-
-
Save 0rbadvent/3c788ee0db0e550438c0159dd846e10f to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #GPG=gpg | |
| # or | |
| GPG=gpg2 | |
| # Create test keys in `original_gnupg_test_home` folder | |
| mkdir original_gnupg_test_home 2>/dev/null | |
| cd original_gnupg_test_home | |
| export GNUPGHOME="$(pwd)" | |
| # Gen key with one subkey | |
| $GPG --gen-key | |
| # Add another one subkey | |
| PRIMARY="$($GPG -K | grep "^sec" | awk '{print $2}' | sed -r 's/[0-9RD]+\///')" | |
| $GPG --edit-key "$PRIMARY" addkey |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #GPG=gpg | |
| # or | |
| GPG=gpg2 | |
| split_and_save() | |
| ( | |
| # Save splitted keyparts to folders | |
| rm -rf "$1" 2>/dev/null | |
| mkdir "$1" | |
| cd "$1" | |
| ( | |
| mkdir secring | |
| cd secring | |
| cat "$GNUPGHOME"/secring.gpg | gpgsplit | |
| ) | |
| ( | |
| mkdir pubring | |
| cd pubring | |
| cat "$GNUPGHOME"/pubring.gpg | gpgsplit | |
| ) | |
| ) | |
| # Use temp folder as gnupg home | |
| export GNUPGHOME="$(mktemp -d)" | |
| # Fill it with pre-generated test keys | |
| cp -r original_gnupg_test_home/* "$GNUPGHOME" | |
| export PRIMARY="$($GPG -K | grep "^sec" | awk '{print $2}' | sed -r 's/[0-9RD]+\///')" | |
| export SUBONE="$($GPG -K | grep "^ssb" | head -n 1 | awk '{print $2}' | sed -r 's/[0-9RD]+\///')" | |
| export SUBTWO="$($GPG -K | grep "^ssb" | tail -n 1 | awk '{print $2}' | sed -r 's/[0-9RD]+\///')" | |
| # Split original keyparts for compare in future | |
| split_and_save initial | |
| cat <<EOF | |
| ============================================================= | |
| Expire first or second subkey, compare the result | |
| > key 1 | |
| > expire | |
| > save | |
| or | |
| > key 2 | |
| > expire | |
| > save | |
| ============================================================= | |
| Press [Enter] key to continue... | |
| EOF | |
| read | |
| $GPG --edit-key "$PRIMARY" | |
| # Split expired keyparts for compare in future | |
| split_and_save expired | |
| clear | |
| cat <<EOF | |
| ============================================================= | |
| In this keyring: | |
| EOF | |
| $GPG -k | |
| # Export secret keys to tempfile | |
| TEMPEXPORT="$(mktemp)" | |
| $GPG --export-secret-keys > "$TEMPEXPORT" | |
| # Use new empty gnupg home | |
| export GNUPGHOME="$(mktemp -d)" | |
| # Import from tempfile | |
| $GPG --import "$TEMPEXPORT" >/dev/null 2>&1 | |
| cat <<EOF | |
| ============================================================= | |
| After reimporting to new keyring: | |
| EOF | |
| $GPG -k | |
| cat <<EOF | |
| $SUBONE key will disappear if you've edited $SUBTWO, and $SUBTWO is still not expired. | |
| Here is the diff. See which key parts had changed in pub and sec rings. | |
| EOF | |
| diff -r initial expired |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment