summaryrefslogtreecommitdiff
path: root/abuild-keygen.in
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2009-07-22 09:46:24 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2009-07-22 09:46:24 +0000
commit9a62271545190f0dd8b348582349a098cb74474a (patch)
treec20acb15dea8ad13b41568eaf73cf82707301cc0 /abuild-keygen.in
parent3dc07fb7e4acf1c5a2a5b880307961fd1afdb096 (diff)
downloadabuild-9a62271545190f0dd8b348582349a098cb74474a.tar.gz
abuild-9a62271545190f0dd8b348582349a098cb74474a.tar.bz2
abuild-9a62271545190f0dd8b348582349a098cb74474a.tar.xz
abuild-9a62271545190f0dd8b348582349a098cb74474a.zip
abuild-keygen: new utility to generate keys for signing packages
Diffstat (limited to 'abuild-keygen.in')
-rw-r--r--abuild-keygen.in65
1 files changed, 65 insertions, 0 deletions
diff --git a/abuild-keygen.in b/abuild-keygen.in
new file mode 100644
index 0000000..1e7f12d
--- /dev/null
+++ b/abuild-keygen.in
@@ -0,0 +1,65 @@
+#!/bin/sh
+
+# generate signing keys
+# Copyright (c) 2009 Natanael Copa <ncopa@alpinelinux.org>
+#
+# Distributed under GPL-2
+#
+# Depends on: busybox utilities, fakeroot,
+#
+
+abuild_ver=@VERSION@
+sysconfdir=@sysconfdir@
+
+abuild_conf=${ABUILD_CONF:-"$sysconfdir/abuild.conf"}
+abuild_home=${ABUILD_USERDIR:-"$HOME/.abuild"}
+abuild_userconf=${ABUILD_USERCONF:-"$abuild_home/abuild.conf"}
+
+# read config
+[ -f "$abuild_conf" ] && . "$abuild_conf"
+
+# read user config if exists
+[ -f "$abuild_userconf" ] && . "$abuild_userconf"
+
+emailaddr=${PACKAGER##*<}
+emailaddr=${emailaddr%%>*}
+
+# if PACKAGER does not contain a valid email address, then ask git
+if [ -z "$emailaddr" ] || [ "${emailaddr##*@}" = "$emailaddr" ]; then
+ emailaddr=$(git config --get user.email 2>/dev/null)
+fi
+
+if [ -n "$emailaddr" ]; then
+ default_name="$emailaddr"
+else
+ default_name="$USER"
+fi
+
+mkdir -p "$abuild_home"
+
+echo "Generating public/private rsa key pair for abuild"
+echo -n "Enter file in which to save the key ($abuild_home/$default_name.rsa): "
+
+read line
+if [ -z "$line" ]; then
+ privkey="$abuild_home/$default_name.rsa"
+else
+ privkey="$line"
+fi
+pubkey="$privkey.pub"
+
+# generate the private key in a subshell with stricter umask
+(
+umask 0077
+openssl genrsa -out "$privkey" 2048
+)
+openssl rsa -in "$privkey" -pubout -out "$pubkey"
+
+echo ""
+echo "You'll need to install $pubkey into "
+echo "/etc/apk/keys to be able to install packages and repositories signed with"
+echo "$privkey"
+echo ""
+echo "Please remember to make a safe backup of $privkey"
+echo ""
+