#!/bin/sh # generate signing keys # Copyright (c) 2009 Natanael Copa # # Distributed under GPL-2 # # Depends on: busybox utilities, fakeroot, # abuild_ver=@VERSION@ sysconfdir=@sysconfdir@ abuild_conf=${ABUILD_CONF:-"$sysconfdir/abuild.conf"} abuild_home=${ABUILD_USERDIR:-"$HOME/.abuild"} abuild_userconf=${ABUILD_USERCONF:-"$abuild_home/abuild.conf"} usage() { echo "abuild-keygen $abuild_ver" echo "usage: abuild-keygen [-ih]" echo "options:" echo " -i Install public key into /etc/apk/keys using sudo" echo " -h Show this help" echo "" exit 1 } # read config [ -f "$abuild_conf" ] && . "$abuild_conf" # read user config if exists [ -f "$abuild_userconf" ] && . "$abuild_userconf" emailaddr=${PACKAGER##*<} emailaddr=${emailaddr%%>*} # if PACKAGER does not contain a valid email address, then ask git if [ -z "$emailaddr" ] || [ "${emailaddr##*@}" = "$emailaddr" ]; then emailaddr=$(git config --get user.email 2>/dev/null) fi if [ -n "$emailaddr" ]; then default_name="$emailaddr" else default_name="$USER" fi while getopts "hi" opt; do case $opt in h) usage;; i) install_pubkey=yes; esac done shift $(( $OPTIND - 1)) mkdir -p "$abuild_home" echo "Generating public/private rsa key pair for abuild" echo -n "Enter file in which to save the key ($abuild_home/$default_name.rsa): " read line if [ -z "$line" ]; then privkey="$abuild_home/$default_name.rsa" else privkey="$line" fi pubkey="$privkey.pub" # generate the private key in a subshell with stricter umask ( umask 0077 openssl genrsa -out "$privkey" 2048 ) openssl rsa -in "$privkey" -pubout -out "$pubkey" if [ -n "$install_pubkey" ]; then echo "Installing $pubkey to /etc/apk/keys..." sudo mkdir -p /etc/apk/keys sudo cp -i "$pubkey" /etc/apk/keys/ else echo "" echo "You'll need to install $pubkey into " echo "/etc/apk/keys to be able to install packages and repositories signed with" echo "$privkey" fi echo "" echo "Please remember to make a safe backup of $privkey" echo ""