Blame SOURCES/gpgverify

396caf
#!/bin/bash
396caf
396caf
# Copyright 2018 B. Persson, Bjorn@Rombobeorn.se
396caf
#
396caf
# This material is provided as is, with absolutely no warranty expressed
396caf
# or implied. Any use is at your own risk.
396caf
#
396caf
# Permission is hereby granted to use or copy this shellscript
396caf
# for any purpose, provided the above notices are retained on all copies.
396caf
# Permission to modify the code and to distribute modified code is granted,
396caf
# provided the above notices are retained, and a notice that the code was
396caf
# modified is included with the above copyright notice.
396caf
396caf
396caf
function print_help {
396caf
    cat <<'EOF'
396caf
Usage: gpgverify --keyring=<pathname> --signature=<pathname> --data=<pathname>
396caf
396caf
gpgverify is a wrapper around gpgv designed for easy and safe scripting. It
396caf
verifies a file against a detached OpenPGP signature and a keyring. The keyring
396caf
shall contain all the keys that are trusted to certify the authenticity of the
396caf
file, and must not contain any untrusted keys.
396caf
396caf
The differences, compared to invoking gpgv directly, are that gpgverify accepts
396caf
the keyring in either ASCII-armored or unarmored form, and that it will not
396caf
accidentally use a default keyring in addition to the specified one.
396caf
396caf
Parameters:
396caf
  --keyring=<pathname>    keyring with all the trusted keys and no others
396caf
  --signature=<pathname>  detached signature to verify
396caf
  --data=<pathname>       file to verify against the signature
396caf
EOF
396caf
}
396caf
396caf
396caf
fatal_error() {
396caf
    message="$1"  # an error message
396caf
    status=$2     # a number to use as the exit code
396caf
    echo "gpgverify: $message" >&2
396caf
    exit $status
396caf
}
396caf
396caf
396caf
require_parameter() {
396caf
    term="$1"   # a term for a required parameter
396caf
    value="$2"  # Complain and terminate if this value is empty.
396caf
    if test -z "${value}" ; then
396caf
        fatal_error "No ${term} was provided." 2
396caf
    fi
396caf
}
396caf
396caf
396caf
check_status() {
396caf
    action="$1"  # a string that describes the action that was attempted
396caf
    status=$2    # the exit code of the command
396caf
    if test $status -ne 0 ; then
396caf
        fatal_error "$action failed." $status
396caf
    fi
396caf
}
396caf
396caf
396caf
# Parse the command line.
396caf
keyring=
396caf
signature=
396caf
data=
396caf
for parameter in "$@" ; do
396caf
    case "${parameter}" in
396caf
        (--help)
396caf
            print_help
396caf
            exit
396caf
            ;;
396caf
        (--keyring=*)
396caf
            keyring="${parameter#*=}"
396caf
            ;;
396caf
        (--signature=*)
396caf
            signature="${parameter#*=}"
396caf
            ;;
396caf
        (--data=*)
396caf
            data="${parameter#*=}"
396caf
            ;;
396caf
        (*)
396caf
            fatal_error "Unknown parameter: \"${parameter}\"" 2
396caf
            ;;
396caf
    esac
396caf
done
396caf
require_parameter 'keyring' "${keyring}"
396caf
require_parameter 'signature' "${signature}"
396caf
require_parameter 'data file' "${data}"
396caf
396caf
# Make a temporary working directory.
396caf
workdir="$(mktemp --directory)"
396caf
check_status 'Making a temporary directory' $?
396caf
workring="${workdir}/keyring.gpg"
396caf
396caf
# Decode any ASCII armor on the keyring. This is harmless if the keyring isn't
396caf
# ASCII-armored.
396caf
gpg2 --homedir="${workdir}" --yes --output="${workring}" --dearmor "${keyring}"
396caf
check_status 'Decoding the keyring' $?
396caf
396caf
# Verify the signature using the decoded keyring.
396caf
gpgv2 --homedir="${workdir}" --keyring="${workring}" "${signature}" "${data}"
396caf
check_status 'Signature verification' $?
396caf
396caf
# (--homedir isn't actually necessary. --dearmor processes only the input file,
396caf
# and if --keyring is used and contains a slash, then gpgv2 uses only that
396caf
# keyring. Thus neither command will look for a default keyring, but --homedir
396caf
# makes extra double sure that no default keyring will be touched in case
396caf
# another version of GPG works differently.)
396caf
396caf
# Clean up. (This is not done in case of an error that may need inspection.)
396caf
rm --recursive --force ${workdir}