diff options
| -rwxr-xr-x | build-aux/append-signature.sh | 108 |
1 files changed, 108 insertions, 0 deletions
diff --git a/build-aux/append-signature.sh b/build-aux/append-signature.sh new file mode 100755 index 000000000..714d2867f --- /dev/null +++ b/build-aux/append-signature.sh @@ -0,0 +1,108 @@ +#!/bin/sh +# Append a signature to an existing detached signature. +# Copyright (C) 2016 g10 Code GmbH +# +# This file is free software; as a special exception the author gives +# unlimited permission to copy and/or distribute it, with or without +# modifications, as long as this notice is preserved. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the +# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +set -e +PGM="$(basename $0)" +GPGV=gpgv + +# Prints usage information. +usage() +{ + cat <<EOF +Usage: $PGM TARBALL NEWSIGNATURE +Append a signature to an existing detached signature. +Options: + --verbose Print some extra information. + --help Print this help. +EOF + exit $1 +} + +# +# Parse options +# +verbose="" +while [ $# -gt 0 ]; do + case "$1" in + # Set up `optarg'. + --*=*) + optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` + ;; + *) + optarg="" + ;; + esac + + case $1 in + --help|-h) + usage 0 + ;; + --verbose|-v) + verbose="-v" + ;; + --) + break + ;; + -*) + usage 1 1>&2 + ;; + *) + break; + ;; + esac + shift +done + +if [ $# -ne 2 ]; then + usage 1 1>&2 +fi +tarball="$1" +tarballsig="$1".sig +newsig="$2" + +[ -n "$verbose" ] && echo "tarball: $tarball" +[ -n "$verbose" ] && echo "sig ...: $tarballsig" +[ -n "$verbose" ] && echo "newsig : $newsig" + +if ! $GPGV --version >/dev/null 2>/dev/null ; then + echo "${PGM}: Command \"gpgv\" is not installed" >&2 + exit 1 +fi + +distsigkey="/usr/local/share/gnupg/distsigkey.gpg" +if [ ! -f "$distsigkey" ]; then + distsigkey="/usr/share/gnupg/distsigkey.gpg" +fi +if [ ! -f "$distsigkey" ]; then + echo "${PGM}: File \"$distsigkey\" is not installed" >&2 + exit 1 +fi + +if ! $GPGV $verbose --keyring "$distsigkey" \ + -- "$tarballsig" "$tarball" 2>/dev/null ; then + echo "${PGM}: Existing signature '$tarballsig' does not verify" >&2 + exit 1 +fi + +if ! $GPGV $verbose --keyring "$distsigkey" \ + -- "$newsig" "$tarball" 2>/dev/null; then + echo "${PGM}: New signature '$newsig' does not verify" >&2 + exit 1 +fi + +cat "$newsig" >> "$tarballsig" + +if ! $GPGV $verbose --keyring "$distsigkey" \ + -- "$tarballsig" "$tarball"; then + echo "${PGM}: Update signature '$tarballsig' does not verify" >&2 + exit 1 +fi |