Aditya Kulkarni
5 years ago
2 changed files with 119 additions and 2 deletions
@ -0,0 +1,116 @@ |
|||||
|
#!/bin/bash |
||||
|
|
||||
|
# Setup |
||||
|
bold=$(tput bold) |
||||
|
normal=$(tput sgr0) |
||||
|
|
||||
|
# Print the usage and exit |
||||
|
do_help() { |
||||
|
echo "codesign.sh v0.1"; |
||||
|
echo ""; |
||||
|
echo "Sign release binaries with gpg keysigning" |
||||
|
echo ""; |
||||
|
echo "Usage:" |
||||
|
echo "codesign.sh --version [version_id] file [file ...]"; |
||||
|
echo "" |
||||
|
exit 1; |
||||
|
} |
||||
|
|
||||
|
# Print the usage for the version parameter and exit |
||||
|
do_version_missing() { |
||||
|
echo "No release version identifier specified"; |
||||
|
echo "Please specify a release version with ${bold}--version${normal}" |
||||
|
echo |
||||
|
echo "Example:" |
||||
|
echo "./codesign.sh --version 1.4 filename.msi" |
||||
|
exit 1; |
||||
|
} |
||||
|
|
||||
|
# Print the instructions for how to install dependencies |
||||
|
do_missing_command() { |
||||
|
echo "Error: ${bold}$1${normal} was not installed" |
||||
|
echo "" |
||||
|
echo "One or more dependencies are missing. Please install all dependencies by running:" |
||||
|
echo "${bold}brew install gsha256sum gnupg${normal}" |
||||
|
exit 1; |
||||
|
} |
||||
|
|
||||
|
# Print error message for missing private key |
||||
|
do_missing_gpg_key() { |
||||
|
echo "Error: Couldn't find a local private key to sign with." |
||||
|
echo |
||||
|
echo "The command ${bold}gpg -K${normal} didn't return any keys. Did you forget to install the private keys on this machine?" |
||||
|
exit 1; |
||||
|
} |
||||
|
|
||||
|
# Accept the variables as command line arguments as well |
||||
|
POSITIONAL=() |
||||
|
while [[ $# -gt 0 ]] |
||||
|
do |
||||
|
key="$1" |
||||
|
|
||||
|
case $key in |
||||
|
-h|--help) |
||||
|
do_help |
||||
|
;; |
||||
|
-v|--version) |
||||
|
APP_VERSION="$2" |
||||
|
shift # past argument |
||||
|
shift # past value |
||||
|
;; |
||||
|
*) # unknown option |
||||
|
POSITIONAL+=("$1") # save it in an array for later |
||||
|
shift # past argument |
||||
|
;; |
||||
|
esac |
||||
|
done |
||||
|
set -- "${POSITIONAL[@]}" # restore positional parameters |
||||
|
|
||||
|
if [ -z $APP_VERSION ]; then |
||||
|
do_version_missing |
||||
|
fi |
||||
|
|
||||
|
# Check for existance of the gpg and sha256sum commands |
||||
|
hash gsha256sum 2>/dev/null || { |
||||
|
do_missing_command gsha256sum |
||||
|
exit 1; |
||||
|
} |
||||
|
|
||||
|
hash gpg 2>/dev/null || { |
||||
|
do_missing_command gpg |
||||
|
exit 1; |
||||
|
} |
||||
|
|
||||
|
hash zip 2>/dev/null || { |
||||
|
do_missing_command zip |
||||
|
exit 1; |
||||
|
} |
||||
|
|
||||
|
# Check to see that we have a private key installed on this machine |
||||
|
if [[ -z $(gpg -K) ]]; then |
||||
|
do_missing_gpg_key |
||||
|
fi |
||||
|
|
||||
|
PackageContents=() |
||||
|
|
||||
|
# Calculate the sha256sum for all input files |
||||
|
gsha256sum $@ > sha256sum.txt |
||||
|
PackageContents+=("sha256sum.txt") |
||||
|
|
||||
|
# Sign all the files |
||||
|
for var in "$@" |
||||
|
do |
||||
|
rm -f $var.sig |
||||
|
echo "Signing" $var |
||||
|
gpg --batch --output $var.sig --detach-sig $var |
||||
|
PackageContents+=("$var.sig") |
||||
|
done |
||||
|
|
||||
|
# Zip up everything into a neat package |
||||
|
ZipName=signatures-v$APP_VERSION.zip |
||||
|
echo "Zipping files into $ZipName" |
||||
|
rm -f $ZipName |
||||
|
zip $ZipName ${PackageContents[@]} 2>&1 >/dev/null |
||||
|
|
||||
|
# Clean up intermediate files |
||||
|
rm ${PackageContents[@]} |
Loading…
Reference in new issue