Changeset - 04796d35fcae
[Not reviewed]
0 1 0
Branko Majic (branko) - 4 years ago 2020-06-29 04:18:43
branko@majic.rs
Enforce use of specific encryption keys, which also fixes problems if a user has multiple encryption sub-keys in the keyring.
1 file changed with 1 insertions and 1 deletions:
0 comments (0 inline, 0 general) First comment
openpgp/gitprotect.sh
Show inline comments
 
@@ -294,13 +294,13 @@ elif [[ $command = "encrypt" ]]; then
 
    # Set-up the list of recipients. Read the information about each public
 
    # sub-key from the local keyring.
 
    while read key_validity key_id key_capabilities; do
 
        # Only use non-expired sub-keys that have encryption capability.
 
        if [[ $key_validity != e && $key_capabilities =~ .*e.* ]]; then
 
            recipients+=("$key_id")
 
            recipientArgs+=("-r" "$key_id")
 
            recipientArgs+=("-r" "$key_id!")
 
        fi
 
    done < <(gpg2 "${gnupgArgs[@]}" --list-public-keys --with-colons | grep '^sub' | awk 'BEGIN { FS = ":" } ; { print $2, $5, $12 }')
 

	
 
    # Make sure that we have at least a single recipient.
 
    if [[ "${#recipients[@]}" == 0 ]]; then
 
        echo "ERROR: No suitable recipients were found in the keyring. Did you forget to add keys?" >&2
0 comments (0 inline, 0 general) First comment
You need to be logged in to comment. Login now