security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

wks: Add special mode to --install-key.

Browse source 
* tools/gpg-wks-client.c (get_key_status_parm_s)
(get_key_status_cb, get_key): Move to ...
* tools/wks-util.c: ...here.
(get_key): Rename to wks_get_key.
* tools/gpg-wks-server.c: Include userids.h.
(command_install_key): Allow use of a fingerprint.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2018-02-20 15:23:19 +01:00
parent ee474856ec
commit 685a5e1558
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
5 changed files with 153 additions and 134 deletions
Download patch file Download diff file Expand all files Collapse all files

17
doc/wks.texi
View file

@ -224,7 +224,9 @@ the process returns failure; to suppress the diagnostic, use option
The command @option{--install-key} manually installs a key into the
WKD. The arguments are a file with the keyblock and the user-id to
install.
install. If the first argument resembles a fingerprint the key is
taken from the current keyring; to force the use of a file, prefix the
first argument with "./".
The command @option{--remove-key} uninstalls a key from the WKD. The
process returns success in this case; to also print a diagnostic, use
@ -330,7 +332,7 @@ the submission address:
@example
$ gpg --batch --passphrase '' --quick-gen-key key-submission@@example.net
$ gpg --with-wkd-hash -K key-submission@@example.net
$ gpg -K key-submission@@example.net
@end example
The output of the last command looks similar to this:
@ -339,21 +341,16 @@ The output of the last command looks similar to this:
sec rsa2048 2016-08-30 [SC]
C0FCF8642D830C53246211400346653590B3795B
uid [ultimate] key-submission@@example.net
bxzcxpxk8h87z1k7bzk86xn5aj47intu@@example.net
ssb rsa2048 2016-08-30 [E]
@end example
Take the hash of the string "key-submission", which is
"bxzcxpxk8h87z1k7bzk86xn5aj47intu" and manually publish that key:
Take the fingerprint from that output and manually publish the key:
@example
$ gpg --export-options export-minimal --export \
> -o /var/lib/gnupg/wks/example.net/hu/bxzcxpxk8h87z1k7bzk86xn5aj47intu \
> key-submission@@example.new
$ gpg-wks-server --install-key C0FCF8642D830C53246211400346653590B3795B \
> key-submission@@example.net
@end example
Make sure that the created file is world readable.
Finally that submission address needs to be redirected to a script
running @command{gpg-wks-server}. The @command{procmail} command can
be used for this: Redirect the submission address to the user "webkey"