mutt и общие ключи/подписанные сообщения
Решил запостить сюда свой "велосипед" для работы с общими ключами в mutt.
В расчете на то, что кому-нибудь пригодится или просто привлечет к
обсуждению этой темы. См. аттачмент.
--
Stanislav
set pgp_decode_command="gpg --status-fd=2 %?p?--passphrase-fd 0? --keyring tmpring.gpg --no-verbose --quiet --batch --output - %f"
set pgp_verify_command="gpg-automate %s %f"
set pgp_decrypt_command="gpg --status-fd=2 %?p?--passphrase-fd 0? --keyring tmpring.gpg --no-verbose --quiet --batch --output - %f"
set pgp_sign_command="gpg --keyring tmpring.gpg --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --detach-sign --textmode %?a?-u %a? %f"
set pgp_clearsign_command="gpg --keyring tmpring.gpg --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --textmode --clearsign %?a?-u %a? %f"
set pgp_encrypt_only_command="/usr/lib/mutt/pgpewrap gpg --keyring tmpring.gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust -- -r %r -- %f"
set pgp_encrypt_sign_command="/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --keyring tmpring.gpg --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f"
set pgp_import_command="gpg --keyring tmpring.gpg --no-verbose --import %f"
set pgp_export_command="gpg --keyring tmpring.gpg --no-verbose --export --armor %r"
set pgp_verify_key_command="gpg --keyring tmpring.gpg --verbose --batch --fingerprint --check-sigs %r"
set pgp_list_pubring_command="gpg --keyring tmpring.gpg --no-verbose --batch --quiet --with-colons --list-keys %r"
set pgp_list_secring_command="gpg --keyring tmpring.gpg --no-verbose --batch --quiet --with-colons --list-secret-keys %r"
set pgp_good_sign="^\\[GNUPG:\\] GOODSIG"
#!/bin/sh
# gpg-automate: A script that automagically requests public keys from a key server
# and maintains a separate keyring and a little database of KEYIDs with timestamps.
# To be used with mutt and gpg.
#
# Author: Stanislav Maslovski <stanislav.maslovski@gmail.com>
# This software is in public domain, use freely.
umask 077
# How long is the database (checked before adding a new key)
MAXLINES=50
# For how long old keys should be kept. This is in seconds :)
KEEP=2592000
TIMESTAMP=$HOME/.gnupg/timestamps
LOCKFILE=$TIMESTAMP.lock
STATUS=`tempfile`
OUTPUT=`tempfile`
IMPORT=`tempfile`
TIME=`date +%s`
gpg --no-verbose --quiet --batch \
--no-default-keyring --primary-keyring tmpring.gpg --keyring pubring.gpg \
--keyserver-options auto-key-retrieve \
--status-file=$STATUS --output $OUTPUT --verify $@
EXITCODE=$?
sed -nr "s/^\[GNUPG:\] IMPORTED ([0-9A-F]+)/$TIME \\1/p" $STATUS > $IMPORT
delkey()
{
gpg --no-verbose --quiet --batch --yes \
--no-default-keyring --primary-keyring tmpring.gpg \
--delete-key $1 >/dev/null 2>&1
}
# The database is updated only if there has been a successful import of a new key.
if [ -s $IMPORT ]
then
lockfile -1 $LOCKFILE
if [ -e $TIMESTAMP ]
then
head -n -$MAXLINES $TIMESTAMP |
while read STAMP KEYID INFO
do
delkey $KEYID
done
mv $TIMESTAMP $TIMESTAMP.old
tail -n $MAXLINES $TIMESTAMP.old |
while read STAMP KEYID INFO
do
if [ $(($TIME - $STAMP)) -gt $KEEP ]
then
delkey $KEYID
else
echo $STAMP $KEYID $INFO
fi
done > $TIMESTAMP
rm -f $TIMESTAMP.old
fi
cat $IMPORT >> $TIMESTAMP
rm -f $LOCKFILE
fi
# Push output to stderr and stdout (mutt will intercept them)
cat $STATUS 1>&2 && cat $OUTPUT
rm -f $STATUS $OUTPUT $IMPORT
exit $EXITCODE
Reply to: