Browse Source

gfsec-split-gpg: Ask confirmation before splitting.

Before actually splitting the GnuPG private key, print some
infos about the key and ask the user if we should proceed.
master
Damien Goutte-Gattat 4 years ago
parent
commit
aca1022b7f
  1. 13
      src/gfsec-split-gpg.in

13
src/gfsec-split-gpg.in

@ -127,7 +127,7 @@ done
gpg=$(find_gpg2)
[ -n "$gpg" ] || die "GnuPG 2.1 not found"
keyinfo=$($gpg --with-colons --list-secret-keys $uid | grep -A2 ^sec)
keyinfo=$($gpg --with-colons --list-secret-keys $uid | grep -A3 ^sec)
keycnt=$(echo "$keyinfo" | grep -c ^sec)
[ $keycnt -eq 0 ] && die "No private key found"
[ $keycnt -gt 1 ] && die "More than one private key found"
@ -138,6 +138,17 @@ keyfpr=$(echo "$keyinfo" | grep ^fpr | cut -d: -f10)
keygrp=$(echo "$keyinfo" | grep ^grp | cut -d: -f10)
[ -n "$keygrp" ] || die "Cannot extract private key keygrip"
uid=$(echo "$keyinfo" | grep ^uid | cut -d: -f10)
[ -n "$uid" ] || die "Cannot extract User ID"
echo "About to split the following key:"
echo " User ID: $uid"
echo " Fingerprint: $keyfpr"
echo " Keygrip: $keygrp"
echo
read -p "Proceed (y/N): " ok
[ "$ok" = y ] || die "Cancelled"
$gpg --output $$.key \
--export-options export-minimal \
--export-secret-keys $keyfpr\!

Loading…
Cancel
Save