6 function _install_gpg() {
7 if ! (uname -a | grep -i "darwin" > /dev/null); then
8 echo "No gpg installer for Linux yet. Try this instead:"
9 echo " sudo apt install -y gpg gnupg"
13 # Download the latest LTS
14 #curl -fsSL -o ~/Downloads/webi/GnuPG-2.2.32.dmg 'https://sourceforge.net/projects/gpgosx/files/GnuPG-2.2.32.dmg/download'
16 chmod a-w "${WEBI_PKG_DOWNLOAD}"
18 # Mount the DMG in /Volumes
19 hdiutil detach -quiet /Volumes/GnuPG* 2> /dev/null || true
20 hdiutil attach -quiet -readonly "${WEBI_PKG_DOWNLOAD}"
22 # Extract (completely) to ~/Downloads/webi/GnuGP-VERSION.d
23 # (and detach the DMG)
24 rm -rf ~/Downloads/webi/GnuPG-"${WEBI_VERSION}".d
25 pkgutil --expand-full /Volumes/GnuPG*/*.pkg ~/Downloads/webi/GnuPG-"${WEBI_VERSION}".d
26 hdiutil detach -quiet /Volumes/GnuPG*
28 # Move to ~/.local/opt/gnugp (where it belongs!)
29 if [[ ! -e ~/.local/opt/gnupg-"${WEBI_VERSION}" ]]; then
30 mv ~/Downloads/webi/GnuPG-"${WEBI_VERSION}".d/GnuPG.pkg/Payload/ ~/.local/opt/gnupg-"${WEBI_VERSION}"
33 # Update symlink to latest
34 rm -rf ~/.local/opt/gnupg
35 ln -s gnupg-"${WEBI_VERSION}" ~/.local/opt/gnupg
37 pathman add ~/.local/opt/gnupg/bin
38 export PATH="$HOME/.local/opt/gnupg/bin:$PATH"
39 export PATH="$HOME/.local/opt/gnupg/bin/pinentry-mac.app/Contents/MacOS:$PATH"
44 if [[ ! -e ~/.gnupg/gpg-agent.conf ]] || ! grep 'pinentry-program' ~/.gnupg/gpg-agent.conf; then
45 echo "pinentry-program $HOME/.local/opt/gnupg/bin/pinentry-mac.app/Contents/MacOS/pinentry-mac" >> ~/.gnupg/gpg-agent.conf
49 mkdir -p ~/Library/LaunchAgents/
50 launchctl unload -w ~/Library/LaunchAgents/gpg-agent.plist 2> /dev/null || true
51 # TODO download and use sed to replace
52 echo '<?xml version="1.0" encoding="UTF-8"?>
53 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
57 <string>gpg-agent</string>
58 <key>ProgramArguments</key>
60 <string>'"${HOME}"'/.local/opt/gnupg/bin/gpg-connect-agent</string>
61 <string>--agent-program</string>
62 <string>'"${HOME}"'/.local/opt/gnupg/bin/gpg-agent</string>
63 <string>--homedir</string>
64 <string>'"${HOME}"'/.gnupg/</string>
71 <key>WorkingDirectory</key>
72 <string>'"${HOME}"'</string>
74 <key>StandardErrorPath</key>
75 <string>'"${HOME}"'/.local/share/gpg-agent/var/log/gpg-agent.log</string>
76 <key>StandardOutPath</key>
77 <string>'"${HOME}"'/.local/share/gpg-agent/var/log/gpg-agent.log</string>
79 </plist>' > ~/Library/LaunchAgents/gpg-agent.plist
80 launchctl load -w ~/Library/LaunchAgents/gpg-agent.plist
82 ~/.local/opt/gnupg/bin/gpg-connect-agent \
83 --agent-program ~/.local/opt/gnupg/bin/gpg-agent \
87 # (maybe) Create first key
88 if ! gpg --list-secret-keys | grep -q sec; then
93 function _create_gpg_key() {
94 if [[ ! -e ~/.gitconfig ]]; then
98 #grep 'name\s*=' ~/.gitconfig | head -n 1 | cut -d'=' -f2 | sed -e 's/^[\t ]*//'
99 MY_NAME="$(git config --global user.name)"
100 if [[ -z ${MY_NAME} ]]; then
104 # grep 'email\s*=.*@' ~/.gitconfig | tr -d '\t ' | head -n 1 | cut -d'=' -f2
105 MY_EMAIL="$(git config --global user.email)"
106 if [[ -z ${MY_EMAIL} ]]; then
110 MY_HOST="$(hostname)"
112 # Without passphrase:
113 #gpg --batch --generate-key --pinentry=loopback --passphrase=''
115 # With passphrase via macOS Keychain
116 gpg --batch --yes --generate-key << EOF
117 %echo Generating RSA 3072 key
122 Name-Real: ${MY_NAME}
123 Name-Comment: ${MY_HOST}
124 Name-Email: ${MY_EMAIL}