diff options
author | Michał Górny <mgorny@gentoo.org> | 2018-07-18 11:46:21 +0200 |
---|---|---|
committer | Michał Górny <mgorny@gentoo.org> | 2018-07-18 22:37:13 +0200 |
commit | e4076b4a03af0d263c785acdce4ad31afbc46a4d (patch) | |
tree | 5f78e2adc6f38b92ee623a08eb95883b2d2c8c37 /_plugins | |
parent | header: Add Gitweb link in gentoo.org sites (diff) | |
download | www-e4076b4a03af0d263c785acdce4ad31afbc46a4d.tar.gz www-e4076b4a03af0d263c785acdce4ad31afbc46a4d.tar.bz2 www-e4076b4a03af0d263c785acdce4ad31afbc46a4d.zip |
Generate WKD for Gentoo developer keys
Diffstat (limited to '_plugins')
-rw-r--r-- | _plugins/wkd.rb | 86 |
1 files changed, 86 insertions, 0 deletions
diff --git a/_plugins/wkd.rb b/_plugins/wkd.rb new file mode 100644 index 0000000..b8cf2f4 --- /dev/null +++ b/_plugins/wkd.rb @@ -0,0 +1,86 @@ +# OpenPGP Web Key Directory implementation +# https://www.ietf.org/id/draft-koch-openpgp-webkey-service-06.txt + +require 'base32' +require 'digest' + +module Gentoo + class WKDGenerator < Jekyll::Generator + KEYRING = '_data/active-devs.gpg' + WKD_DIR = '.well-known/openpgpkey/' + + def generate(site) + # WKD uses z-Base32; replace the alphabet since the standard + # Base32 module supports that and the zBase32 modules are hard to get + Base32.table = 'ybndrfg8ejkmcpqxot1uwisza345h769' + + site.data['userinfo']['current'].each do |nick, details| + begin + fps = details['gpgfp'].map { |fp| fp.gsub(/\s+/, '') } + if not fps.empty? + IO.popen(['gpg', '--no-default-keyring', '--keyring', KEYRING, + '--export', *fps], mode='rb') { |p| + keydata = p.read + if not keydata.empty? + site.pages << WKDFile.new(site, nick, keydata) + end + } + end + rescue + # fail them silently + end + end + + # empty index to hide directory listings + site.pages << WKDIndexFile.new(site) + # policy file is required + site.pages << WKDPolicyFile.new(site) + end + end + + class WKDFile < Jekyll::Page + def initialize(site, nick, keydata) + @site = site + @base = @site.source + @dir = WKDGenerator::WKD_DIR + 'hu/' + @name = Base32.encode(Digest::SHA1.digest(nick.downcase)) + + process(@name) + read_yaml(File.join(@base, '_layouts'), "passthrough.html") + + @content = keydata + end + + def render_with_liquid? + return false + end + end + + class WKDIndexFile < Jekyll::Page + def initialize(site) + @site = site + @base = @site.source + @dir = WKDGenerator::WKD_DIR + 'hu/' + @name = 'index.html' + + process(@name) + read_yaml(File.join(@base, '_layouts'), "passthrough.html") + + @content = '' + end + end + + class WKDPolicyFile < Jekyll::Page + def initialize(site) + @site = site + @base = @site.source + @dir = WKDGenerator::WKD_DIR + @name = 'policy' + + process(@name) + read_yaml(File.join(@base, '_layouts'), "passthrough.html") + + @content = '' + end + end +end |