Overview

File list-apt-key-expiry-dates of Package kimi-utils-ubuntu

#!/usr/bin/env bash
# -*- coding: utf-8 -*-

# ----------------------------------------------------------------------
# List APT key files, show their expiry dates and how many days remain.
# Column 2 (description) is now wrapped to 50 characters.
# ----------------------------------------------------------------------

set -euo pipefail          # strict mode – abort on errors, unset vars, pipe failures
IFS=$'\n\t'                # sane field separator

# ----------------------------------------------------------------------
# Locale & colour handling
# ----------------------------------------------------------------------
export LANG=C               # ensure predictable output from external tools

if tput setaf 1 &>/dev/null; then
    RED=$(tput setaf 1)    # colour for the word “expired”
    GREEN=$(tput setaf 2)  # colour for file paths
    NC=$(tput sgr0)        # reset colour
else
    RED='' GREEN='' NC=''
fi

# ----------------------------------------------------------------------
# Constants
# ----------------------------------------------------------------------
readonly KEYRING_DIR="/etc/apt/trusted.gpg.d"
readonly COL1_W=8          # width of the “Key Type” column
readonly COL2_W=50         # **new** max width of description column

# ----------------------------------------------------------------------
# Helper functions
# ----------------------------------------------------------------------
wrap() {
    # Wrap a string to $COL2_W columns using fmt.
    fmt -w "$COL2_W" <<< "$1"
}

print_header() {
    printf "%-${COL1_W}s  %s\n" "Key Type" "Description"
    printf "%-${COL1_W}s  %s\n" "--------" "-----------"
}

print_row() {
    # Arguments: $1 – key type label, $2 – description text
    local key_type=$1
    local wrapped
    wrapped=$(wrap "$2")
    printf "%-${COL1_W}s  %s\n" "$key_type" "$(head -n1 <<< "$wrapped")"
    tail -n +2 <<< "$wrapped" |
        sed "s/^/$(printf '%*s' $((COL1_W + 2)) '')/"
}

# ----------------------------------------------------------------------
# Validate keyring directory
# ----------------------------------------------------------------------
if [[ ! -d "$KEYRING_DIR" ]]; then
    printf 'Keyring directory %s does not exist.\n' "$KEYRING_DIR" >&2
    exit 1
fi

# ----------------------------------------------------------------------
# Introductory output
# ----------------------------------------------------------------------
echo "Listing APT keys and their expiry dates:"
echo "-----------------------------------------"
echo

# ----------------------------------------------------------------------
# Static key‑type description table (now wrapped at 50 chars)
# ----------------------------------------------------------------------
print_header

print_row "SC"    'This stands for "Signing and Certification." It is a primary key that can sign other keys and certify their authenticity. It is essential for establishing trust in a web of trust model.'
echo

print_row "SCEAR" 'This stands for "Signing, Certification, Encryption, Authentication, and Revocation." It is a more comprehensive key type that can perform all functions of SC, plus it can encrypt data and manage revocation.'
echo

# ----------------------------------------------------------------------
# Process each .gpg file in the keyring
# ----------------------------------------------------------------------
shopt -s nullglob               # skip loop when no .gpg files exist
found_any=false

for key_file in "$KEYRING_DIR"/*.gpg; do
    found_any=true

    printf '%b\n' "${GREEN}${key_file}${NC}"

    gpg --show-key "$key_file" |
    while IFS= read -r line; do
        if [[ $line == pub* ]]; then
            # Highlight “expired” in red
            highlighted=${line//expired/${RED}expired${NC}}
            printf '%b\n' "$highlighted"

            # Extract expiry date (after “expires:” or “expired:”)
            expiry_date=$(grep -oP '(?:expires|expired):\s*\K[^]]+' <<< "$line" || true)

            if [[ -z $expiry_date ]]; then
                echo "This key never expires."
                continue
            fi

            current_date=$(date +%F)                     # YYYY‑MM‑DD
            target_sec=$(date -d "$expiry_date" +%s)
            current_sec=$(date -d "$current_date" +%s)

            diff_sec=$(( target_sec - current_sec ))
            days_left=$(( diff_sec / 86400 ))

            if (( days_left < 0 )); then
                printf 'The date %s is already past (%d day(s) overdue).\n' \
                       "$expiry_date" "$((-days_left))"
            elif (( days_left == 0 )); then
                echo "This key expires today."
            else
                printf '%d day(s) left until %s.\n' "$days_left" "$expiry_date"
            fi
        fi
        # UID lines are currently ignored – placeholder for future use
    done

    echo "-----------------------------------------"
done

if ! $found_any; then
    printf 'No .gpg files found in %s.\n' "$KEYRING_DIR" >&2
    exit 1
fi
openSUSE Build Service is sponsored by
Places