generating revocation certs non-interactively
luis
luis at greenhost.nl
Tue May 5 01:14:27 CEST 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hello everyone,
I am working with a friend on project to try and get lots and lots of
people on encrypted email at an event using something like a photobooth.
At the end of the experience you leave with a keypair and little gift
wrapped with your revocation cert.
To do this efficiently we are using the batch generation option, I have
a set of scripts that can generate the key, copy it to the final user's
media and then shred it. It all works like a charm. Along with the
keypair we would also like to generate a revocation certificate. Keys
are passwordless, so at first I thought that it should be straight forward.
I couldn't find any documentation on how to do the same batch generation
for the revocation certificate. So I'm a little stuck. The --gen-revoke
option prompts the user for 4 questions for a passwordless key, 5 if the
key has a password and I couldn't get around this.
I have tried the python wrapper, but the python API doesn't seem to
expose revocation certificate generation.
Calling the --gen-revoke option in combination with the --batch option
returns:
gpg: can't do this in batch mode
So maybe this is so by design?
How could I get around the interactive process and generate the
certificate programmatically?
I have also tried pexpect to 'mock' user input to bypass interaction, no
success there.
Any help would be greatly appreciated.
Cheers,
Luis.
- --
Luis Fernández
Greenhost - Duurzame Hosting en Digitale Veiligheid
Weesperstraat 3
1018 DN TS Amsterdam
T: 020 489 4349
https://greenhost.nl
You may verify my identity using these weird numbers
7F1D B683 6410 EB2E 4459 0CCA 758D 90BB 2857 4DFE
https://keyserver2.pgp.com/vkd/DownloadKey.event?keyid=0x758D90BB28574DFE
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJVR/1TAAoJEHWNkLsoV03+DAkQAK3yJR99ulztPT7unX7WXTWo
QY3ZtxyBo/Vwh7xRYp34Hv4G8pVC1NCpAiqBZV3EjNl2OG/vB5+8Q5lcsN1eTcLz
UswyaABg8JWXlelGhJrE68Ct6tCIdmRwEJMAoo+eryrhMIGohM8usayUZeK94DyX
ZVOS4byyZb2WVt7axqdcM24VVvO0/nppilOApTBzx5AgHapTLkNOPpCuztjRSuiA
+gT+xBJiPsyAtv50OGgXMGFKCvMLoqUrmiuIqpjfhChOwNge38qte7933T8+sO4b
C61zh1MSfLq1ba/mlDCewL3pCJJBTkQeGyBnq7XNYZsc+voALNlB1O84mONpi9U/
uUpYbT8OU5JfGVNRi6gtFIUlf2hjuFr13E6T+JU5P9Y24mKjWd7mhFOOLbfWCwhR
VKM/sucr1uthPSZE/dIrEjHXh04EaZn6yGjuRSnGttFS9YOVPgfo3ugzolTITl8Z
ZgRSOR2362PJavJCn6OmFd7RZvyaa+vQ+aVQG2+XPTZK/1A7a7Ub0/gPgvAA5zAx
YE6j5rewB6CtLbYyyk3AAM1s2t4W1fpwKazGIFdByuPci0hb4bRkMENiwAY9fITO
iTlB3pK7/3LwwHHl6PsbRbqRD0F2aw+d6NCWiw+UNiELqniZQSsWb4khK5RsvAeD
Cl1/6SCK/dayXn/zQXdq
=lGem
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list