Generate WKD for Gentoo developer keys

author: Michał Górny <mgorny@gentoo.org> 2018-07-18 11:46:21 +0200
committer: Michał Górny <mgorny@gentoo.org> 2018-07-18 22:37:13 +0200
commit: e4076b4a03af0d263c785acdce4ad31afbc46a4d (patch)
tree: 5f78e2adc6f38b92ee623a08eb95883b2d2c8c37 /_plugins
parent: header: Add Gitweb link in gentoo.org sites (diff)
download: www-e4076b4a03af0d263c785acdce4ad31afbc46a4d.tar.gz
www-e4076b4a03af0d263c785acdce4ad31afbc46a4d.tar.bz2
www-e4076b4a03af0d263c785acdce4ad31afbc46a4d.zip
1 files changed, 86 insertions, 0 deletions
diff --git a/_plugins/wkd.rb b/_plugins/wkd.rb
new file mode 100644
index 0000000..b8cf2f4
--- /dev/null
+++ b/_plugins/wkd.rb
@@ -0,0 +1,86 @@
+# OpenPGP Web Key Directory implementation
+# https://www.ietf.org/id/draft-koch-openpgp-webkey-service-06.txt
+
+require 'base32'
+require 'digest'
+
+module Gentoo
+  class WKDGenerator < Jekyll::Generator
+    KEYRING = '_data/active-devs.gpg'
+    WKD_DIR = '.well-known/openpgpkey/'
+
+    def generate(site)
+      # WKD uses z-Base32; replace the alphabet since the standard
+      # Base32 module supports that and the zBase32 modules are hard to get
+      Base32.table = 'ybndrfg8ejkmcpqxot1uwisza345h769'
+
+      site.data['userinfo']['current'].each do |nick, details|
+        begin
+          fps = details['gpgfp'].map { |fp| fp.gsub(/\s+/, '') }
+          if not fps.empty?
+            IO.popen(['gpg', '--no-default-keyring', '--keyring', KEYRING,
+                      '--export', *fps], mode='rb') { |p|
+              keydata = p.read
+              if not keydata.empty?
+                site.pages << WKDFile.new(site, nick, keydata)
+              end
+            }
+          end
+        rescue
+          # fail them silently
+        end
+      end
+
+      # empty index to hide directory listings
+      site.pages << WKDIndexFile.new(site)
+      # policy file is required
+      site.pages << WKDPolicyFile.new(site)
+    end
+  end
+
+  class WKDFile < Jekyll::Page
+    def initialize(site, nick, keydata)
+      @site = site
+      @base = @site.source
+      @dir = WKDGenerator::WKD_DIR + 'hu/'
+      @name = Base32.encode(Digest::SHA1.digest(nick.downcase))
+
+      process(@name)
+      read_yaml(File.join(@base, '_layouts'), "passthrough.html")
+
+      @content = keydata
+    end
+
+    def render_with_liquid?
+      return false
+    end
+  end
+
+  class WKDIndexFile < Jekyll::Page
+    def initialize(site)
+      @site = site
+      @base = @site.source
+      @dir = WKDGenerator::WKD_DIR + 'hu/'
+      @name = 'index.html'
+
+      process(@name)
+      read_yaml(File.join(@base, '_layouts'), "passthrough.html")
+
+      @content = ''
+    end
+  end
+
+  class WKDPolicyFile < Jekyll::Page
+    def initialize(site)
+      @site = site
+      @base = @site.source
+      @dir = WKDGenerator::WKD_DIR
+      @name = 'policy'
+
+      process(@name)
+      read_yaml(File.join(@base, '_layouts'), "passthrough.html")
+
+      @content = ''
+    end
+  end
+end
author	Michał Górny <mgorny@gentoo.org>	2018-07-18 11:46:21 +0200
committer	Michał Górny <mgorny@gentoo.org>	2018-07-18 22:37:13 +0200
commit	e4076b4a03af0d263c785acdce4ad31afbc46a4d (patch)
tree	5f78e2adc6f38b92ee623a08eb95883b2d2c8c37 /_plugins
parent	header: Add Gitweb link in gentoo.org sites (diff)
download	www-e4076b4a03af0d263c785acdce4ad31afbc46a4d.tar.gz www-e4076b4a03af0d263c785acdce4ad31afbc46a4d.tar.bz2 www-e4076b4a03af0d263c785acdce4ad31afbc46a4d.zip