On Thu, 17 Apr 2008 01:49, [EMAIL PROTECTED] said: > Meenal Pant wrote: >> Hello all, >> Can the "gpg --gen-revoke user" command be executed in batch mode? I am >> trying to generate revocation certificate for a gpg keypair through a >> Python script. > > [EMAIL PROTECTED] ~ > $ gpg --batch --yes --gen-revoke "Test Key" > foo.asc > gpg: can't do this in batch mode
Right. The only way to do this from scripts is by using: gpg2 --status-fd 2 --command-fd 0 --gen-revoke foo The script needs to parse the status and react on it accordingly. Here is a sample: $ gpg2 --status-fd 2 --command-fd 0 --gen-revoke joe sec 1024D/9CD9FD55 2000-12-14 Joe Random Hacker [GNUPG:] GET_BOOL gen_revoke.okay y [GNUPG:] GOT_IT Please select the reason for the revocation: 0 = No reason specified 1 = Key has been compromised 2 = Key is superseded 3 = Key is no longer used Q = Cancel (Probably you want to select 1 here) [GNUPG:] GET_LINE ask_revocation_reason.code 0 [GNUPG:] GOT_IT Enter an optional description; end it with an empty line: [GNUPG:] GET_LINE ask_revocation_reason.text Pre-created revocation. [GNUPG:] GOT_IT [GNUPG:] GET_LINE ask_revocation_reason.text [GNUPG:] GOT_IT Reason for revocation: No reason specified Pre-created revocation. [GNUPG:] GET_BOOL ask_revocation_reason.okay y [GNUPG:] GOT_IT NOTE: This key is not protected! ASCII armored output forced. [GNUPG:] GOOD_PASSPHRASE I have not indented the answers sent to stdin on response to the GET_foo lines. The script should parse the tags after the GET_foo to see what has been requested and best use FSM to process this. Unknown tags should be answered with just a LF. Of course you would use the fingerprint of the key and not just the name to invoking the command. As a quick solution for unattended key generation I am going to add a "%revokefile" command to write a simple revocation certificate to the given file after key generation. Shalom-Salam, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users