add ceremony.sh

2024-08-x/prod/qkm-key/ceremony.sh

@@ -0,0 +1,28 @@
+#!/bin/sh
+
+read -p "Generate hardware interrupt entropy by typing randomly on keyboard" entropy
+
+mount
+
+read -p "Provide the path to PGP certificates which will be used for the ceremony: " absolute_path
+
+if [ ! -d "$absolute_path" ]; then
+echo "Directory does not exist. Please enter a valid absolute path."
+exit 1
+fi
+
+for file in "$absolute_path"/keys/*; do
+if [ -f "$file" ]; then
+    echo "Processing file: $file"
+    gpg --import --import-options import-show $file
+fi
+done
+
+read -p "Do the PGP key IDs match what you expect? (y/n): " matches_expectation
+
+if [ "$matches_expectation" != "y" ]; then
+echo "Ceasing ceremony as PGP key IDs don't match"
+exit 1
+fi
+
+keyfork wizard bottoms-up --threshold 2 --output-cert "$absolute_path"/cert --output-shardfile "$absolute_path"/shardfile --user-id "Distrust QKM Ceremony" "$absolute_path"/keys