X-Git-Url: https://git.sthu.org/?a=blobdiff_plain;f=gpgsigs%2Fgpgsigs;h=50505d24251bbb6c58f62c0a25af78dc41b38c4a;hb=66c2228f897a924e7d19a6bb4eb4e8e460c6e13d;hp=61c03be226cb3b160a30706f95a37ef44af7ca47;hpb=a9dceb5378b7ce02a71f4a19a223d85dd3ed84cd;p=pgp-tools.git diff --git a/gpgsigs/gpgsigs b/gpgsigs/gpgsigs index 61c03be..50505d2 100755 --- a/gpgsigs/gpgsigs +++ b/gpgsigs/gpgsigs @@ -17,8 +17,10 @@ # * support for multiple user keys # * better charset conversion # * pod documentation +# see the Debian changelog for further changes. my $VERSION = qq$Rev$; +$ENV{PATH} .= ":/usr/share/signing-party"; use strict; use warnings; @@ -35,7 +37,7 @@ sub version($) gpgsigs $VERSION- http://pgp-tools.alioth.debian.org/ (c) 2004 Uli Martens (c) 2004, 2005 Peter Palfrader - (c) 2004, 2005 Christoph Berg + (c) 2004, 2005, 2006, 2007 Christoph Berg EOF } @@ -53,17 +55,21 @@ separate multiple keyids with ',' -r call gpg --recv-keys before proceeding -f convert from charset -t convert UIDs to charset in output +--refresh regenerate UID lists on keys +--latex generate LaTeX output including photo IDs EOF exit $error; } -my ($fromcharset, $charset, $recv_keys); +my ($fromcharset, $charset, $recv_keys, $refresh, $latex); Getopt::Long::config('bundling'); GetOptions( '-f=s' => \$fromcharset, '-t=s' => \$charset, r => \$recv_keys, + refresh => \$refresh, + latex => \$latex, help => sub { usage(*STDOUT, 0); }, version => sub { version(*STDOUT); exit 0;}, ) or usage(*STDERR, 1); @@ -108,12 +114,12 @@ sub myrecode($$$) { # parse options -my $mykey = uc(shift @ARGV); +my @mykeys = split /,/, uc(shift @ARGV); my $keytxt = (shift @ARGV) || usage(*STDERR, 1); my $outfile = (shift @ARGV) || '-'; -my @mykeys = split /,/, $mykey; map { s/^0x//i; } @mykeys; +my %uids = map { $_ => [] } @mykeys; if (!@mykeys || scalar @ARGV) { usage(*STDERR, 1); @@ -144,18 +150,43 @@ if ($recv_keys) { } print STDERR "Running --list-sigs, this will take a while "; -open SIGS, "gpg --fixed-list-mode --with-colons --list-sigs @keys 2>/dev/null |" +open SIGS, "gpg --fixed-list-mode --with-colons --list-sigs @mykeys @keys 2>/dev/null |" or die "can't get gpg listing"; -my ($key, $uid, $sigs); +my ($key, $uid, $sigs, $photocount); while () { if ( m/^pub:(?:.*?:){3,3}([0-9A-F]{16,16}):/ ) { $key = $1; print STDERR "."; + undef $photocount; next; } - if ( m/^uid:(?:.*?:){8,8}(.*):/s ) { - $uid = myrecode($1, "UTF-8", $charset); + if ( m/^uid:(.):(?:.*?:){7,7}(.*):/s ) { + my $uidstatus = $1; + $uid = $2; + $uid =~ s/\\x([0-9a-f][0-9a-f])/ chr(hex($1)) /gie; + $uid = myrecode($uid, "UTF-8", $charset); + + my ($shortkey) = substr $key, -8; + # Remember non-revoked uids + next if $uidstatus eq "r"; + push @{$uids{$shortkey}}, $uid; + next; + } + if ( m/^uat:(.)::::[^:]+::([0-9A-F]+)::\d+ (\d+)/ ) { # uat:-::::2006-08-03::27BAEAF742BD253C2F3F03B043DC1536880193C4::1 7993: + my $uidstatus = $1; + # $2 is hash of attribute data + my $size = $3 - 19; # FIXME: find a nicer way to find out picture size + $uid = "[jpeg image of size $size]"; + next if $uidstatus eq "r"; + if ($latex and not $photocount) { # call once per key + my ($shortkey) = substr $key, -8; + system "rm -f $shortkey.[1-9]*.eps"; + system "gpg --photo-viewer 'gpgsigs-eps-helper $shortkey' --list-options show-photos --list-key $key > /dev/null"; + $photocount = 1; + } + my ($shortkey) = substr $key, -8; + push @{$uids{$shortkey}}, $uid; next; } if ( m/^sig:(?:.*?:){3,3}([0-9A-F]{8})([0-9A-F]{8}):(?:.*?:){5,5}(.