mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-25 15:27:03 +01:00
109 lines
2.4 KiB
Bash
109 lines
2.4 KiB
Bash
|
#!/bin/sh
|
||
|
# Append a signature to an existing detached signature.
|
||
|
# Copyright (C) 2016 g10 Code GmbH
|
||
|
#
|
||
|
# This file is free software; as a special exception the author gives
|
||
|
# unlimited permission to copy and/or distribute it, with or without
|
||
|
# modifications, as long as this notice is preserved.
|
||
|
#
|
||
|
# This program is distributed in the hope that it will be useful, but
|
||
|
# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
|
||
|
# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||
|
|
||
|
set -e
|
||
|
PGM="$(basename $0)"
|
||
|
GPGV=gpgv
|
||
|
|
||
|
# Prints usage information.
|
||
|
usage()
|
||
|
{
|
||
|
cat <<EOF
|
||
|
Usage: $PGM TARBALL NEWSIGNATURE
|
||
|
Append a signature to an existing detached signature.
|
||
|
Options:
|
||
|
--verbose Print some extra information.
|
||
|
--help Print this help.
|
||
|
EOF
|
||
|
exit $1
|
||
|
}
|
||
|
|
||
|
#
|
||
|
# Parse options
|
||
|
#
|
||
|
verbose=""
|
||
|
while [ $# -gt 0 ]; do
|
||
|
case "$1" in
|
||
|
# Set up `optarg'.
|
||
|
--*=*)
|
||
|
optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'`
|
||
|
;;
|
||
|
*)
|
||
|
optarg=""
|
||
|
;;
|
||
|
esac
|
||
|
|
||
|
case $1 in
|
||
|
--help|-h)
|
||
|
usage 0
|
||
|
;;
|
||
|
--verbose|-v)
|
||
|
verbose="-v"
|
||
|
;;
|
||
|
--)
|
||
|
break
|
||
|
;;
|
||
|
-*)
|
||
|
usage 1 1>&2
|
||
|
;;
|
||
|
*)
|
||
|
break;
|
||
|
;;
|
||
|
esac
|
||
|
shift
|
||
|
done
|
||
|
|
||
|
if [ $# -ne 2 ]; then
|
||
|
usage 1 1>&2
|
||
|
fi
|
||
|
tarball="$1"
|
||
|
tarballsig="$1".sig
|
||
|
newsig="$2"
|
||
|
|
||
|
[ -n "$verbose" ] && echo "tarball: $tarball"
|
||
|
[ -n "$verbose" ] && echo "sig ...: $tarballsig"
|
||
|
[ -n "$verbose" ] && echo "newsig : $newsig"
|
||
|
|
||
|
if ! $GPGV --version >/dev/null 2>/dev/null ; then
|
||
|
echo "${PGM}: Command \"gpgv\" is not installed" >&2
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
distsigkey="/usr/local/share/gnupg/distsigkey.gpg"
|
||
|
if [ ! -f "$distsigkey" ]; then
|
||
|
distsigkey="/usr/share/gnupg/distsigkey.gpg"
|
||
|
fi
|
||
|
if [ ! -f "$distsigkey" ]; then
|
||
|
echo "${PGM}: File \"$distsigkey\" is not installed" >&2
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
if ! $GPGV $verbose --keyring "$distsigkey" \
|
||
|
-- "$tarballsig" "$tarball" 2>/dev/null ; then
|
||
|
echo "${PGM}: Existing signature '$tarballsig' does not verify" >&2
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
if ! $GPGV $verbose --keyring "$distsigkey" \
|
||
|
-- "$newsig" "$tarball" 2>/dev/null; then
|
||
|
echo "${PGM}: New signature '$newsig' does not verify" >&2
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
cat "$newsig" >> "$tarballsig"
|
||
|
|
||
|
if ! $GPGV $verbose --keyring "$distsigkey" \
|
||
|
-- "$tarballsig" "$tarball"; then
|
||
|
echo "${PGM}: Update signature '$tarballsig' does not verify" >&2
|
||
|
exit 1
|
||
|
fi
|