From c89e04079cb434e7d0a7de07c4484a83b9be3ad9 Mon Sep 17 00:00:00 2001 From: Michael Wallner Date: Fri, 25 Oct 2019 10:18:06 +0200 Subject: [PATCH] verify signature after build --- bin/gpg-vrfy | 17 +++++++++++++++++ bin/pecl+sig | 5 +++-- bin/rsa-vrfy | 18 ++++++++++++++++++ 3 files changed, 38 insertions(+), 2 deletions(-) create mode 100755 bin/gpg-vrfy create mode 100755 bin/rsa-vrfy diff --git a/bin/gpg-vrfy b/bin/gpg-vrfy new file mode 100755 index 0000000..ff37a95 --- /dev/null +++ b/bin/gpg-vrfy @@ -0,0 +1,17 @@ +#!/usr/bin/env php + \n\n", basename($argv[0])); + exit(1); +} + +list(, $pkg, $src) = $argv; +$basename = basename($src); +$dir = __DIR__."/../public/sigs/$pkg"; + +$cmd = sprintf("gpg --verify %s/%s.asc %s", $dir, $basename, $src); +passthru($cmd); diff --git a/bin/pecl+sig b/bin/pecl+sig index 7c6b9af..b093c0e 100755 --- a/bin/pecl+sig +++ b/bin/pecl+sig @@ -24,10 +24,11 @@ function fail($pkg, $ver, $skp, $fmt) { } function sign($pkg, $ext) { - $fmt = "%s/%s-sign %s %s%s"; + $fmt = "%s/%s-%s %s %s%s"; foreach (["rsa", "gpg"] as $sig) { foreach (["", ".gz", ".bz2"] as $typ) { - passthru(sprintf($fmt, __DIR__, $sig, $pkg, $ext, $typ)); + passthru(sprintf($fmt, __DIR__, $sig, "sign", $pkg, $ext, $typ)); + passthru(sprintf($fmt, __DIR__, $sig, "vrfy", $pkg, $ext, $typ)); } } } diff --git a/bin/rsa-vrfy b/bin/rsa-vrfy new file mode 100755 index 0000000..1d43ec1 --- /dev/null +++ b/bin/rsa-vrfy @@ -0,0 +1,18 @@ +#!/usr/bin/env php + \n\n", basename($argv[0])); + exit(1); +} + +list(, $pkg, $src) = $argv; +$basename = basename($src); +$dir = __DIR__."/../public/sigs/$pkg"; +$pub = __DIR__."/../public/replicator.pub"; + +$cmd = sprintf("openssl dgst -verify %s -signature %s/%s.sig %s", $pub, $dir, $basename, $src); +passthru($cmd); -- 2.30.2