 @@ EOF
     control_file_file /usr/lib/cryptonomic/cryptonomic-gpg 755 <<'EOF'
 #!/bin/sh
 
+die()
+{
+    printf 'Error: %s\n' "$*"
+    exit 1
+}
+
 process_colons()
 {
     local callback="$*" IFS process_colons_break=
@@ -272,6 +278,61 @@ GPG()
     fi
 }
 
+ensure_key_exists()
+{
+    # 2. CHECK IF EXISTING SECRET KEY
+    t=$(GPG -K --with-colons)
+    if [ "$t" ]
+    then
+        # 3. CHECK IF EXISTING KEY HAS UID
+        if GPG -K --with-colons | find_secret_key_with_domain "${cryptonomic_hostname#*.}" | grep -q . && ! force
+        then
+            return
+        fi
+
+        # 4. ADD UID TO EXISTING KEY
+        gpg_default_key=$(GPG -K --with-colons | process_colons match_first_secret_key show_fpr)
+        [ "$gpg_default_key" ]
+        GPG --quick-add-uid "$gpg_default_key" "$uid" || force
+        verbose GPG -K "$gpg_default_key"
+    else
+        # 2.5 GENERATE NEW KEY
+        GPG --batch --passphrase '' --quick-generate-key "$uid"
+        verbose GPG -K "$uid"
+    fi
+}
+
+make_directories_maybe_become_root()
+{
+    if [ -d "$html_dir" ]
+    then
+        if [ -d "$hu_dir" ]
+        then
+            [ -w "$hu_dir" ] || exec sudo -- "$0" "$@" || die "failed to exec sudo"
+        else
+            [ -w "$html_dir" ] || exec sudo -- "$0" "$@" || die "failed to exec sudo"
+            mkdir -p "$hu_dir"
+        fi
+    else
+        die "Directory not found: '$html_dir' -- you probably need to run selfpublish.sh"
+        # TODO: just run selfpublish here
+    fi
+}
+
+process_key()
+{
+    local uid="$1" domain="${1#*@}" destdir="$2" tdir
+    while read keyid some_uid
+    do
+        [ "$some_uid" = "$uid" ] || continue
+        tempdir=$(mktemp -d)
+        /usr/lib/gnupg/gpg-wks-client --install-key -C "$tempdir" "$keyid" "$uid" 2>/dev/null
+        mkdir -p "$destdir"
+        mv "$tempdir"/"$domain"/hu/* -t "$destdir"
+        rm -rf "$tempdir"
+    done
+}
+
 set -e
 
 # 1. GET CRYPTONOMIC UID
@@ -281,34 +342,23 @@ cryptonomic_hostname=$(cryptonomic hostname)
 if [ "$SUDO_USER" ]
 then
     username=$SUDO_USER
+    export GNUPGHOME=~$username/.gnupg
 else
     username=$(id -un)
 fi
 [ "$username" ]
+
 uid=${username}@${cryptonomic_hostname}
+html_dir=/srv/${cryptonomic_hostname#*.}/public_html
+hu_dir=$html_dir/.well-known/openpgpkey/hu
 
-# 2. CHECK IF EXISTING SECRET KEY
-t=$(GPG -K --with-colons)
-if [ "$t" ]
-then
-    # 3. CHECK IF EXISTING KEY HAS UID
-    if GPG -K --with-colons | find_secret_key_with_domain "${cryptonomic_hostname#*.}" | grep -q . && ! force
-    then
-        exit
-    fi
+ensure_key_exists
 
-    # 4. ADD UID TO EXISTING KEY
-    gpg_default_key=$(GPG -K --with-colons | process_colons match_first_secret_key show_fpr)
-    [ "$gpg_default_key" ]
-    GPG --quick-add-uid "$gpg_default_key" "$uid" || force
-    verbose GPG -K "$gpg_default_key"
-    exit 0
-else
-    # 2.5 GENERATE NEW KEY
-    GPG --batch --passphrase '' --quick-generate-key "$uid"
-    verbose GPG -K "$uid"
-    exit 0
-fi
+make_directories_maybe_become_root
+
+GPG --list-options show-only-fpr-mbox -k "$uid" 2>&- | process_key "$uid" "$hu_dir"
+
+printf 'gpg --locate-keys %s\n' "$uid"
 EOF
     control_file_file /usr/bin/cryptonomic 755 <<'EOF'
 #!/bin/dash
-- 
cgit v1.2.3