anton-ryzhov/gen.sh

## gen.sh
#!/bin/bash

#GPG=gpg
# or
GPG=gpg2


# Create test keys in `original_gnupg_test_home` folder
mkdir original_gnupg_test_home 2>/dev/null
cd original_gnupg_test_home
export GNUPGHOME="$(pwd)"

# Gen key with one subkey
$GPG --gen-key

# Add another one subkey
PRIMARY="$($GPG -K | grep "^sec" | awk '{print $2}' | sed -r 's/[0-9RD]+\///')"
$GPG --edit-key "$PRIMARY" addkey

## runtest.sh
#!/bin/bash

#GPG=gpg
# or
GPG=gpg2

split_and_save()
(
    # Save splitted keyparts to folders
    rm -rf "$1" 2>/dev/null
    mkdir "$1"
    cd "$1"
    (
        mkdir secring
        cd secring
        cat "$GNUPGHOME"/secring.gpg | gpgsplit
    )
    (
        mkdir pubring
        cd pubring
        cat "$GNUPGHOME"/pubring.gpg | gpgsplit
    )
)

# Use temp folder as gnupg home
export GNUPGHOME="$(mktemp -d)"
# Fill it with pre-generated test keys
cp -r original_gnupg_test_home/* "$GNUPGHOME"

export PRIMARY="$($GPG -K | grep "^sec" | awk '{print $2}' | sed -r 's/[0-9RD]+\///')"
export SUBONE="$($GPG -K | grep "^ssb" | head -n 1 | awk '{print $2}' | sed -r 's/[0-9RD]+\///')"
export SUBTWO="$($GPG -K | grep "^ssb" | tail -n 1 | awk '{print $2}' | sed -r 's/[0-9RD]+\///')"

# Split original keyparts for compare in future
split_and_save initial

cat <<EOF

=============================================================
Expire first or second subkey, compare the result

> key 1
> expire
> save

or

> key 2
> expire
> save
=============================================================
Press [Enter] key to continue...
EOF
read

$GPG --edit-key "$PRIMARY"

# Split expired keyparts for compare in future
split_and_save expired

clear


cat <<EOF
=============================================================
In this keyring:
EOF

$GPG -k

# Export secret keys to tempfile
TEMPEXPORT="$(mktemp)"
$GPG --export-secret-keys > "$TEMPEXPORT"
# Use new empty gnupg home
export GNUPGHOME="$(mktemp -d)"
# Import from tempfile
$GPG --import "$TEMPEXPORT" >/dev/null 2>&1

cat <<EOF
=============================================================
After reimporting to new keyring:

EOF

$GPG -k

cat <<EOF

$SUBONE key will disappear if you've edited $SUBTWO, and $SUBTWO is still not expired.

Here is the diff. See which key parts had changed in pub and sec rings.

EOF

diff -r initial expired
	#!/bin/bash

	#GPG=gpg
	# or
	GPG=gpg2


	# Create test keys in `original_gnupg_test_home` folder
	mkdir original_gnupg_test_home 2>/dev/null
	cd original_gnupg_test_home
	export GNUPGHOME="$(pwd)"

	# Gen key with one subkey
	$GPG --gen-key

	# Add another one subkey
	PRIMARY="$($GPG -K \| grep "^sec" \| awk '{print $2}' \| sed -r 's/[0-9RD]+\///')"
	$GPG --edit-key "$PRIMARY" addkey