-
Notifications
You must be signed in to change notification settings - Fork 0
/
curl_and_gpgverify.sh
70 lines (53 loc) · 1.68 KB
/
curl_and_gpgverify.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
#!/bin/sh
# curl_and_gpgverify.sh - Verifies the GPG file signature.
# shellcheck shell=sh
set -e
usage()
{
cat <<USAGE >&2
Usage:
./curl_and_gpgverify.sh [-v] <url/to/signature> <url/to/file> [keyserver]
Description:
This downloads file to current directory with its GPG signature and verifies.
The keyservers used by default is hkps://keyserver.ubuntu.com.
Use -v option to see the GPG details.
Requires:
curl, gnupg packages.
Note, if any preliminary is missed script will install, use, and remove it.
Examples:
export PARIGP_PREFIX=http://pari.math.u-bordeaux.fr/pub/pari/ && ./curl_and_gpgverify.sh -v "$PARIGP_PREFIX/GP2C/gp2c-0.0.12.tar.gz.asc"\
"$PARIGP_PREFIX/GP2C/gp2c-0.0.12.tar.gz"
USAGE
exit "$1"
}
if [ $# -lt 2 ]; then
usage 1
fi
apk update
missing_prelims=
for prelim in curl gnupg; do
if ! (apk info | grep -w $prelim 1> /dev/null); then
missing_prelims="$missing_prelims $prelim"
fi
done
apk --no-cache add --virtual .prelims $missing_prelims
if [ "$1" = "-v" ]; then
curl_opts=
gpg_redirection=
shift
else
curl_opts=-s
gpg_redirection=1> /dev/null 2>&1
fi
keyserver=${3:-hkps://keyserver.ubuntu.com}
curl $curl_opts --remote-name-all -L "$1" -L "$2"
signature=$(basename "$1")
file=$(basename "$2")
if ! output=$(gpg --verify "$signature" "$file" 2>&1); then
key_footprint=$(echo "$output" | grep -Eo '([0-9A-Z]{16,40})')
gpg --keyserver "$keyserver" --recv-key "$key_footprint" $gpg_redirection
gpg --verify "$signature" "$file" $gpg_redirection
fi
exit_code=$?
apk del .prelims
exit $exit_code