From 39ecc311a5019efa033e9dd9aa9478cffb970e64 Mon Sep 17 00:00:00 2001 From: atatat Date: Wed, 21 Jan 2004 04:04:55 +0000 Subject: This simple perl script takes the output of gpg --list-keys --verbose, which lists all the keys in your public key ring, along with all their signatures, and converts it to a di-graph in "dot" language form. The graphviz package can turn the description into a graph you can look at to see who has signed whose key, or how far it is from your key to someone in Reykjavik, etc. --- security/Makefile | 3 +- security/gpg2dot/DESCR | 8 ++++ security/gpg2dot/Makefile | 55 ++++++++++++++++++++++++++++ security/gpg2dot/PLIST | 2 + security/gpg2dot/files/gpg2dot.pl | 77 +++++++++++++++++++++++++++++++++++++++ 5 files changed, 144 insertions(+), 1 deletion(-) create mode 100644 security/gpg2dot/DESCR create mode 100644 security/gpg2dot/Makefile create mode 100644 security/gpg2dot/PLIST create mode 100644 security/gpg2dot/files/gpg2dot.pl (limited to 'security') diff --git a/security/Makefile b/security/Makefile index 60ecc62d845..24caeaf108d 100644 --- a/security/Makefile +++ b/security/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.160 2004/01/20 21:26:13 snj Exp $ +# $NetBSD: Makefile,v 1.161 2004/01/21 04:04:55 atatat Exp $ # COMMENT= Security tools @@ -37,6 +37,7 @@ SUBDIR+= fsh SUBDIR+= gnupg SUBDIR+= gnutls SUBDIR+= gpa +SUBDIR+= gpg2dot SUBDIR+= gpgme SUBDIR+= gpgme03 SUBDIR+= gsasl diff --git a/security/gpg2dot/DESCR b/security/gpg2dot/DESCR new file mode 100644 index 00000000000..efd6d47b434 --- /dev/null +++ b/security/gpg2dot/DESCR @@ -0,0 +1,8 @@ +This simple perl script takes the output of gpg --list-keys --verbose, +which lists all the keys in your public key ring, along with all +their signatures, and converts it to a di-graph in "dot" language +form. + +The graphviz package can turn the description into a graph you can +look at to see who has signed whose key, or how far it is from your +key to someone in Reykjavik, etc. diff --git a/security/gpg2dot/Makefile b/security/gpg2dot/Makefile new file mode 100644 index 00000000000..d37ce16a1d6 --- /dev/null +++ b/security/gpg2dot/Makefile @@ -0,0 +1,55 @@ +# $NetBSD: Makefile,v 1.1 2004/01/21 04:04:55 atatat Exp $ +# + +DISTNAME= gpg2dot-1.0 +WRKSRC= ${WRKDIR} +CATEGORIES= security +MASTER_SITES= # empty +DISTFILES= # empty + +MAINTAINER= lukem@NetBSD.org +HOMEPAGE= ftp://ftp.NetBSD.org/pub/NetBSD/packages/pkgsrc/Packages.txt +COMMENT= Converts your GnuPG keyring to a graph of associations + +USE_PERL5= YES + +EXTRACT_ONLY= # empty +NO_CHECKSUM= yes +NO_CONFIGURE= yes + +DISTVER= ${DISTNAME:S/gpg2dot-//} + +.include "../../mk/bsd.prefs.mk" + +.if ${OPSYS} == "SunOS" +# This doesn't create readable manual pages. "mandoc" should be added +# to zoularis. +NROFF= nroff -man +.else +NROFF= nroff -mandoc +.endif + +do-extract: + ${CP} ${FILESDIR}/gpg2dot.pl ${WRKSRC}/gpg2dot.pl +# ${CP} ${FILESDIR}/gpg2dot.1 ${WRKSRC}/gpg2dot.1.in + +do-build: +.for FILE in gpg2dot + ${SED} -e 's|@PREFIX@|${PREFIX}|g' \ + -e 's|@DISTVER@|${DISTVER}|g' \ + < ${WRKSRC}/${FILE}.pl \ + > ${WRKSRC}/${FILE} +.endfor +#.for FILE in gpg2dot +# ${SED} -e '' \ +# < ${WRKSRC}/${FILE}.1.in \ +# > ${WRKSRC}/${FILE}.1 +# ${NROFF} ${WRKSRC}/${FILE}.1 >${WRKSRC}/${FILE}.0 +#.endfor + +do-install: + ${INSTALL_SCRIPT} ${WRKSRC}/gpg2dot ${PREFIX}/bin/gpg2dot +# ${INSTALL_MAN} ${WRKSRC}/gpg2dot.0 ${PREFIX}/man/cat1 +# ${INSTALL_MAN} ${WRKSRC}/gpg2dot.1 ${PREFIX}/man/man1 + +.include "../../mk/bsd.pkg.mk" diff --git a/security/gpg2dot/PLIST b/security/gpg2dot/PLIST new file mode 100644 index 00000000000..6d8b7ee6f9b --- /dev/null +++ b/security/gpg2dot/PLIST @@ -0,0 +1,2 @@ +@comment $NetBSD: PLIST,v 1.1 2004/01/21 04:04:55 atatat Exp $ +bin/gpg2dot diff --git a/security/gpg2dot/files/gpg2dot.pl b/security/gpg2dot/files/gpg2dot.pl new file mode 100644 index 00000000000..6cd62881c52 --- /dev/null +++ b/security/gpg2dot/files/gpg2dot.pl @@ -0,0 +1,77 @@ +#!@PREFIX@/bin/perl + +# ---------------------------------------------------------------------------- +# "THE BEER-WARE LICENSE" (Revision 42): +# wrote this file. As long as you retain this notice you +# can do whatever you want with this stuff. If we meet some day, and you think +# this stuff is worth it, you can buy me a beer in return. +# +# Andrew Brown +# ---------------------------------------------------------------------------- + +$date = localtime(); + +$sg = ""; +open(GPG, "gpg --list-keys --verbose 2>/dev/null |"); +while () { + chomp; + if (/^(pub) +(\S+)\s+(\S+)\s+(.+\S)/ || + /^(uid) +\s+(.+\S)/) { + if ($1 eq "pub") { + ($lkeyid, $date, $kuid) = ($2, $3, $4); + } + else { + ($kuid) = ($2); + } + $kuid =~ s/\"/\\\"/g; + ($keyid = $lkeyid) =~ s:.*/::; + next if ($kuid !~ /netbsd.org/i); + $kuid{$keyid} = $kuid; + $label{$keyid} = "$lkeyid - $date\\n$kuid"; + } + elsif (/^sig (.{7}) (\S+)\s+(\S+)\s+(.+\S)/) { + ($skeyid, $date, $suid) = ($2, $3, $4); + next if ($kuid !~ /netbsd.org/i || + $suid =~ /id not found/ || + $skeyid eq $keyid); + push(@isigs, "$keyid $skeyid $date $suid"); + } +} + +foreach (@isigs) { + ($keyid, $skeyid, $date, $suid) = split(/ /, $_, 4); + next if (!$kuid{$keyid} || !$kuid{$skeyid}); + push(@sigs, sprintf("\"%s\" -> \"%s\";\t// %s -> %s\n", + $skeyid, $keyid, $kuid{$skeyid}, $kuid{$keyid})); + $signer{$skeyid} = "yes"; + $signed{$keyid} = "yes"; +} + +foreach (keys %label) { + next if (!$signer{$_} && !$signed{$_}); + push(@keys, sprintf("\"%s\" [label=\"%s\"];\n", + $_, $label{$_})); +} + +@sigs = uniq(sort(@sigs)); + +$" = ""; +print(<<"EOF") +digraph "gpg" { +label = "gpg signature graph, $date"; + +@keys +@sigs +} +EOF + ; + +sub uniq { + my (@i) = @_; + my (@o); + push(@o, shift(@i)); + foreach (@i) { + push(@o, $_) if ($o[-1] ne $_); + } + @o; +} -- cgit v1.2.3