3 unstable releases
0.2.2 | Jan 23, 2025 |
---|---|
0.2.0 | Oct 17, 2024 |
0.1.0 | Oct 15, 2024 |
#1032 in Command line utilities
1.5MB
139 lines
WKD exporter
Exports an OpenPGP keyring into the Web Key Directory directory path.
Use it like this (advanced variant with a domain filter):
$ cargo install wkd-exporter
$ DIR=$(mktemp -d)
$ gpg --export | wkd-exporter --append --domain archlinux.org $DIR
$ tree $DIR | head
/tmp/tmp.ZaHdlAQGRw
└── openpgpkey
└── archlinux.org
├── hu
│ ├── 46yqwra65to1p94e9ebafpucymkwsi7f
│ ├── 9drt4xorn699rkbj5xyq7ykoc1z5nnof
│ ├── 9hy3wi4ewwiicomnjmhewifn6d1gi87i
│ ├── 9sh859e31bn46hmfxyftn3ymop5ewdkz
│ ├── b9qi357oeysqibkxmmh3hanrppd6nj9p
│ ├── btfkn1ht1kzda3e9495fe4sjznkygui4
For smaller deployments, direct variant may be more appropriate:
$ DIR=$(mktemp -d)
$ gpg --export | wkd-exporter --append --direct metacode.biz $DIR
$ tree $DIR | head
/tmp/tmp.cxEBeXnwdv
└── openpgpkey
├── hu
│ └── gebusffkx9g581i6ch4t3ewgwd6dctmp
└── policy
This project can also be used as a library:
use wkd_exporter::{export, Options};
export(
std::fs::File::open("tests/test-cases-default/simple.pgp").expect("file to exist"),
"/tmp/well-known",
Options::default().set_append(true),
).expect("exporting to succeed");
Multiple certificates
The --append
flag causes all certificates sharing the same local part (user
in user@example.com
) to be exported in the same location.
By default the exporter leaves only the last certificate.
Appending allows exporting several certificates, for example when a certificate has been rotated (one is revoked and one is current).
Other workflows may also require multiple certificates, e.g. a code-signing certificate which is different from a regular one.
Note that if the same directory is used for export and --append
flag has been enabled it will cause multiple copies of the same certificate to be present in the target directory.
For that reason it is advisable to use a fresh directory when using --append
.
That is one of the reasons why this flag is not enabled by default (even though it is recommended).
Append may become the default (and a no-op) when certificate merging has been implemented in our backing library.
License
This project is licensed under either of:
at your option.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in this crate by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
Dependencies
~17–25MB
~339K SLoC