keyanalyze/willy/unsign

   1 #!/usr/bin/perl
   2
   3 # unsign takes the output from keyanalyze and adds useful information such as
   4 # the keys that haven't signed you and you haven't signed within this set.
   5 # This functionality should probably be added as an option to keyanalyze.
   6
   7 $group=$ARGV[0];
   8
   9 sub print_keys {
  10         my ($title, @array) = @_;
  11         my $size = $#array + 1;
  12         print "\n$title:\n";
  13         foreach (@array) {
  14                 print "  $_ $names{$_}\n";
  15         }
  16         print "Total: $size keys in this set\n";
  17 }
  18
  19 sub set_diff {
  20         my ($firstref, $secondref) = @_;
  21         my @result;
  22
  23         ELEMENT: foreach $element (@$firstref) {
  24                 foreach $test (@$secondref) {
  25                         next ELEMENT if $element eq $test;
  26                 }
  27
  28                 push @result, $element;
  29         }
  30
  31         return @result;
  32 }
  33
  34 sub read_keyfile {
  35         my ($name, $toref, $fromref) = @_;
  36         open(KEY, $name) or return 1;
  37         my $state = 0;
  38         while (my $line = <KEY>) {
  39                 if ($line =~ "^Signatures to") {
  40                         $state = 1;
  41                 } elsif ($line =~ "^Total:") {
  42                         $state = 0;
  43                 } elsif ($line =~ "^Signatures from") {
  44                         $state = 2;
  45                 } elsif ($state == 1) {
  46                         my @key = split(' ', $line);
  47                         push @$toref, @key[1];
  48                 } elsif ($state == 2) {
  49                         my @key = split(' ', $line);
  50                         push @$fromref, @key[1];
  51                 }
  52         }
  53         close(KEY);
  54         return 0;
  55 }
  56
  57 open(IDS, "$group/pubring.ids") or die "Could not open $group\n";
  58 while ($id = <IDS>) {
  59         next if ($id =~ /^#/);
  60         next if ($id =~ /^$/);
  61 #       chomp $id;
  62         $id =~ s/\s+$//;
  63         $id = substr($id, -8) if length($id) > 8;
  64         push @ids, $id;
  65
  66         $name = `gpg --options $group/options --list-keys $id`;
  67         $name =~ s/\n.*//s;
  68         $name =~ s/^.*[0-9][0-9] //;
  69         $name =~ s/@/-at-/g;
  70         $names{$id} = $name;
  71 }
  72 close(IDS);
  73
  74 foreach $key (@ids) {
  75         my $name = $group . "/output/" . substr($key, 0, 2) . "/" . $key;
  76         my @to;
  77         my @from;
  78
  79         next if read_keyfile($name, \@to, \@from);
  80
  81         push @to, $key;
  82         push @from, $key;
  83
  84         my @nonsigned = set_diff(\@ids, \@from);
  85         my @nonsigners = set_diff(\@ids, \@to);
  86
  87         my @first = set_diff(\@nonsigned, \@nonsigners);
  88         my @third = set_diff(\@nonsigned, \@first);
  89         my @second = set_diff(\@nonsigners, \@nonsigned);
  90
  91         open(KEY, ">>$name") or die "Cannot open $name\n";
  92         my $oldfh = select(KEY);
  93
  94         print_keys("This key has been signed by, but has not signed", @first);
  95         print_keys("This key has signed, but has not been signed by", @second);
  96         print_keys("This key is not directly connected to", @third);
  97
  98         select($oldfd);
  99         close(KEY);
 100 }