Created
November 9, 2017 15:03
-
-
Save bdelacretaz/9e25418e68d224de8bd27af89ba65c3b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Script that signs an input file with all keys of a given Apache PMC | |
# Example use: | |
# | |
# ./encrypt.sh https://people.apache.org/keys/group/sling.asc somefile.txt | |
# | |
# To list which keys a file has been encrypted for, use | |
# | |
# gpg --list-only --no-default-keyring --secret-keyring /dev/null <filename> | |
# | |
export KEYS=$1 | |
export IN=$2 | |
export ID=$$ | |
echo "Encrypting $IN with keys found at $KEYS" | |
# import keys into the main keyring, if needed | |
curl -s $KEYS | gpg --import | |
# import keys into a temporary keyring, to be able to list their email addresses | |
curl -s $KEYS | gpg --no-default-keyring --secret-keyring /tmp/sec${ID} --keyring /tmp/pub${ID} --import | |
# define the -r options for encrypting | |
export ROPT=$(gpg --list-keys --no-default-keyring --secret-keyring /tmp/sec${ID} --keyring /tmp/pub${ID} | grep -v 'expired\]' | grep '\<.*@' | cut -d '<' -f2 | cut -d '>' -f1 | sort -u | sed 's/^/-r /') | |
echo "Will encrypt for $ROPT" | |
# encrypt | |
gpg --encrypt --armor $ROPT $IN |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment