From 9a6da03a3856d5d2fa9a67d8616cbe0a9d91be38 Mon Sep 17 00:00:00 2001 From: "W. Trevor King" Date: Wed, 18 Dec 2013 19:49:08 -0800 Subject: [PATCH 1/1] Stub out gpg-migrate.py Following the general approach outlined by Atom Smasher [1], but I'll just parse the packets directly in Python. [1]: http://atom.smasher.org/gpg/gpg-migrate.txt --- gpg-migrate.py | 53 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100755 gpg-migrate.py diff --git a/gpg-migrate.py b/gpg-migrate.py new file mode 100755 index 0000000..e6f1f38 --- /dev/null +++ b/gpg-migrate.py @@ -0,0 +1,53 @@ +#!/usr/bin/python + +import subprocess as _subprocess +import struct as _struct + + +def _get_stdout(args, stdin=None): + stdin_pipe = None + if stdin is not None: + stdin_pipe = _subprocess.PIPE + p = _subprocess.Popen(args, stdin=stdin_pipe, stdout=_subprocess.PIPE) + stdout, stderr = p.communicate(stdin) + status = p.wait() + if status != 0: + raise RuntimeError(status) + return stdout + + +class PGPPacket (dict): + # http://tools.ietf.org/search/rfc4880 + def from_bytes(self, data): + pass + + def to_bytes(self): + pass + + +def migrate(old_key, new_key): + """Add the old key and sub-keys to the new key + + For example, to upgrade your master key, while preserving old + signatures you'd made. You will lose signature *on* your old key + though, since sub-keys can't be signed (I don't think). + """ + old_key_export = _get_stdout( + ['gpg', '--export', old_key]) + old_key_packet = PGPPacket() + old_key_packet.from_bytes(data=old_key_export) + old_key_secret_export = _get_stdout( + ['gpg', '--export-secret-keys', old_key]) + old_key_secret_packet = PGPPacket() + old_key_secret_packet.from_bytes(data=old_key_secret_export) + + import pprint + pprint.pprint(old_key_packet) + pprint.pprint(old_key_secret_packet) + + +if __name__ == '__main__': + import sys as _sys + + old_key, new_key = _sys.argv[1:3] + migrate(old_key=old_key, new_key=new_key) -- 2.26.2