2016-10-21 20:07:58 +00:00
|
|
|
#!/bin/bash
|
2016-10-22 18:30:32 +00:00
|
|
|
set -eu
|
2016-10-21 20:07:58 +00:00
|
|
|
|
|
|
|
|
USER_ID="${1}"
|
|
|
|
|
HOMEDIR=~/.gnupg/trezor
|
2016-10-24 08:01:37 +00:00
|
|
|
CURVE=${CURVE:="nist256p1"} # or "ed25519"
|
2016-10-21 20:07:58 +00:00
|
|
|
|
2016-10-24 14:30:35 +00:00
|
|
|
# Prepare new GPG home directory for TREZOR-based identity
|
2016-10-21 20:07:58 +00:00
|
|
|
rm -rf "${HOMEDIR}"
|
|
|
|
|
mkdir -p "${HOMEDIR}"
|
|
|
|
|
chmod 700 "${HOMEDIR}"
|
|
|
|
|
|
2016-10-24 14:30:35 +00:00
|
|
|
# Generate new GPG identity and import into GPG keyring
|
|
|
|
|
trezor-gpg-create -v "${USER_ID}" -e "${CURVE}" > "${HOMEDIR}/pubkey.asc"
|
2016-10-21 20:07:58 +00:00
|
|
|
gpg2 --homedir "${HOMEDIR}" --import < "${HOMEDIR}/pubkey.asc"
|
2016-10-24 14:30:35 +00:00
|
|
|
rm -f "${HOMEDIR}/S.gpg-agent" # (otherwise, our agent won't be started automatically)
|
2016-10-21 20:07:58 +00:00
|
|
|
|
2016-10-24 14:30:35 +00:00
|
|
|
# Make new GPG identity with "ultimate" trust (via its fingerprint)
|
2016-10-22 18:30:32 +00:00
|
|
|
FINGERPRINT=$(gpg2 --homedir "${HOMEDIR}" --list-public-keys --with-colons | sed --quiet --regexp-extended 's/^fpr:::::::::([0-9A-F]+):$/\1/p' | head -n1)
|
2016-10-24 14:30:35 +00:00
|
|
|
echo "${FINGERPRINT}:6" | gpg2 --homedir "${HOMEDIR}" --import-ownertrust
|
|
|
|
|
|
|
|
|
|
# Prepare GPG configuration file
|
|
|
|
|
echo "# TREZOR-based GPG configuration
|
|
|
|
|
agent-program $(which trezor-gpg-agent)
|
|
|
|
|
" | tee "${HOMEDIR}/gpg.conf"
|
2016-10-24 14:55:35 +00:00
|
|
|
|
|
|
|
|
echo "# TREZOR-based GPG agent emulator
|
|
|
|
|
log-file ${HOMEDIR}/gpg-agent.log
|
|
|
|
|
verbosity 2
|
|
|
|
|
" | tee "${HOMEDIR}/gpg-agent.conf"
|
