1 files changed, 28 insertions, 0 deletions

diff --git a/generate-sekey.sh b/generate-sekey.sh
new file mode 100755
index 00000000..760eaa41
--- /dev/null
+++ b/generate-sekey.sh
@@ -0,0 +1,28 @@
+#!/bin/zsh
+# macOS-only; can assume zsh
+
+set -euo pipefail
+
+host=$1
+pubfile="${HOME}/.ssh/sekey/${host}.pub"
+
+function getKeyForHost () {
+	host=$1
+	sekey --list-keys | awk "\$2 == \"$host\" {print \$4}"
+}
+
+if [[ -z $(getKeyForHost $host) ]]
+then
+	sekey --generate-keypair $host | { ! grep --invert-match "successfully generated" }
+fi
+
+if [[ -f $pubfile ]]
+then
+	echo "Public key ${pubfile} already exists!"
+	echo "You should probably remove it, as there isn't a matching keypair in the Enclave"
+	exit 1
+fi
+
+keyid=$(getKeyForHost $host)
+
+sekey --export-key $keyid | tee "$pubfile"