export GPG_TTY=$(tty) echo You have not selected a key to use. We will now make a new one. echo The personal details you provide below will not be shared anywhere without getting your permission first. pgp_ok= while [ -z $pgp_ok ]; do echo echo -n "Your name: " read pgp_name echo -n "Your email: " read pgp_email echo echo "You have entered: " echo "Name: $pgp_name" echo "Email: $pgp_email" echo echo -n "(Yes/No): " read pgp_r r=${pgp_r:0:1} if [ "$r" == "y" ]; then pgp_ok=1 elif [ "$r" == "Y" ]; then pgp_ok=1 fi echo echo "Ok, let's try again..." done echo -e "\e[0;93mYou will now be asked for a passphrase to protect your new key." echo "It will not be shown back to you as you type, nor after you have typed it in." echo "If you lose this passphrase you WILL lose access to your key PERMANENTLY." echo "Keep it secret." echo -e "Keep it safe.\e[0m" stty -echo password_match= while [ -z $password_match ]; do echo echo -n "password: " read password echo echo -n "password again: " read password_again echo if [ "$password" == "$password_again" ]; then password_match=1 else echo "passwords do not match, try again" fi done stty echo password_file=`mktemp` touch $password_file chmod -v 600 $password_file echo -n $password > $password_file t=`mktemp -d` gpg --homedir $t --pinentry-mode loopback --passphrase-file $password_file --quick-gen-key "$pgp_name (CIC staff client signing key) <$pgp_email>" secp256k1 sign 0 #echo -e "\e[0;93mNow let's see if you've forgotten your passphrase already" #echo -e "Please enter it again at the given prompts to import the newly created key into your environment\e[0m" mkdir -vp $HOME/.config/cic/staff-client/.gnupg chmod 0700 -v $HOME/.config/cic/staff-client/.gnupg gpg --homedir $t --pinentry-mode loopback --passphrase-file $password_file --export-secret-keys | gpg --pinentry-mode loopback --passphrase-file $password_file --homedir $HOME/.config/cic/staff-client/.gnupg --import gpg --homedir $HOME/.config/cic/staff-client/.gnupg --export -a > $HOME/.config/cic/staff-client/user.asc gpg --list-packets $HOME/.config/cic/staff-client/user.asc | awk '/issuer fpr/ { print $9; }' | cut -b -40 > $HOME/.config/cic/staff-client/key_fingerprint gpg --homedir $t --pinentry-mode loopback --passphrase-file $password_file --quick-add-key `cat $HOME/.config/cic/staff-client/key_fingerprint` default encrypt 0 shred -v $password_file