feat: add mvp 'make verify' to verify signatures on current digests

2024-03-31 21:13:39 -07:00 · 2024-03-31 21:13:39 -07:00 · 470dad5900
commit 470dad5900
parent dc80893cf7
2 changed files with 17 additions and 0 deletions
--- a/4
+++ b/4
@ -36,6 +36,10 @@ compat:
 preseed:
 	./src/preseed.sh

+.PHONY: verify
+verify:
+	./src/verify.sh
+
 .PHONY: digests
 digests:
 	./src/digests.sh
--- a/src/verify.sh
+++ b/src/verify.sh
@ -0,0 +1,13 @@
+#!/bin/sh
+set -eu
+
+for each in $( \
+    cat digests.txt \
+    | sed 's/\([a-z0-9]\+\) \(.*\)/signatures\/stagex\/\2@sha256=\1/g' \
+); do
+    echo $each;
+    for sig in $(find $each -type f); do
+        cat $sig | /usr/bin/gpg -v 2>&1 > /dev/null \
+            | grep "Good signature" || :
+    done;
+done