1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
# OpenPGP Web Key Directory implementation
# https://www.ietf.org/id/draft-koch-openpgp-webkey-service-06.txt
require 'base32'
require 'digest'
module Gentoo
class WKDGenerator < Jekyll::Generator
DEV_KEYRING = '_data/active-devs.gpg'
SERVICE_KEYRING = '_data/service-keys.gpg'
WKD_DIR = '.well-known/openpgpkey/'
def generate(site)
return if site.data['userinfo'].nil?
# WKD uses z-Base32; replace the alphabet since the standard
# Base32 module supports that and the zBase32 modules are hard to get
Base32.table = 'ybndrfg8ejkmcpqxot1uwisza345h769'
[['current', DEV_KEYRING], ['system', SERVICE_KEYRING]].each do |group, keyring|
site.data['userinfo'][group].each do |nick, details|
begin
fps = details['gpgfp'].map { |fp| fp.gsub(/\s+/, '') }
if not fps.empty?
IO.popen(['gpg', '--no-default-keyring', '--keyring', keyring,
'--export', *fps], mode='rb') { |p|
keydata = p.read
if not keydata.empty?
site.pages << WKDFile.new(site, nick, keydata)
end
}
end
rescue
# fail them silently
end
end
end
# policy file is required
site.pages << WKDPolicyFile.new(site)
end
end
class WKDFile < Jekyll::Page
def initialize(site, nick, keydata)
@site = site
@base = @site.source
@dir = WKDGenerator::WKD_DIR + 'hu/'
@name = Base32.encode(Digest::SHA1.digest(nick.downcase))
process(@name)
read_yaml(File.join(@base, '_layouts'), "passthrough.html")
@content = keydata
end
def render_with_liquid?
return false
end
end
class WKDPolicyFile < Jekyll::Page
def initialize(site)
@site = site
@base = @site.source
@dir = WKDGenerator::WKD_DIR
@name = 'policy'
process(@name)
read_yaml(File.join(@base, '_layouts'), "passthrough.html")
@content = ''
end
end
end
|