path: root/abuild-keygen.in


         
#!/bin/sh

# abuild-keygen - generate signing keys
# Copyright (c) 2009 Natanael Copa <ncopa@alpinelinux.org>
#
# Distributed under GPL-2
#

abuild_ver=@VERSION@
datadir=@datadir@

if ! [ -f "$datadir/functions.sh" ]; then
	echo "$datadir/functions.sh: not found" >&2
	exit 1
fi
. "$datadir/functions.sh"


# ask for privkey unless non-interactive mode
# returns value in global $privkey
get_privkey_file() {
	emailaddr=${PACKAGER##*<}
	emailaddr=${emailaddr%%>*}

	# if PACKAGER does not contain a valid email address, then ask git
	if [ -z "$emailaddr" ] || [ "${emailaddr##*@}" = "$emailaddr" ]; then
		emailaddr=$(git config --get user.email 2>/dev/null)
	fi

	if [ -n "$emailaddr" ]; then
		default_name="$emailaddr-$(printf "%x" $(date +%s))"
	else
		default_name="$USER-$(printf "%x" $(date +%s))"
	fi

	privkey="$abuild_home/$default_name.rsa"
	[ "$non_interactive" = "yes" ] && return 0
	echo "Generating public/private rsa key pair for abuild"
	echo -n "Enter file in which to save the key ($abuild_home/$default_name.rsa): "

	read line
	if [ -n "$line" ]; then
		privkey="$line"
	fi
}

do_keygen() {
	mkdir -p "$abuild_home"

	get_privkey_file
	pubkey="$privkey.pub"

	# generate the private key in a subshell with stricter umask
	(
	umask 0007
	openssl genrsa -out "$privkey" 2048
	)
	openssl rsa -in "$privkey" -pubout -out "$pubkey"


	if [ -n "$install_pubkey" ]; then
		msg "Installing $pubkey to /etc/apk/keys..."
		sudo mkdir -p /etc/apk/keys
		sudo cp -i "$pubkey" /etc/apk/keys/
	else

		msg ""
		msg "You'll need to install $pubkey into "
		msg "/etc/apk/keys to be able to install packages and repositories signed with"
		msg "$privkey"
	fi

	if [ -n "$append_config" ]; then
		if [ -f "$abuild_userconf" ]; then
			# comment out the existing values
			sed -i -e 's/^\(PACKAGER_PRIVKEY=.*\)/\#\1/' "$abuild_userconf"
		fi
		echo "PACKAGER_PRIVKEY=\"$privkey\"" >> "$abuild_userconf"
	else
		msg ""
		msg "You might want add following line to $abuild_userconf:"
		msg ""
		msg "PACKAGER_PRIVKEY=\"$privkey\""
		msg ""
	fi

	msg ""
	msg "Please remember to make a safe backup of your private key:"
	msg "$privkey"
	msg ""
}

# print usage and exit
usage() {
	echo "abuild-keygen $abuild_ver"
	echo "usage: abuild-keygen [-ih]"
	echo "options:"
	echo " -a  Set PACKAGER_PRIVKEY=<generated key> in $abuild_userconf"
	echo " -i  Install public key into /etc/apk/keys using sudo"
	echo " -h  Show this help"
	echo " -n  Non-interactive. Use defaults"
	echo " -q  Quiet mode"
	echo ""
	exit 1
}


while getopts "ahinq" opt; do
	case $opt in
	a) append_config=yes;;
	h) usage;;
	i) install_pubkey=yes;;
	n) non_interactive=yes;;
	q) quiet=-quiet;;
	esac
done
shift $(( $OPTIND - 1))

do_keygen
#!/bin/sh

# abuild-keygen - generate signing keys
# Copyright (c) 2009 Natanael Copa <ncopa@alpinelinux.org>
#
# Distributed under GPL-2
#

abuild_ver=@VERSION@
datadir=@datadir@

if ! [ -f "$datadir/functions.sh" ]; then
	echo "$datadir/functions.sh: not found" >&2
	exit 1
fi
. "$datadir/functions.sh"


# ask for privkey unless non-interactive mode
# returns value in global $privkey
get_privkey_file() {
	emailaddr=${PACKAGER##*<}
	emailaddr=${emailaddr%%>*}

	# if PACKAGER does not contain a valid email address, then ask git
	if [ -z "$emailaddr" ] || [ "${emailaddr##*@}" = "$emailaddr" ]; then
		emailaddr=$(git config --get user.email 2>/dev/null)
	fi

	if [ -n "$emailaddr" ]; then
		default_name="$emailaddr-$(printf "%x" $(date +%s))"
	else
		default_name="$USER-$(printf "%x" $(date +%s))"
	fi

	privkey="$abuild_home/$default_name.rsa"
	[ "$non_interactive" = "yes" ] && return 0
	echo "Generating public/private rsa key pair for abuild"
	echo -n "Enter file in which to save the key ($abuild_home/$default_name.rsa): "

	read line
	if [ -n "$line" ]; then
		privkey="$line"
	fi
}

do_keygen() {
	mkdir -p "$abuild_home"

	get_privkey_file
	pubkey="$privkey.pub"

	# generate the private key in a subshell with stricter umask
	(
	umask 0007
	openssl genrsa -out "$privkey" 2048
	)
	openssl rsa -in "$privkey" -pubout -out "$pubkey"


	if [ -n "$install_pubkey" ]; then
		msg "Installing $pubkey to /etc/apk/keys..."
		sudo mkdir -p /etc/apk/keys
		sudo cp -i "$pubkey" /etc/apk/keys/
	else

		msg ""
		msg "You'll need to install $pubkey into "
		msg "/etc/apk/keys to be able to install packages and repositories signed with"
		msg "$privkey"
	fi

	if [ -n "$append_config" ]; then
		if [ -f "$abuild_userconf" ]; then
			# comment out the existing values
			sed -i -e 's/^\(PACKAGER_PRIVKEY=.*\)/\#\1/' "$abuild_userconf"
		fi
		echo "PACKAGER_PRIVKEY=\"$privkey\"" >> "$abuild_userconf"
	else
		msg ""
		msg "You might want add following line to $abuild_userconf:"
		msg ""
		msg "PACKAGER_PRIVKEY=\"$privkey\""
		msg ""
	fi

	msg ""
	msg "Please remember to make a safe backup of your private key:"
	msg "$privkey"
	msg ""
}

# print usage and exit
usage() {
	echo "abuild-keygen $abuild_ver"
	echo "usage: abuild-keygen [-ih]"
	echo "options:"
	echo " -a  Set PACKAGER_PRIVKEY=<generated key> in $abuild_userconf"
	echo " -i  Install public key into /etc/apk/keys using sudo"
	echo " -h  Show this help"
	echo " -n  Non-interactive. Use defaults"
	echo " -q  Quiet mode"
	echo ""
	exit 1
}


while getopts "ahinq" opt; do
	case $opt in
	a) append_config=yes;;
	h) usage;;
	i) install_pubkey=yes;;
	n) non_interactive=yes;;
	q) quiet=-quiet;;
	esac
done
shift $(( $OPTIND - 1))

do_keygen