Last active
February 23, 2017 17:33
-
-
Save lucaswerkmeister/486a3c5d425575671d869d2f54f05096 to your computer and use it in GitHub Desktop.
Print weak signatures of your PGP keys (with GnuPG)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # source: https://www.gnupg.org/documentation/manuals/gpgme/Hash-Algorithms.html | |
| digests=( | |
| nil | |
| MD5 | |
| SHA1 | |
| RMD160 | |
| MD2 | |
| TIGER | |
| HAVAL | |
| SHA256 | |
| SHA384 | |
| SHA512 | |
| SHA224 | |
| MD4 | |
| CRC32 | |
| CRC32_RFC1510 | |
| CRC24_RFC2240 | |
| ) | |
| # read preferred digests | |
| while read -r option_name option_value; do | |
| [[ $option_name == personal-digest-preferences ]] || continue | |
| preferred_digests=($option_value) | |
| done < ~/.gnupg/gpg.conf | |
| read -rp 'Key ID: ' key_id | |
| # see description in /usr/share/doc/gnupg/DETAILS (Org mode; in Emacs: uncollapse headings with TAB) | |
| # shellcheck disable=SC2034 | |
| gpg --list-sigs --with-colons -- "$key_id" | while IFS=: read -r record_type validity key_length public_key_algorithm key_id creation_date expiration_date hash ownertrust user_id signature_class key_capabilities fingerprint flags token hash_algo curve_name; do | |
| [[ $record_type == sig ]] || continue | |
| digest_name=${digests[$hash_algo]} | |
| for ((i=0; i<${#preferred_digests[@]}; i++)); do | |
| if [[ $digest_name == "${preferred_digests[$i]}" ]]; then | |
| continue 2 | |
| fi | |
| done | |
| printf '%16s %s\n' "$digest_name" "$user_id" | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment