blob: 714d2867f2cfe85a06e94e61b61a621e73e4409d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
#!/bin/sh
# Append a signature to an existing detached signature.
# Copyright (C) 2016 g10 Code GmbH
#
# This file is free software; as a special exception the author gives
# unlimited permission to copy and/or distribute it, with or without
# modifications, as long as this notice is preserved.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
set -e
PGM="$(basename $0)"
GPGV=gpgv
# Prints usage information.
usage()
{
cat <<EOF
Usage: $PGM TARBALL NEWSIGNATURE
Append a signature to an existing detached signature.
Options:
--verbose Print some extra information.
--help Print this help.
EOF
exit $1
}
#
# Parse options
#
verbose=""
while [ $# -gt 0 ]; do
case "$1" in
# Set up `optarg'.
--*=*)
optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'`
;;
*)
optarg=""
;;
esac
case $1 in
--help|-h)
usage 0
;;
--verbose|-v)
verbose="-v"
;;
--)
break
;;
-*)
usage 1 1>&2
;;
*)
break;
;;
esac
shift
done
if [ $# -ne 2 ]; then
usage 1 1>&2
fi
tarball="$1"
tarballsig="$1".sig
newsig="$2"
[ -n "$verbose" ] && echo "tarball: $tarball"
[ -n "$verbose" ] && echo "sig ...: $tarballsig"
[ -n "$verbose" ] && echo "newsig : $newsig"
if ! $GPGV --version >/dev/null 2>/dev/null ; then
echo "${PGM}: Command \"gpgv\" is not installed" >&2
exit 1
fi
distsigkey="/usr/local/share/gnupg/distsigkey.gpg"
if [ ! -f "$distsigkey" ]; then
distsigkey="/usr/share/gnupg/distsigkey.gpg"
fi
if [ ! -f "$distsigkey" ]; then
echo "${PGM}: File \"$distsigkey\" is not installed" >&2
exit 1
fi
if ! $GPGV $verbose --keyring "$distsigkey" \
-- "$tarballsig" "$tarball" 2>/dev/null ; then
echo "${PGM}: Existing signature '$tarballsig' does not verify" >&2
exit 1
fi
if ! $GPGV $verbose --keyring "$distsigkey" \
-- "$newsig" "$tarball" 2>/dev/null; then
echo "${PGM}: New signature '$newsig' does not verify" >&2
exit 1
fi
cat "$newsig" >> "$tarballsig"
if ! $GPGV $verbose --keyring "$distsigkey" \
-- "$tarballsig" "$tarball"; then
echo "${PGM}: Update signature '$tarballsig' does not verify" >&2
exit 1
fi
|
