#!/bin/bash #---help--- # Usage: # gen-ffice-key # gen-ffice-key [-h|--help] # # Generate a GPG key pair for Hackspace Jena e.V.'s office email addresses # # Options: # # -h --help Show this message and exit # # Description: # # gen-office-key generates a GPG key pair for the three Hackspace Jena e.V. # office email addresses # # office@hackspace-jena.de , # office@krautspace.de , and # office@kraut.space # # under the user id 'Hackspace Jena e.V. Büro ($year)', for the current year # ($year). The script generates a 4096-bit RSA key pair for signing, # encryption, and authentication. The key expires on January 31st of the # following year and the a new key should be generated every Janurary. # # The scripts exports two files. 'office_key_$year.pub.asc' with the ASCII # armored public key, and 'office_key_$year.asc' with both keys in ASCII # armored form. If either file exists, the script reports and error and exists # without doing anyting. # # Notes: # # This script has no arguments or options (except for -h) so that the user # does not have to think. You run it in January once every year, upload the # key to the appropriate places, and that is it. # # If circumstances change in the future, rather than add options to this # script, adapt it. # # License: # # 2019 Philipp Matthias Schäfer # # To the extent possible under law, the author has dedicated all copyright and # related and neighboring rights to this software to the public domain # worldwide. This software is distributed without any warranty. # # You can find a copy of the CC0 Public Domain Dedication at the end of source # of this script and under . #---help--- # This script exports environment variables and changes the file mode creation # mask if [[ "${BASH_SOURCE[0]}" != "${0}" ]]; then echo "Error: ${BASH_SOURCE[0]} must not be sourced" return 1 fi set -eu if [ $# -gt 0 ]; then # Print the help message enclosed between the two lines containing # '#---help---' sed -n '/^#---help---/,/^#---help---/p;' "$0" \ | sed -E 's/^# ?//;1d;$d;' # If -h or --help was passed, the user wanted to see the help message, # otherwise, we showed it due to an erroneous invocation. case "$1" in -h | --help) exit 0;; *) exit 1;; esac fi # Determine the current year year=$(date +%Y) # The next year next_year=$((year+1)) # And from that the expiration date of new key expiration_date="$next_year-01-31" # Derive the output file names from the current year public_key_file="office_key_$year.pub.asc" secret_key_file="office_key_$year.asc" # Ensure that the files do not exist die_if_exists() { if [ -f "$1" ]; then echo "Error: File $1 already exists" exit 1 fi } die_if_exists "$public_key_file" die_if_exists "$secret_key_file" # Warn when it is not January if [ "01" -ne "$(date +%m)" ]; then echo "Warning: This script should have been run in January." fi # Create temporary directory as our working directory work_directory=$(mktemp -d) # Ensure that it gets deleted when this script exists (for whatever reason) trap "rm -rf '$work_directory'" EXIT HUP INT TERM # Make GPG use the work directory export GNUPGHOME="$work_directory" # Create key generation configuration with first uid # https://www.gnupg.org/documentation/manuals/gnupg/Unattended-GPG-key-generation.html cat > "$work_directory/configuration" << EOF %no-protection Key-Type: RSA Key-Length: 4096 Key-Usage: encrypt,sign,auth Name-Real: Hackspace Jena e.V. Büro ($year) Name-Email: office@hackspace-jena.de Expire-Date: $expiration_date %commit EOF echo -n "Generating..." # Generate key gpg --quiet --batch --no-tty --gen-key "$work_directory/configuration" \ 2>&1 >/dev/null \ | grep -v "marked as ultimately trusted" 1>&2 \ || echo -n '' # Because grep exits with 1 # Determine keyid of the new key keyid=$(gpg --quiet --no-tty --list-secret-keys --with-colons 2>/dev/null \ | awk -F: '/^sec:/ { print $5 }') # Add two additional uids gpg --quick-add-uid "$keyid" \ "Hackspace Jena e.V. Büro ($year) " gpg --quick-add-uid "$keyid" \ "Hackspace Jena e.V. Büro ($year) " # Export public key gpg --batch --yes --no-tty --armor \ --output "$public_key_file" --export "$keyid" # Store old umask old_umask=$(umask) # Ensure secret key is only readable by the current user umask 0077 # Export secret key gpg --batch --yes --no-tty --armor \ --output "$secret_key_file" --export-secret-keys "$keyid" echo -e "\rGenerated key pair:" gpg --list-keys | grep -v "$work_directory" echo "Public Key: $public_key_file" echo "Secret Key: $secret_key_file" #---license--- # Creative Commons Legal Code # # CC0 1.0 Universal # # CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE # LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN # ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS # INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES # REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS # PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM # THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED # HEREUNDER. # # Statement of Purpose # # The laws of most jurisdictions throughout the world automatically confer # exclusive Copyright and Related Rights (defined below) upon the creator # and subsequent owner(s) (each and all, an "owner") of an original work of # authorship and/or a database (each, a "Work"). # # Certain owners wish to permanently relinquish those rights to a Work for # the purpose of contributing to a commons of creative, cultural and # scientific works ("Commons") that the public can reliably and without fear # of later claims of infringement build upon, modify, incorporate in other # works, reuse and redistribute as freely as possible in any form whatsoever # and for any purposes, including without limitation commercial purposes. # These owners may contribute to the Commons to promote