#!/bin/sh # generate signing keys # Copyright (c) 2009 Natanael Copa # # Distributed under GPL-2 # # Depends on: busybox utilities, fakeroot, # abuild_ver=@VERSION@ sysconfdir=@sysconfdir@ abuild_conf=${ABUILD_CONF:-"$sysconfdir/abuild.conf"} abuild_home=${ABUILD_USERDIR:-"$HOME/.abuild"} abuild_userconf=${ABUILD_USERCONF:-"$abuild_home/abuild.conf"} usage() { echo "abuild-keygen $abuild_ver" echo "usage: abuild-keygen [-ih]" echo "options:" echo " -a Set PACKAGER_PRIVKEY= in $abuild_userconf" echo " -i Install public key into /etc/apk/keys using sudo" echo " -h Show this help" echo "" exit 1 } # read config [ -f "$abuild_conf" ] && . "$abuild_conf" # read user config if exists [ -f "$abuild_userconf" ] && . "$abuild_userconf" emailaddr=${PACKAGER##*<} emailaddr=${emailaddr%%>*} # if PACKAGER does not contain a valid email address, then ask git if [ -z "$emailaddr" ] || [ "${emailaddr##*@}" = "$emailaddr" ]; then emailaddr=$(git config --get user.email 2>/dev/null) fi if [ -n "$emailaddr" ]; then default_name="$emailaddr-$(printf "%x" $(date +%s))" else default_name="$USER-$(printf "%x" $(date +%s))" fi while getopts "ahi" opt; do case $opt in a) append_config=yes;; h) usage;; i) install_pubkey=yes; esac done shift $(( $OPTIND - 1)) mkdir -p "$abuild_home" echo "Generating public/private rsa key pair for abuild" echo -n "Enter file in which to save the key ($abuild_home/$default_name.rsa): " read line if [ -z "$line" ]; then privkey="$abuild_home/$default_name.rsa" else privkey="$line" fi pubkey="$privkey.pub" # generate the private key in a subshell with stricter umask ( umask 0007 openssl genrsa -out "$privkey" 2048 ) openssl rsa -in "$privkey" -pubout -out "$pubkey" if [ -n "$install_pubkey" ]; then echo "Installing $pubkey to /etc/apk/keys..." sudo mkdir -p /etc/apk/keys sudo cp -i "$pubkey" /etc/apk/keys/ else echo "" echo "You'll need to install $pubkey into " echo "/etc/apk/keys to be able to install packages and repositories signed with" echo "$privkey" fi if [ -n "$append_config" ]; then if [ -f "$abuild_userconf" ]; then # comment out the existing values sed -i -e 's/^\(PACKAGER_PRIVKEY=.*\)/\#\1/' "$abuild_userconf" fi echo "PACKAGER_PRIVKEY=\"$privkey\"" >> "$abuild_userconf" else echo "" echo "You might want add following line to $abuild_userconf:" echo "" echo "PACKAGER_PRIVKEY=\"$privkey\"" echo "" fi echo "" echo "Please remember to make a safe backup of your private key:" echo "$privkey" echo ""