gpg: fixup demo script

8 years ago · 3c2eb64e0d
parent 67d58a5ae0
commit 3c2eb64e0d
3 changed files with 19 additions and 12 deletions
--- a/trezor_agent/gpg/check.py
+++ b/trezor_agent/gpg/check.py
@ -37,12 +37,13 @@ def verify(pubkey, sig_file):

 def main():
    """Main function."""
-    logging.basicConfig(level=logging.DEBUG,
-                        format='%(asctime)s %(levelname)-10s %(message)s')
    p = argparse.ArgumentParser()
    p.add_argument('pubkey')
    p.add_argument('signature')
+    p.add_argument('-v', '--verbose')
    args = p.parse_args()
+    logging.basicConfig(level=logging.DEBUG if args.verbose else logging.INFO,
+                        format='%(asctime)s %(levelname)-10s %(message)s')
    verify(pubkey=decode.load_public_key(open(args.pubkey, 'rb')),
           sig_file=args.signature)

--- a/trezor_agent/gpg/demo.sh
+++ b/trezor_agent/gpg/demo.sh
@ -1,19 +1,19 @@
 #!/bin/bash
 set -x
 CREATED=1460731897  # needed for consistent public key creation
-NAME="trezor_key"  # will be used as GPG user id and public key name
+NAME="trezor_demo"  # will be used as GPG user id and public key name

 echo "Hello GPG World!" > EXAMPLE
 # Create, sign and export the public key
-./signer.py $NAME --time $CREATED
+trezor-gpg $NAME --time $CREATED -o $NAME.pub

 # Install GPG v2.1 (modern) and import the public key
 gpg2 --import $NAME.pub
 gpg2 --list-keys $NAME
+# gpg2 --edit-key $NAME trust  # optional: mark it as trusted

-# Perform actual GPG signature using TREZOR
-./signer.py $NAME EXAMPLE
-./check.py $NAME.pub EXAMPLE.sig  # pure Python verification
+# Perform actual GPG signature using TREZOR device
+trezor-gpg $NAME EXAMPLE

-# gpg2 --edit-key trezor_key trust  # optional: mark it as trusted
+# Verify signature using GPG2 binary
 gpg2 --verify EXAMPLE.sig
--- a/trezor_agent/gpg/signer.py
+++ b/trezor_agent/gpg/signer.py
@ -2,6 +2,7 @@
 """Create signatures and export public keys for GPG using TREZOR."""
 import argparse
 import logging
+import sys
 import time

 from . import check, decode, encode
@ -9,6 +10,10 @@ from . import check, decode, encode
 log = logging.getLogger(__name__)


+def _open_output(filename):
+    return sys.stdout if filename == '-' else open(filename, 'wb')
+
+
 def main():
    """Main function."""
    p = argparse.ArgumentParser()
@ -18,6 +23,7 @@ def main():
    p.add_argument('-a', '--armor', action='store_true', default=False)
    p.add_argument('-v', '--verbose', action='store_true', default=False)
    p.add_argument('-e', '--ecdsa-curve', default='nist256p1')
+    p.add_argument('-o', '--output-file')

    args = p.parse_args()
    logging.basicConfig(level=logging.DEBUG if args.verbose else logging.INFO,
@ -31,8 +37,8 @@ def main():
        if args.armor:
            pubkey = encode.armor(pubkey, 'PUBLIC KEY BLOCK')
            ext = '.asc'
-        filename = s.hex_short_key_id() + ext
-        open(filename, 'wb').write(pubkey)
+        filename = args.output_file or (s.hex_short_key_id() + ext)
+        _open_output(filename).write(pubkey)
        log.info('import to local keyring using "gpg2 --import %s"', filename)
    else:
        pubkey = decode.load_from_gpg(user_id)
@ -42,8 +48,8 @@ def main():
        if args.armor:
            sig = encode.armor(sig, 'SIGNATURE')
            ext = '.asc'
-        filename = args.filename + ext
-        open(filename, 'wb').write(sig)
+        filename = args.output_file or (args.filename + ext)
+        _open_output(filename).write(sig)
        check.verify(pubkey=pubkey, sig_file=filename)

    s.close()