sign.sh 1.5 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061
  1. #!/bin/sh
  2. # Generate GPG signatures on a PuTTY release/snapshot directory as
  3. # delivered by Buildscr.
  4. # Usage: sh sign.sh [-r] <builddir>
  5. # e.g. sh sign.sh putty (probably in the build.out directory)
  6. # or sh sign.sh -r 0.60 (-r means use the release keys)
  7. set -e
  8. keyname=10625E553F53FAAD
  9. preliminary=false
  10. while :; do
  11. case "$1" in
  12. -r)
  13. shift
  14. keyname=1993D21BCAD1AA77
  15. ;;
  16. -p)
  17. shift
  18. preliminary=true
  19. ;;
  20. -*)
  21. echo "Unknown option '$1'" >&2
  22. exit 1
  23. ;;
  24. *)
  25. break
  26. ;;
  27. esac
  28. done
  29. sign() {
  30. # Check for the prior existence of the signature, so we can
  31. # re-run this script if it encounters an error part way
  32. # through.
  33. echo "----- Signing $2 with key '$keyname'"
  34. test -f "$3" || \
  35. gpg "$1" -u "$keyname" -o "$3" "$2"
  36. }
  37. cd "$1"
  38. echo "===== Signing with key '$keyname'"
  39. if $preliminary; then
  40. sign --clearsign sha512sums ../sha512sums-preliminary.gpg
  41. else
  42. for i in putty*src.zip putty*.tar.gz \
  43. w32/*.exe w32/*.zip w32/*.msi \
  44. w64/*.exe w64/*.zip w64/*.msi \
  45. wa32/*.exe wa32/*.zip wa32/*.msi \
  46. wa64/*.exe wa64/*.zip wa64/*.msi \
  47. w32old/*.exe w32old/*.zip; do
  48. sign --detach-sign "$i" "$i.gpg"
  49. done
  50. for i in md5sums sha1sums sha256sums sha512sums; do
  51. sign --clearsign "$i" "$i.gpg"
  52. done
  53. fi