20 lines
656 B
Bash
Executable File
20 lines
656 B
Bash
Executable File
#!/bin/bash
|
|
set -eu
|
|
|
|
USER_ID="${1}"
|
|
HOMEDIR=~/.gnupg/trezor
|
|
CURVE="ed25519" # or "nist256p1"
|
|
|
|
rm -rf "${HOMEDIR}"
|
|
mkdir -p "${HOMEDIR}"
|
|
chmod 700 "${HOMEDIR}"
|
|
|
|
trezor-gpg -v create "${USER_ID}" -e "${CURVE}" > "${HOMEDIR}/pubkey.asc"
|
|
gpg2 --homedir "${HOMEDIR}" --import < "${HOMEDIR}/pubkey.asc"
|
|
|
|
# Mark new key as trusted in gpg.conf
|
|
FINGERPRINT=$(gpg2 --homedir "${HOMEDIR}" --list-public-keys --with-colons | sed --quiet --regexp-extended 's/^fpr:::::::::([0-9A-F]+):$/\1/p' | head -n1)
|
|
KEY_ID="0x${FINGERPRINT:(-16)}" # take last 8 bytes of the fingerprint
|
|
echo "Marking ${KEY_ID} as trusted..."
|
|
echo "trusted-key ${KEY_ID}" > "${HOMEDIR}/gpg.conf"
|