*?):/ ) { @@ -178,7 +209,7 @@ while () { if ($before eq 'S' || $before eq 's') { $sigs->{$key}->{$uid}->{$1.$2} = $class; } elsif ($class eq 'S' || $class eq 's') { - # intentionall left blank + # intentionally left blank } elsif ($before < $class) { $sigs->{$key}->{$uid}->{$1.$2} = $class; }; @@ -188,13 +219,9 @@ while () { $sigs->{$key}->{$uid}->{$2} = $sigs->{$key}->{$uid}->{$1.$2}; next; } - if ( m/^uat:/ ) { - $uid = "Photo ID"; - next; - } - next if ( m/^(rev|sub|tru):/ ); + next if ( m/^(rev|rvk|sub|tru):/ ); # revoke/revoker/subkey/trust warn "unknown value: '$_', key: ".(defined $key ? $key :'none')."\n"; -} +} close SIGS; print STDERR "\n"; @@ -206,18 +233,46 @@ for my $k ( keys %{$sigs} ) { # read checksums -open MD, "gpg --print-md md5 $keytxt|" or warn "can't get gpg md5\n"; +open MD, "gpg --with-colons --print-md md5 $keytxt|" or warn "can't get gpg md5\n"; my $MD5 = ; close MD; -open MD, "gpg --print-md sha1 $keytxt|" or warn "can't get gpg sha1\n"; +open MD, "gpg --with-colons --print-md sha1 $keytxt|" or warn "can't get gpg sha1\n"; my $SHA1 = ; close MD; +open MD, "gpg --with-colons --print-md sha256 $keytxt|" or warn "can't get gpg sha256\n"; +my $SHA256 = ; +close MD; +open MD, "gpg --with-colons --print-md ripemd160 $keytxt|" or warn "can't get gpg ripemd160\n"; +my $RIPEMD160 = ; +close MD; + +my @MD5 = split /:/, $MD5; +my @SHA1 = split /:/, $SHA1; +my @SHA256 = split /:/, $SHA256; +my @RIPEMD160 = split /:/, $RIPEMD160; +$MD5 = $MD5[2]; +$SHA1 = $SHA1[2]; +$SHA256 = $SHA256[2]; +$RIPEMD160 = $RIPEMD160[2]; + +$MD5 =~ s/(.{16})/$1 /; +$SHA1 =~ s/(.{20})/$1 /; +$SHA256 =~ s/(.{32})/$1 /; +$RIPEMD160 =~ s/(.{20})/$1 /; +$MD5 =~ s/([0-9A-Z]{2})/$1 /ig; +$SHA1 =~ s/([0-9A-Z]{4})/$1 /ig; +$SHA256 =~ s/([0-9A-Z]{4})/$1 /ig; +$RIPEMD160 =~ s/([0-9A-Z]{4})/$1 /ig; chomp $MD5; chomp $SHA1; +chomp $SHA256; +chomp $RIPEMD160; my $metatxt = quotemeta($keytxt); $MD5 =~ s/^$metatxt:\s*//; $SHA1 =~ s/^$metatxt:\s*//; +$SHA256 =~ s/^$metatxt:\s*//; +$RIPEMD160 =~ s/^$metatxt:\s*//; # write out result @@ -226,6 +281,9 @@ sub print_tag my ($key, $uid) = @_; if (! defined $sigs->{$key}->{$uid}) { warn "uid '$uid' not found on key $key\n"; + #for (keys %{ $sigs->{$key} }) { + # print STDERR "only have $_\n"; + #}; return '(' . (' ' x @mykeys) . ')'; } my $r = '('; @@ -239,9 +297,23 @@ sub print_tag $key = undef; $uid = undef; my $line = 0; +my $keys = 0; print STDERR "Annotating $keytxt, writing into $outfile\n"; open (TXT, $keytxt) or die ("Cannot open $keytxt\n"); open (WRITE, '>'.$outfile) or die ("Cannot open $outfile for writing\n"); + +if ($latex) { + print WRITE <<'EOF'; +\documentclass{article} +\usepackage[margin=2cm]{geometry} +\usepackage{alltt} +\usepackage{graphicx} +\usepackage{grffile} +\begin{document} +\begin{alltt} +EOF +} + while () { $line++; $_ = myrecode($_, $fromcharset, $charset); @@ -251,6 +323,25 @@ while () { if (/^SHA1 Checksum:/ && defined $SHA1) { s/[_[:xdigit:]][_ [:xdigit:]]+_/$SHA1/; } + if (/^SHA256 Checksum:/ && defined $SHA256) { + s/[_[:xdigit:]][_ [:xdigit:]]+_/$SHA256/; + } + if (/^RIPEMD160 Checksum:/ && defined $RIPEMD160) { + s/[_[:xdigit:]][_ [:xdigit:]]+_/$RIPEMD160/; + } + + if ( m/^[0-9]+\s+\[ \] Fingerprint OK/ ){ + if ($latex) { + if ($keys > 0) { + print WRITE "\\end{samepage}\n"; + } + print WRITE "\\begin{samepage}\n"; + ++$keys; + } + print WRITE; + next; + } + if ( m/^pub +(?:\d+)[DR]\/([0-9A-F]{8}) [0-9]{4}-[0-9]{2}-[0-9]{2} *(.