abuild-keygen: new utility to generate keys for signing packages

2025-03-11 06:37:31 +00:00 · 2009-07-22 09:46:24 +00:00 · 2009-07-22 09:46:24 +00:00 · 9a62271545
commit 9a62271545
parent 3dc07fb7e4
2 changed files with 66 additions and 1 deletions
--- a/2
+++ b/2
@ -7,7 +7,7 @@ sysconfdir	?= /etc
 datadir		?= $(prefix)/share/$(PACKAGE)
 apkcache	?= ~/.cache/apks

-SCRIPTS		:= abuild devbuild mkalpine buildrepo
+SCRIPTS		:= abuild devbuild mkalpine buildrepo abuild-keygen
 USR_BIN_FILES	:= $(SCRIPTS) abuild-tar
 SAMPLES		:= sample.APKBUILD sample.initd sample.confd \
 		sample.pre-install sample.post-install
--- a/abuild-keygen.in
+++ b/abuild-keygen.in
@ -0,0 +1,65 @@
+#!/bin/sh
+
+# generate signing keys 
+# Copyright (c) 2009 Natanael Copa <ncopa@alpinelinux.org>
+#
+# Distributed under GPL-2
+#
+# Depends on: busybox utilities, fakeroot, 
+#
+
+abuild_ver=@VERSION@
+sysconfdir=@sysconfdir@
+
+abuild_conf=${ABUILD_CONF:-"$sysconfdir/abuild.conf"}
+abuild_home=${ABUILD_USERDIR:-"$HOME/.abuild"}
+abuild_userconf=${ABUILD_USERCONF:-"$abuild_home/abuild.conf"}
+
+# read config
+[ -f "$abuild_conf" ] && . "$abuild_conf"
+
+# read user config if exists
+[ -f "$abuild_userconf" ] && . "$abuild_userconf"
+
+emailaddr=${PACKAGER##*<}
+emailaddr=${emailaddr%%>*}
+
+# if PACKAGER does not contain a valid email address, then ask git
+if [ -z "$emailaddr" ] || [ "${emailaddr##*@}" = "$emailaddr" ]; then
+	emailaddr=$(git config --get user.email 2>/dev/null)
+fi
+
+if [ -n "$emailaddr" ]; then
+	default_name="$emailaddr"
+else
+	default_name="$USER"
+fi
+
+mkdir -p "$abuild_home"
+
+echo "Generating public/private rsa key pair for abuild"
+echo -n "Enter file in which to save the key ($abuild_home/$default_name.rsa): "
+
+read line
+if [ -z "$line" ]; then
+	privkey="$abuild_home/$default_name.rsa"
+else
+	privkey="$line"
+fi
+pubkey="$privkey.pub"
+
+# generate the private key in a subshell with stricter umask
+(
+umask 0077
+openssl genrsa -out "$privkey" 2048
+)
+openssl rsa -in "$privkey" -pubout -out "$pubkey"
+
+echo ""
+echo "You'll need to install $pubkey into "
+echo "/etc/apk/keys to be able to install packages and repositories signed with"
+echo "$privkey"
+echo ""
+echo "Please remember to make a safe backup of $privkey"
+echo ""
+