Created
July 31, 2018 10:50
-
-
Save c00kiemon5ter/c91b0556054291ee9369828108dc3ec8 to your computer and use it in GitHub Desktop.
Sign a pdf with GPG and archive it along with the generated files - used to sign invoices
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # XXX: change XXX_EMAIL_IDENTITY to the email address that holds the sign key | |
| set -e | |
| log() { | |
| msg="$*" | |
| datetime="$(date --utc --iso-8601='ns')" | |
| printf -- ':: %s %s\n' "$datetime" "$msg" | |
| } | |
| input="$1" | |
| if [ -z "$input" ] | |
| then | |
| log "no input. aborting.." | |
| exit 1 | |
| else log "using input: $1" | |
| fi | |
| name="${input%.pdf}" | |
| output_detached="${name}.sig" | |
| output_clearsign="${name}.clearsign.pdf" | |
| archive="${name}.zip" | |
| keyid="$( | |
| gpg --list-key XXX_EMAIL_IDENTITY \ | |
| | awk '$1 == "pub"{sub("^[^/]*/", "", $2); print $2; exit}' | |
| )" | |
| log "using keyid: $keyid" | |
| gpg -u "$keyid" --detach-sig --output="$output_detached" "$input" | |
| if [ "$?" = 0 ] | |
| then log "detached signature success" | |
| else log "detached signature failed" | |
| fi | |
| gpg --verify "$output_detached" "$input" | |
| if [ "$?" = 0 ] | |
| then log "signature is valid" | |
| else log "signature is invalid" | |
| fi | |
| gpg --clearsign --output="$output_clearsign" "$input" | |
| if [ "$?" = 0 ] | |
| then log "clearsign success" | |
| else log "clearsign failed" | |
| fi | |
| zip "$archive" "$input" "$output_detached" "$output_clearsign" | |
| if [ "$?" = 0 ] | |
| then log "archive success" | |
| else log "archive failed" | |
| fi | |
| unzip -vl "$archive" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment