Last active
August 29, 2015 14:26
-
-
Save luelista/160fda961ffd19662455 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| #Copyright (C) 2015 Max Weller | |
| #This program comes with ABSOLUTELY NO WARRANTY. This is free | |
| #software, and you are welcome to redistribute it under certain | |
| #conditions; see LICENSE for details of the BSD 2-Clause License | |
| if [ $# -eq 0 -o "-h" = "$1" -o "-help" = "$1" -o "--help" = "$1" ]; then | |
| cat <<EOHELP | |
| Usage: $0 MANIFEST PUBKEY... | |
| This script checks autoupdater signatures on manifest files | |
| Pass the filename or url of a manifest file as first parameter | |
| Give all valid public keys as the remaining parameters | |
| EOHELP | |
| exit 1 | |
| fi | |
| if (echo $1 |grep http); then | |
| MANIFEST_FILE=`mktemp` | |
| wget -O "$MANIFEST_FILE" "$1" | |
| if [ $? -ne 0 ]; then echo 'Error downloading manifest file!!!'; exit 42; fi | |
| else | |
| MANIFEST_FILE=$1 | |
| fi | |
| shift | |
| FOR_CHECK=`cat $MANIFEST_FILE | sed '/^---$/q' | sed '$ d'` | |
| SIGS=`cat $MANIFEST_FILE | sed '1,/^---$/d'` | |
| SIGPARA="" | |
| for sig in $SIGS; do | |
| echo "* Signature: $sig" | |
| SIGPARA="$SIGPARA -s $sig" | |
| done | |
| for pubkey in $*; do | |
| echo -n checking $pubkey ... | |
| echo "$FOR_CHECK" | ecdsaverify $SIGPARA -p $pubkey | |
| if [ $? -eq 1 ]; then | |
| echo FAILED | |
| else | |
| echo OK | |
| fi | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment