2016-07-21 13:48:49 +00:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
KEY=$1
|
|
|
|
|
2017-12-15 11:12:24 +00:00
|
|
|
if [ -z "${KEY}" ] || ! (gpg2 --list-secret-keys ${KEY}); then
|
2016-07-21 13:48:49 +00:00
|
|
|
echo "No key given or no secret key found for '${KEY}'"
|
|
|
|
exit 2
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Read password for this key
|
|
|
|
PWD=$(vault read --field=passphrase "/secret/gpg-key/${KEY}")
|
|
|
|
|
|
|
|
if [ -z "${PWD}" ]; then
|
|
|
|
echo "Could not read passphrase from vault."
|
|
|
|
exit 2
|
|
|
|
fi
|
|
|
|
|
2017-12-15 11:12:24 +00:00
|
|
|
HEXPWD=$(echo -n "${PWD}" | str2hex)
|
2016-07-21 13:48:49 +00:00
|
|
|
|
|
|
|
# Get keygrip of secret key
|
|
|
|
for KEYGRIP in $(gpg2 --with-keygrip -k ${KEY} | grep Keygrip | cut -d '=' -f 2 | xargs); do
|
|
|
|
|
|
|
|
# Set password for keygrip
|
2018-03-10 11:47:55 +00:00
|
|
|
if ! (gpg-connect-agent -q "PRESET_PASSPHRASE ${KEYGRIP} -1 ${HEXPWD}" /bye >/dev/null 2>&1); then
|
2016-07-21 13:48:49 +00:00
|
|
|
echo "An error occurred while caching password in GPG agent"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
done
|
|
|
|
|
|
|
|
echo "Successfully cached password in GPG agent"
|
|
|
|
exit 0
|