the ideal of a free # culture and the further production of creative, cultural and scientific # works, or to gain reputation or greater distribution for their Work in # part through the use and efforts of others. # # For these and/or other purposes and motivations, and without any # expectation of additional consideration or compensation, the person # associating CC0 with a Work (the "Affirmer"), to the extent that he or she # is an owner of Copyright and Related Rights in the Work, voluntarily # elects to apply CC0 to the Work and publicly distribute the Work under its # terms, with knowledge of his or her Copyright and Related Rights in the # Work and the meaning and intended legal effect of CC0 on those rights. # # 1. Copyright and Related Rights. A Work made available under CC0 may be # protected by copyright and related or neighboring rights ("Copyright and # Related Rights"). Copyright and Related Rights include, but are not # limited to, the following: # # i. the right to reproduce, adapt, distribute, perform, display, # communicate, and translate a Work; # ii. moral rights retained by the original author(s) and/or performer(s); # iii. publicity and privacy rights pertaining to a person's image or # likeness depicted in a Work; # iv. rights protecting against unfair competition in regards to a Work, # subject to the limitations in paragraph 4(a), below; # v. rights protecting the extraction, dissemination, use and reuse of data # in a Work; # vi. database rights (such as those arising under Directive 96/9/EC of the # European Parliament and of the Council of 11 March 1996 on the legal # protection of databases, and under any national implementation # thereof, including any amended or successor version of such # directive); and # vii. other similar, equivalent or corresponding rights throughout the # world based on applicable law or treaty, and any national # implementations thereof. # # 2. Waiver. To the greatest extent permitted by, but not in contravention # of, applicable law, Affirmer hereby overtly, fully, permanently, # irrevocably and unconditionally waives, abandons, and surrenders all of # Affirmer's Copyright and Related Rights and associated claims and causes # of action, whether now known or unknown (including existing as well as # future claims and causes of action), in the Work (i) in all territories # worldwide, (ii) for the maximum duration provided by applicable law or # treaty (including future time extensions), (iii) in any current or future # medium and for any number of copies, and (iv) for any purpose whatsoever, # including without limitation commercial, advertising or promotional # purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each # member of the public at large and to the detriment of Affirmer's heirs and # successors, fully intending that such Waiver shall not be subject to # revocation, rescission, cancellation, termination, or any other legal or # equitable action to disrupt the quiet enjoyment of the Work by the public # as contemplated by Affirmer's express Statement of Purpose. # # 3. Public License Fallback. Should any part of the Waiver for any reason # be judged legally invalid or ineffective under applicable law, then the # Waiver shall be preserved to the maximum extent permitted taking into # account Affirmer's express Statement of Purpose. In addition, to the # extent the Waiver is so judged Affirmer hereby grants to each affected # person a royalty-free, non transferable, non sublicensable, non exclusive, # irrevocable and unconditional license to exercise Affirmer's Copyright and # Related Rights in the Work (i) in all territories worldwide, (ii) for the # maximum duration provided by applicable law or treaty (including future # time extensions), (iii) in any current or future medium and for any number # of copies, and (iv) for any purpose whatsoever, including without # limitation commercial, advertising or promotional purposes (the # "License"). The License shall be deemed effective as of the date CC0 was # applied by Affirmer to the Work. Should any part of the License for any # reason be judged legally invalid or ineffective under applicable law, such # partial invalidity or ineffectiveness shall not invalidate the remainder # of the License, and in such case Affirmer hereby affirms that he or she # will not (i) exercise any of his or her remaining Copyright and Related # Rights in the Work or (ii) assert any associated claims and causes of # action with respect to the Work, in either case contrary to Affirmer's # express Statement of Purpose. # # 4. Limitations and Disclaimers. # # a. No trademark or patent rights held by Affirmer are waived, abandoned, # surrendered, licensed or otherwise affected by this document. # b. Affirmer offers the Work as-is and makes no representations or # warranties of any kind concerning the Work, express, implied, # statutory or otherwise, including without limitation warranties of # title, merchantability, fitness for a particular purpose, non # infringement, or the absence of latent or other defects, accuracy, or # the present or absence of errors, whether or not discoverable, all to # the greatest extent permissible under applicable law. # c. Affirmer disclaims responsibility for clearing rights of other persons # that may apply to the Work or any use thereof, including without # limitation any person's Copyright and Related Rights in the Work. # Further, Affirmer disclaims responsibility for obtaining any necessary # consents, permissions or other rights required for any use of the # Work. # d. Affirmer understands and acknowledges that Creative Commons is not a # party to this document and has no duty or obligation with respect to # this CC0 or use of the Work. #---license---