*)/ ) { $key = $1; $uid = $2; @@ -258,14 +349,41 @@ while () { # print WRITE print_tag($key, $uid) . " $_"; # next; #} + print WRITE; + undef $photocount; + next; + } + + if ( m/^ *Key fingerprint/ ) { + print WRITE; + my $inc = ""; + foreach my $mykey (@mykeys) { + foreach my $myuid (@{$uids{$mykey}}) { + $inc .= defined $sigs->{$mykey}->{$myuid}->{$key} ? $sigs->{$mykey}->{$myuid}->{$key} : ' '; + } + } + print WRITE "[$inc] incoming signatures\n" if $inc =~ /\S/; + if ($refresh or $latex) { + foreach $uid (@{$uids{$key}}) { + print WRITE print_tag($key, $uid) . " $uid\n"; + if ($latex and ($uid =~ /^\[jpeg image/)) { + $photocount++; + print WRITE "\\begin{flushright}\n"; + print WRITE "\\includegraphics[height=3cm]{$key.$photocount}\n"; + print WRITE "\\end{flushright}\n"; + } + } + } + next; + } if ( m/^uid +(.*)$/ ) { $uid = $1; + next if $refresh or $latex; unless (defined $key) { warn "key is undefined - input text is possibly malformed near line $line\n"; next; }; - die "uid is undefined, key $key" unless defined $uid; die "bad tag from $key | $uid" unless defined (print_tag($key, $uid)); print WRITE print_tag($key, $uid) . " $_"; next; @@ -273,12 +391,35 @@ while () { print WRITE; } +if ($latex && ($keys > 0)) { + print WRITE "\\end{samepage}\n"; +} + print WRITE "Legend:\n"; +my $num_myuids = 0; foreach my $i (0 .. @mykeys - 1) { - print WRITE '('. ' 'x$i . 'S' . ' 'x(@mykeys-$i-1) . ") signed with $mykeys[$i]\n"; + print WRITE '(' . ' 'x$i . 'S' . ' 'x(@mykeys-$i-1) . ") signed with $mykeys[$i] $uids{$mykeys[$i]}->[0]\n"; + $num_myuids += @{$uids{$mykeys[$i]}}; +} +my $i = 0; +foreach my $mykey (@mykeys) { + foreach my $myuid (@{$uids{$mykey}}) { + my $inc = defined $sigs->{$mykey}->{$myuid}->{$key} ? $sigs->{$mykey}->{$myuid}->{$key} : ' '; + print WRITE "[" . ' 'x$i . 'S' . ' 'x($num_myuids-$i-1) . "] has signed $mykey $myuid\n"; + $i++; + } } close TXT; +if ($latex) { + print WRITE <<'EOF'; +\end{alltt} +\end{document} +EOF +} + +close WRITE; + __END__ =head1 NAME @@ -287,33 +428,44 @@ B - annotate list of GnuPG keys with already done signatures =head1 SYNOPSIS -B [-r] [-f I] [-t I] II<[>B<,>IB<,>I<...>I<]>>I<]> F [F] +B [I] II<[>B<,>IB<,>I<...>I<]>>I<]> F [F] =head1 DESCRIPTION B was written to assist the user in signing keys during a keysigning party. It takes as input a file containing keys in C format and prepends every line with a tag indicating if the user has already signed -that uid. When the file contains C or C lines -and placeholders (C<__ __>), the checksum is inserted. +that uid. When the file contains C lines and placeholders +(C<__ __>), the checksum is inserted. ALGO can be set to the following algorithms: +MD5 SHA1 SHA256 or RIPEMD160. =head1 OPTIONS =over -=item -r +=item B<-r> Call I before creating the output. -=item -f I +=item B<-f> I Convert F from I. The default is ISO-8859-1. -=item -t I +=item B<-t> I Convert UIDs to I. The default is derived from LC_ALL, LC_CTYPE, and LANG, and if all these are unset, the default is ISO-8859-1. +=item B<--refresh> + +Refresh the UID lists per key from gpg. Useful when UIDs were added or revoked +since the input text was generated. + +=item B<--latex> + +Generate LaTeX output, including photo IDs. Implies B<--refresh>. +B This writes eps files to the current directory. + =item I Use this keyid (8 or 16 byte) for annotation. Multiple keyids can be separated @@ -354,7 +506,7 @@ http://pgp-tools.alioth.debian.org/ (c) 2004, 2005 Peter Palfrader -(c) 2004, 2005 Christoph Berg +(c) 2004, 2005, 2006, 2007 Christoph Berg =head1 LICENSE