1
0

opkg-key 1.0 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556
  1. #!/bin/sh
  2. usage() {
  3. cat <<EOF
  4. Usage: $0 <command> <arguments...>
  5. Commands:
  6. add <file>: Add keyfile <file> to opkg trusted keys
  7. remove <file>: Remove keyfile matching <file> from opkg trusted keys
  8. verify <sigfile> <list>: Check list file <list> against signature file <sigfile>
  9. EOF
  10. exit 1
  11. }
  12. opkg_key_verify() {
  13. local sigfile="$1"
  14. local msgfile="$2"
  15. (
  16. zcat "$msgfile" 2>/dev/null ||
  17. cat "$msgfile" 2>/dev/null
  18. ) | usign -V -P /etc/opkg/keys -q -x "$sigfile" -m -
  19. }
  20. opkg_key_add() {
  21. local key="$1"
  22. [ -n "$key" ] || usage
  23. [ -f "$key" ] || echo "Cannot open file $1"
  24. local fingerprint="$(usign -F -p "$key")"
  25. mkdir -p "/etc/opkg/keys"
  26. cp "$key" "/etc/opkg/keys/$fingerprint"
  27. }
  28. opkg_key_remove() {
  29. local key="$1"
  30. [ -n "$key" ] || usage
  31. [ -f "$key" ] || echo "Cannot open file $1"
  32. local fingerprint="$(usign -F -p "$key")"
  33. rm -f "/etc/opkg/keys/$fingerprint"
  34. }
  35. case "$1" in
  36. add)
  37. shift
  38. opkg_key_add "$@"
  39. ;;
  40. remove)
  41. shift
  42. opkg_key_remove "$@"
  43. ;;
  44. verify)
  45. shift
  46. opkg_key_verify "$@"
  47. ;;
  48. *) usage ;;
  49. esac