From 9a62271545190f0dd8b348582349a098cb74474a Mon Sep 17 00:00:00 2001
From: Natanael Copa <ncopa@alpinelinux.org>
Date: Wed, 22 Jul 2009 09:46:24 +0000
Subject: abuild-keygen: new utility to generate keys for signing packages

---
 abuild-keygen.in | 65 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 65 insertions(+)
 create mode 100644 abuild-keygen.in

(limited to 'abuild-keygen.in')

diff --git a/abuild-keygen.in b/abuild-keygen.in
new file mode 100644
index 0000000..1e7f12d
--- /dev/null
+++ b/abuild-keygen.in
@@ -0,0 +1,65 @@
+#!/bin/sh
+
+# generate signing keys 
+# Copyright (c) 2009 Natanael Copa <ncopa@alpinelinux.org>
+#
+# Distributed under GPL-2
+#
+# Depends on: busybox utilities, fakeroot, 
+#
+
+abuild_ver=@VERSION@
+sysconfdir=@sysconfdir@
+
+abuild_conf=${ABUILD_CONF:-"$sysconfdir/abuild.conf"}
+abuild_home=${ABUILD_USERDIR:-"$HOME/.abuild"}
+abuild_userconf=${ABUILD_USERCONF:-"$abuild_home/abuild.conf"}
+
+# read config
+[ -f "$abuild_conf" ] && . "$abuild_conf"
+
+# read user config if exists
+[ -f "$abuild_userconf" ] && . "$abuild_userconf"
+
+emailaddr=${PACKAGER##*<}
+emailaddr=${emailaddr%%>*}
+
+# if PACKAGER does not contain a valid email address, then ask git
+if [ -z "$emailaddr" ] || [ "${emailaddr##*@}" = "$emailaddr" ]; then
+	emailaddr=$(git config --get user.email 2>/dev/null)
+fi
+
+if [ -n "$emailaddr" ]; then
+	default_name="$emailaddr"
+else
+	default_name="$USER"
+fi
+
+mkdir -p "$abuild_home"
+
+echo "Generating public/private rsa key pair for abuild"
+echo -n "Enter file in which to save the key ($abuild_home/$default_name.rsa): "
+
+read line
+if [ -z "$line" ]; then
+	privkey="$abuild_home/$default_name.rsa"
+else
+	privkey="$line"
+fi
+pubkey="$privkey.pub"
+
+# generate the private key in a subshell with stricter umask
+(
+umask 0077
+openssl genrsa -out "$privkey" 2048
+)
+openssl rsa -in "$privkey" -pubout -out "$pubkey"
+
+echo ""
+echo "You'll need to install $pubkey into "
+echo "/etc/apk/keys to be able to install packages and repositories signed with"
+echo "$privkey"
+echo ""
+echo "Please remember to make a safe backup of $privkey"
+echo ""
+
-- 
cgit v1.2.3