source: keysigning/gpg-challenge.pl @ 43

Last change on this file since 43 was 43, checked in by simon, 17 years ago
  • Move code to get the list of UIDs into a function
  • Property svn:eol-style set to native
  • Property svn:mime-type set to text/x-perl
File size: 4.0 KB
RevLine 
[36]1#!/usr/bin/perl
2#
3#  Copyright 2002-2006 Ingo Kloecker <mail@ingo-kloecker.de>
4#
5#  This program is free software; you can redistribute it and/or modify
6#  it under the terms of the GNU General Public License as published by
7#  the Free Software Foundation; either version 2 of the License, or
8#  (at your option) any later version.
9#
10#  This program is distributed in the hope that it will be useful,
11#  but WITHOUT ANY WARRANTY; without even the implied warranty of
12#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13#  GNU General Public License for more details.
14#
15#  You should have received a copy of the GNU General Public License
16#  along with this program; if not, write to the Free Software
17#  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
18#
19
20use strict;
[40]21use File::Temp qw(tempfile);
[36]22
23my $myKeyID="0123456789ABCDEF";
24my $myEmailAddress="Full Name <name\@example.com>";
[41]25my $myName="Full Name";
[40]26my $policyURL="http://www.example.com/gpg/policy";
[36]27my $occasion="something";
28
[43]29sub get_uids ($)
30{
31    my $keyID = shift;
[36]32
33    my (%uids);
34
35    open( GPG, "gpg --with-colon --list-sigs --fixed-list-mode $keyID 2>/dev/null|" )
[38]36        || die "Cannot run gpg\n";
[36]37
38    my $uid = "";
39
40    while ( <GPG> ) {
41        if ( /^uid/ ) {
42            if ( defined( $uid ) && $uid ne "" ) {
43                $uids{$uid} = $uid;
44            }
45            my @fields = split /:/;
46            if ( ( $fields[1] ne "r" ) && ( $fields[1] ne "e" ) ) {
47                # user ID wasn't revoked and hasn't expired
48                $uid = $fields[9];
49                # convert some UTF-8 to latin1
50                $uid =~ s/Ã\\x9f/ß/g;
51                $uid =~ s/Ã\\x89/É/g;
52                $uid =~ s/ä/ä/g;
53                $uid =~ s/á/á/g;
54                $uid =~ s/é/é/g;
55                $uid =~ s/è/è/g;
56                $uid =~ s/ø/ø/g;
57                $uid =~ s/ö/ö/g;
58                $uid =~ s/ü/ü/g;
59                $uid =~ s/Ä\\x8c/C/g;
60                $uid =~ s/Å\\x99/r/g;
61                $uid =~ s/\\x3a/:/g;
[39]62                printf STDERR "Found valid user id $uid.\n"
[36]63            }
64        }
65        elsif ( /^sig.*:$myKeyID:.*x:$/ ) {
66            $uid = "";
[39]67            printf STDERR "This user id was already signed by me.\n"
[36]68        }
69    }
70    close GPG;
71
72    if ( defined( $uid ) && $uid ne "" ) {
73        $uids{$uid} = $uid;
74    }
75
[43]76    return %uids;
77}
78
79foreach my $keyID (@ARGV) {
80    if ( $keyID !~ /[A-F0-9]{8}/i )
[36]81    {
[43]82        die "\"$keyID\" doesn't look like a valid Key-ID!\n";
83    }
84
85    printf STDERR "Key ID: $keyID\n";
86    my (%uids) = get_uids($keyID);
87
88    foreach my $uid ( keys %uids )
89    {
[38]90        # Get a random string:
91        my $challenge;
[42]92        open ( RANDOM, "dd if=/dev/random count=64 bs=1 | mimencode|" )
[38]93            || die "Cannot get random string\n";
94        while ( <RANDOM> )
[36]95        {
[38]96            $challenge .= $_;
[36]97        }
[38]98        chomp $challenge;
99        close RANDOM;
[36]100
101        # Create the encrypted part of the body of the message:
[38]102        my $body = << "EOF";
[40]103Hi,
[36]104
[40]105You are receiving this email because you gave me your OpenPGP key
106details for key-signing at $occasion.
[36]107
[40]108This message is a challenge to help verify that you can read email sent
109to $uid and encrypted to the key with ID $keyID.
[36]110
[40]111You should have received an email for each UID, each containing a random
112string of data.  Please reply from each of the UIDs a message was sent
113to, including the random string, making sure you sign the message.  (You
114may encrypt your reply, but this is not necessary.)
[36]115
[40]116After receiving your reply and checking that the challenge string
117matches the original, I will upload your key to a key server unless you
118specify otherwise.
[36]119
[40]120My key-signing policy can be found at:
[36]121
[40]122    $policyURL
[36]123
[40]124BEGIN CHALLENGE
125$challenge
126END CHALLENGE
[36]127
[40]128Regards,
[41]129$myName
[36]130EOF
131
[40]132        my ($tmp_fh, $tmp_fname) = tempfile();
133        print $tmp_fh $body;
134        close $tmp_fh;
135        system ( "mutt -e \"set pgp_autosign=yes;set pgp_autoencrypt=yes\" -i \"$tmp_fname\" -s \"OpenPGP UID verification\" -- \"$uid\"" );
[38]136        print "$challenge: $uid ($keyID)\n";
[36]137    }
138}
Note: See TracBrowser for help on using the repository browser.