/usr/share/monkeysphere/ma/add_certifier is in monkeysphere 0.37-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 | # -*-shell-script-*-
# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
# Monkeysphere authentication add-certifier subcommand
#
# This function adds a certifier whose signatures will be used to
# calculate validity of keys used to connect to user accounts on the
# server. The specified certifier key is first retrieved from the Web
# of Trust with the monkeysphere-user-controlled gpg_sphere keyring.
# Once then new key is retrieved, it is imported into the core
# keyring. The gpg_core then ltsigns the key with the desired trust
# level, and then the key is exported back to the gpg_sphere keyring.
# The gpg_sphere has ultimate owner trust of the core key, so the core
# ltsigs on the new certifier key can then be used by gpg_sphere
# calculate validity for keys inserted in the authorized_keys file.
#
# This is all to keep the monkeysphere user that connects to the
# keyservers from accessing the core secret key.
#
# The monkeysphere scripts are written by:
# Jameson Rollins <jrollins@finestructure.net>
# Jamie McClelland <jm@mayfirst.org>
# Daniel Kahn Gillmor <dkg@fifthhorseman.net>
#
# They are Copyright 2008-2009, and are all released under the GPL,
# version 3 or later.
add_certifier() {
local domain=
local trust=full
local depth=1
local keyID
local fingerprint
local ltsignCommand
local trustval
# get options
while true ; do
case "$1" in
-n|--domain)
domain="$2"
shift 2
;;
-t|--trust)
trust="$2"
shift 2
;;
-d|--depth)
depth="$2"
shift 2
;;
-)
break
;;
*)
if [ "$(echo "$1" | cut -c 1)" = '-' ] ; then
failure "Unknown option '$1'.
Type '$PGRM help' for usage."
fi
break
;;
esac
done
keyID="$1"
# check that key ID or file is specified
if [ -z "$keyID" ] ; then
failure "You must specify the key ID of a key to add, or specify a file to read the key from."
fi
# check the trust value
case "$trust" in
'marginal')
trustval=1
;;
'full')
trustval=2
;;
*)
failure "Trust value requested ('$trust') was unclear (only 'marginal' or 'full' are supported)."
;;
esac
# if file is specified
if [ -f "$keyID" -o "$keyID" = '-' ] ; then
# load the key from stdin
if [ "$keyID" = '-' ] ; then
# make a temporary file to hold the key from stdin
keyID=$(msmktempfile)
trap "rm -f $keyID" EXIT
log verbose "reading key from stdin..."
cat > "$keyID"
# load the key from the file
elif [ -f "$keyID" ] ; then
log verbose "reading key from file '$keyID'..."
fi
# check the key is ok as monkeysphere user before loading
log debug "checking keys in file..."
fingerprint=$(su_monkeysphere_user \
"${SYSSHAREDIR}/common" list_primary_fingerprints < "$keyID")
if [ $(printf "%s" "$fingerprint" | egrep -c '^[A-F0-9]{40}$') -ne 1 ] ; then
failure "There was not exactly one gpg key in the file."
fi
# load the key
gpg_sphere --import <"$keyID" 2>/dev/null \
|| failure "could not read key from '$keyID'"
# else, get the key from the keyserver
else
log verbose "searching keyserver $KEYSERVER for keyID $keyID..."
gpg_sphere --keyserver "$KEYSERVER" --recv-key "0x${keyID}!" \
|| failure "Could not receive a key with this ID from the '$KEYSERVER' keyserver."
# get the full fingerprint of new certifier key
log debug "getting fingerprint of certifier key..."
fingerprint=$(gpg_sphere --list-key --with-colons --with-fingerprint "0x${keyID}!" \
| grep '^fpr:' | cut -d: -f10)
# test that there is only a single fingerprint
if (( $(echo "$fingerprint" | wc -l) != 1 )) ; then
cat <<EOF
More than one fingerprint found:
$fingerprint
Please use a more specific key ID.
EOF
failure
fi
log info "key found:"
gpg_sphere --fingerprint "0x${fingerprint}!"
if [ "$PROMPT" != "false" ] ; then
printf "Are you sure you want to add the above key as a certifier\nof users on this system? (Y/n) " >&2
read OK; OK=${OK:-Y}
if [ "${OK/y/Y}" != 'Y' ] ; then
failure "Identity certifier not added."
fi
else
log debug "adding key without prompting."
fi
fi
# export the key to the core keyring so that the core can sign the
# new certifier key
log debug "loading key into core keyring..."
gpg_sphere --export "0x${fingerprint}!" | gpg_core --import
# edit-key script to ltsign key
# NOTE: *all* user IDs will be ltsigned
ltsignCommand="ltsign
y
$trustval
$depth
$domain
y
save"
# end script
# core ltsigns the newly imported certifier key
log debug "executing core ltsign script..."
if echo "$ltsignCommand" | \
gpg_core --command-fd 0 --edit-key "0x${fingerprint}!" ; then
# transfer the new sigs back to the sphere keyring
gpg_core_sphere_sig_transfer
# update the sphere trustdb
log debug "updating sphere trustdb..."
gpg_sphere --check-trustdb 2>&1 | log debug
log info "Identity certifier added."
else
failure "Problem adding identify certifier."
fi
}
|