diff options
-rw-r--r-- | opkg-key | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/opkg-key b/opkg-key new file mode 100644 index 0000000..ae5e8a4 --- /dev/null +++ b/opkg-key @@ -0,0 +1,56 @@ +#!/bin/sh + +usage() { + cat <<EOF +Usage: $0 <command> <arguments...> +Commands: + add <file>: Add keyfile <file> to opkg trusted keys + remove <file>: Remove keyfile matching <file> from opkg trusted keys + verify <sigfile> <list>: Check list file <list> against signature file <sigfile> + +EOF + exit 1 +} + +opkg_key_verify() { + local sigfile="$1" + local msgfile="$2" + + ( + zcat "$msgfile" 2>/dev/null || + cat "$msgfile" 2>/dev/null + ) | usign -V -P /etc/opkg/keys -q -x "$sigfile" -m - +} + +opkg_key_add() { + local key="$1" + [ -n "$key" ] || usage + [ -f "$key" ] || echo "Cannot open file $1" + local fingerprint="$(usign -F -p "$key")" + mkdir -p "/etc/opkg/keys" + cp "$key" "/etc/opkg/keys/$fingerprint" +} + +opkg_key_remove() { + local key="$1" + [ -n "$key" ] || usage + [ -f "$key" ] || echo "Cannot open file $1" + local fingerprint="$(usign -F -p "$key")" + rm -f "/etc/opkg/keys/$fingerprint" +} + +case "$1" in + add) + shift + opkg_key_add "$@" + ;; + remove) + shift + opkg_key_remove "$@" + ;; + verify) + shift + opkg_key_verify "$@" + ;; + *) usage ;; +esac |