Changeset 40


Ignore:
Timestamp:
Jul 9, 2007, 9:09:04 PM (17 years ago)
Author:
simon
Message:
  • Different message, and only encrypted.
  • Fire mutt to send the mail.
  • Rely on mutt for signing and encryption instead of doing it in the script.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • keysigning/gpg-challenge.pl

    r39 r40  
    1919
    2020use strict;
     21use File::Temp qw(tempfile);
    2122
    2223my $myKeyID="0123456789ABCDEF";
    2324my $myEmailAddress="Full Name <name\@example.com>";
    2425my $myFirstName="Firstname";
     26my $policyURL="http://www.example.com/gpg/policy";
    2527my $occasion="something";
    2628
     
    9193        # Create the encrypted part of the body of the message:
    9294        my $body = << "EOF";
    93 [Weiter unten steht dasselbe auf deutsch.]
     95Hi,
    9496
    95 This message is sent as part of my certification process.
    96 It is to verify that you, the keyholder of $keyID can read email
    97 sent to the associated address
    98 $uid
     97You are receiving this email because you gave me your OpenPGP key
     98details for key-signing at $occasion.
    9999
    100 Please, now that you have decrypted this message, simply reply to
    101   $myEmailAddress
    102 quoting
     100This message is a challenge to help verify that you can read email sent
     101to $uid and encrypted to the key with ID $keyID.
    103102
    104 > KeyID: $keyID
    105 > UserID: $uid
    106 > Magic: $challenge
    107 > Upload to keyserver after signing: yes
     103You should have received an email for each UID, each containing a random
     104string of data.  Please reply from each of the UIDs a message was sent
     105to, including the random string, making sure you sign the message.  (You
     106may encrypt your reply, but this is not necessary.)
    108107
    109 in the body of your message.
     108After receiving your reply and checking that the challenge string
     109matches the original, I will upload your key to a key server unless you
     110specify otherwise.
    110111
    111 If you asked me to certify more than one userid or email address
    112 on your key you should receive one of these messages for each
    113 address - in that case please send one reply per address, too.
     112My key-signing policy can be found at:
    114113
    115 After signing your key I will upload it to the keyserver network
    116 unless you oppose.
     114    $policyURL
    117115
    118 -----
     116BEGIN CHALLENGE
     117$challenge
     118END CHALLENGE
    119119
    120 Diese Nachricht ist Teil meines Zertifizierungsprozesses. Damit
    121 überprüfe ich, dass du, der Besitzer des OpenPGP-Schlüssels $keyID,
    122 die E-Mail-Adresse
    123 $uid
    124 kontrollierst.
     120Regards,
     121$myFirstName
     122EOF
    125123
    126 Jetzt nachdem du diese Nachricht entschlüsselt hast, sende einfach
    127 eine Antwort an
    128   $myEmailAddress
    129 wobei du Folgendes zitierst:
    130 
    131 > KeyID: $keyID
    132 > UserID: $uid
    133 > Magic: $challenge
    134 > Schlüssel nach dem Signieren hochladen: ja
    135 
    136 Falls du mich gebeten hast, mehrere UserIDs oder E-Mail-Adressen zu
    137 zertifizieren, dann solltest du für jede Adresse eine dieser Nachrichten
    138 erhalten. In diesem Fall sende bitte für jede Nachricht eine separate
    139 Antwort.
    140 
    141 Nachdem ich deinen Schlüssel signiert habe, werde ich ihn auf einen
    142 oder mehrere Keyserver hochladen, sofern du dem nicht widersprichst.
    143 EOF
    144         # encrypt the message
    145         my $tempfile="$keyID.ttt";
    146         open( GPG, "|gpg --batch --encrypt --armor --textmode -r 0x$myKeyID \
    147 --encrypt-to $keyID >$tempfile" )  || die "Cannot run gpg\n";
    148         print GPG $body;
    149         close GPG;
    150         open( FILE, $tempfile )
    151             || die "File '$tempfile' doesn't exist\n";
    152         my $encbody;
    153         while ( <FILE> )
    154         {
    155           $encbody .= $_;
    156         }
    157         close FILE;
    158         unlink $tempfile;
    159 
    160         $body = << "EOF";
    161 [Weiter unten steht dasselbe auf deutsch.]
    162 
    163 Hi!
    164 
    165 You are being sent this message because we exchanged OpenPGP key
    166 fingerprints at $occasion and you asked me to sign your
    167 key(s).
    168 
    169 Please decrypt the encrypted message for instructions on how to
    170 complete the certification protocol.
    171 
    172 If you don't know what I'm talking about, then please reply to me as
    173 soon as possible, since someone other than yourself tried to make me
    174 certify that the OpenPGP key with ID 0x$keyID does belong to you.
    175 In other words, someone tried to STEAL YOUR IDENTITY.
    176 
    177 Regards
    178 $myFirstName
    179 
    180 -----
    181 
    182 Hallo!
    183 
    184 Wir haben in $occasion Fingerprints unserer OpenPGP-Schlüssel
    185 ausgetauscht, und du hast mich gebeten, deinen Schlüssel zu
    186 signieren.
    187 
    188 Die folgende verschlüsselte Nachricht erklärt, was du tun musst, damit
    189 ich deinen Schlüssel zertifiziere.
    190 
    191 Falls du nicht weißt, wovon ich rede, dann solltest du mich umgehend
    192 darüber informieren, da in diesem Fall jemand versucht deine E-Mail-
    193 Adresse als seine zu verkaufen.
    194 
    195 Viele Grüße
    196 $myFirstName
    197 
    198 EOF
    199         $body .= $encbody;
    200         #open( MAIL, "|mail -s \"OpenPGP key exchange formalities\" \"$uid\"" )
    201         #    || die "Cannot run mail\n";
    202         #print MAIL $encbody;
    203         #close MAIL;
    204 
    205         # using DCOP interface
    206         # openComposer( QString to, QString cc, QString bcc,
    207         #               QString subject, QString body, bool hidden )
    208         open ( DCOP , "dcop kmail default openComposer \"$uid\" \"\" \"\" \"OpenPGP \
    209 key certification challenge\" \"$body\" false|" ) || die "Cannot access Kmail DCOP \
    210 interface\n";  my $dcopRef = <DCOP>;
    211         close DCOP;
    212         chomp $dcopRef;
    213        
     124        my ($tmp_fh, $tmp_fname) = tempfile();
     125        print $tmp_fh $body;
     126        close $tmp_fh;
     127        system ( "mutt -e \"set pgp_autosign=yes;set pgp_autoencrypt=yes\" -i \"$tmp_fname\" -s \"OpenPGP UID verification\" -- \"$uid\"" );
    214128        print "$challenge: $uid ($keyID)\n";
    215129    }
Note: See TracChangeset for help on using the changeset viewer.