gpg: fixup demo script

nistp521
Roman Zeyde 8 years ago
parent 67d58a5ae0
commit 3c2eb64e0d

@ -37,12 +37,13 @@ def verify(pubkey, sig_file):
def main():
"""Main function."""
logging.basicConfig(level=logging.DEBUG,
format='%(asctime)s %(levelname)-10s %(message)s')
p = argparse.ArgumentParser()
p.add_argument('pubkey')
p.add_argument('signature')
p.add_argument('-v', '--verbose')
args = p.parse_args()
logging.basicConfig(level=logging.DEBUG if args.verbose else logging.INFO,
format='%(asctime)s %(levelname)-10s %(message)s')
verify(pubkey=decode.load_public_key(open(args.pubkey, 'rb')),
sig_file=args.signature)

@ -1,19 +1,19 @@
#!/bin/bash
set -x
CREATED=1460731897 # needed for consistent public key creation
NAME="trezor_key" # will be used as GPG user id and public key name
NAME="trezor_demo" # will be used as GPG user id and public key name
echo "Hello GPG World!" > EXAMPLE
# Create, sign and export the public key
./signer.py $NAME --time $CREATED
trezor-gpg $NAME --time $CREATED -o $NAME.pub
# Install GPG v2.1 (modern) and import the public key
gpg2 --import $NAME.pub
gpg2 --list-keys $NAME
# gpg2 --edit-key $NAME trust # optional: mark it as trusted
# Perform actual GPG signature using TREZOR
./signer.py $NAME EXAMPLE
./check.py $NAME.pub EXAMPLE.sig # pure Python verification
# Perform actual GPG signature using TREZOR device
trezor-gpg $NAME EXAMPLE
# gpg2 --edit-key trezor_key trust # optional: mark it as trusted
# Verify signature using GPG2 binary
gpg2 --verify EXAMPLE.sig

@ -2,6 +2,7 @@
"""Create signatures and export public keys for GPG using TREZOR."""
import argparse
import logging
import sys
import time
from . import check, decode, encode
@ -9,6 +10,10 @@ from . import check, decode, encode
log = logging.getLogger(__name__)
def _open_output(filename):
return sys.stdout if filename == '-' else open(filename, 'wb')
def main():
"""Main function."""
p = argparse.ArgumentParser()
@ -18,6 +23,7 @@ def main():
p.add_argument('-a', '--armor', action='store_true', default=False)
p.add_argument('-v', '--verbose', action='store_true', default=False)
p.add_argument('-e', '--ecdsa-curve', default='nist256p1')
p.add_argument('-o', '--output-file')
args = p.parse_args()
logging.basicConfig(level=logging.DEBUG if args.verbose else logging.INFO,
@ -31,8 +37,8 @@ def main():
if args.armor:
pubkey = encode.armor(pubkey, 'PUBLIC KEY BLOCK')
ext = '.asc'
filename = s.hex_short_key_id() + ext
open(filename, 'wb').write(pubkey)
filename = args.output_file or (s.hex_short_key_id() + ext)
_open_output(filename).write(pubkey)
log.info('import to local keyring using "gpg2 --import %s"', filename)
else:
pubkey = decode.load_from_gpg(user_id)
@ -42,8 +48,8 @@ def main():
if args.armor:
sig = encode.armor(sig, 'SIGNATURE')
ext = '.asc'
filename = args.filename + ext
open(filename, 'wb').write(sig)
filename = args.output_file or (args.filename + ext)
_open_output(filename).write(sig)
check.verify(pubkey=pubkey, sig_file=filename)
s.close()

Loading…
Cancel
Save