Commit 4998bf68 authored by hark's avatar hark
Browse files

sig verify

parent b5e1f004
......@@ -70,6 +70,22 @@ fi
}
function verify_signature() {
local sigfile=$1 file=$2 out=
# if out=$(gpg --status-fd 1 --verify "$sigfile" "$file" 2>/dev/null) &&
#echo "$out" | grep -qs "^\[GNUPG:\] VALIDSIG $fprint " &&
# echo "$out" | grep -qs "^\[GNUPG:\] TRUST_ULTIMATE\$";
if out=$(gpg --status-fd 1 --verify "$sigfile" "$file" 2>/dev/null) &&
echo "$out" | grep -qs "^\[GNUPG:\] VALIDSIG $fprint ";
then
return 0
else
echo "$out" >&2
return 1
fi
}
function download_and_unpack() {
kernel_version="${stable_version}"
......@@ -92,9 +108,18 @@ function download_and_unpack() {
unxz ${stable_file}
fi
echo "checking sig"
gpg --verify ${stable_sigfile} ${kernel_name}.tar
if [ ! -d ${kernel_name} ]
echo "checking sig"
if verify_signature ${stable_sigfile} ${kernel_name}.tar
then
echo "sig verification good"
else
echo "sig verification failed"
exit 23
fi
if [ ! -d ${kernel_name} ]
then
echo "unpacking"
tar -xvf ${kernel_name}.tar
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment