#!/bin/bash # Part of SMLinux distribution set -e # Section names SECTIONS=( qt5 ) # Archive files ARCHIVEFILES=( *.tar.* *.zip *.t?z ) # Patch files PATCHFILES=( *.patch *.diff ) # Miscellaneous files apart from the above patches MISCFILES=( *.c *.h ) # Checksum digest to be used along with arguments CHECKSUMBINARY="sha512sum --tag" # Path to the signify secret key SECKEY=/etc/smlinux/1.0/smlinux.sec # Path to the signify public key PUBKEY=/etc/smlinux/1.0/smlinux.pub # Path to signify binary SIGNIFY="/bin/signify" if [ ! -f "$SECKEY" ] ; then echo "Public key $SECKEY not found. Exiting!" exit 1 fi if [ ! -f "$PUBKEY" ] ; then echo "Public key $PUBKEY not found. Exiting!" exit 1 fi if [ ! -x "$SIGNIFY" ] ; then echo "$SIGNIFY binary not found. Exiting!" exit 1 fi # Function to generate usage options ckusage() { cat << EOF mkchecksums is a tool to generate, verify and discard SHA512 checksum files of all source tarballs defined in this file including patches in package directories. The checksum file is placed in a section's package source directory when by the name of checksum.. This program takes only one argument. Usage: ${0##*/} [ -cc | -vv | -dd | -c | -v | -d ] Options: -h Display this help screen. -cc Create checksum files in the current directory. ** This will discard existing checksum files! ** -vv Verify checksum files in the current directory. -dd Discard all checksum files in the current directory. -c Create checksum files for multiple directories. Checksum files are created by cd'ing into package directories in the defined sections in this program. ** This will discard existing checksum files! ** -v Verify all checksum files in the same manner above. -d Discard all checksum files. EOF } if [ -z "$1" ] ; then ckusage exit 0 fi ckdirs() { if [ -n "$1" ] ; then for SECTION in ${SECTIONS[@]} ; do if [ ! -d "$SECTION" ]; then echo "Section directory $SECTION does not exist. Exiting!" exit 1 fi done fi } ckcreatesingle() { if [ -n "$APP" ] ; then PACKAGE="$APP" else PACKAGE="$(basename $PWD)" fi echo "Discarding any old checksum files and creating a fresh one here" rm -f "$PACKAGE".CHK* for ARCHIVEFILE in ${ARCHIVEFILES[@]} ; do if [ -f "$ARCHIVEFILE" ] ; then $CHECKSUMBINARY $ARCHIVEFILE >> "$PACKAGE.CHKSUM512" fi done for PATCHFILE in ${PATCHFILES[@]} ; do if [ -f "$PATCHFILE" ] ; then $CHECKSUMBINARY $PATCHFILE >> "$PACKAGE.CHKSUM512" fi done for MISCFILE in ${MISCFILES[@]} ; do if [ -f "$MISCFILE" ]; then $CHECKSUMBINARY $MISCFILE >> "$PACKAGE.CHKSUM512" fi done # Sign the $PACKAGE.checksums file with signify $SIGNIFY -S -s $SECKEY -m "$PACKAGE.CHKSUM512" -x "$PACKAGE.CHKSUM512.sig" # Cat the $PACKAGE.checksums INTO $PACKAGE.checksums.sig. cat "$PACKAGE.CHKSUM512" >> "$PACKAGE.CHKSUM512.sig" echo " done" } ckverifysingle() { if [ -n "$APP" ] ; then PACKAGE="$APP" else PACKAGE="$(basename $PWD)" fi echo "" echo "Verifying checksum files for $PACKAGE using signify tool... " # First verify the checksum signature file echo "Verifying $PACKAGE.CHKSUM512.sig..." $SIGNIFY -C -p $PUBKEY -x "$PACKAGE.CHKSUM512.sig" # Then verify the checksum file echo "Verifying $PACKAGE.CHKSUM512..." $SIGNIFY -V -p $PUBKEY -m "$PACKAGE.CHKSUM512" echo "done" echo "" } ckdiscardsingle() { if [ -n "$APP" ] ; then PACKAGE="$APP" else PACKAGE="$(basename $PWD)" fi if [ -f "$PACKAGE".CHKSUM512 ] ; then echo "Discarding checksum file for $PACKAGE..." rm -fv "$PACKAGE".CHK* fi } ckcreate() { ckdirs for SECTION in ${SECTIONS[@]} ; do cd $SECTION for PACKAGE in * ; do if [ -d "$PACKAGE" ]; then cd $PACKAGE echo "Discarding any old checksum files and creating a fresh one" echo "inside package directory '"$SECTION/$PACKAGE"'..." rm -f "$PACKAGE".CHK* for ARCHIVEFILE in ${ARCHIVEFILES[@]} ; do if [ -f "$ARCHIVEFILE" ] ; then $CHECKSUMBINARY $ARCHIVEFILE >> "$PACKAGE.CHKSUM512" fi done for PATCHFILE in ${PATCHFILES[@]} ; do if [ -f "$PATCHFILE" ] ; then $CHECKSUMBINARY $PATCHFILE >> "$PACKAGE.CHKSUM512" fi done for MISCFILE in ${MISCFILES[@]} ; do if [ -f "$MISCFILE" ]; then $CHECKSUMBINARY $MISCFILE >> "$PACKAGE.CHKSUM512" fi done # Sign the $PACKAGE.checksums file with signify $SIGNIFY -S -s $SECKEY -m "$PACKAGE.CHKSUM512" -x "$PACKAGE.CHKSUM512.sig" # Cat the $PACKAGE.checksums INTO $PACKAGE.checksums.sig. cat "$PACKAGE.CHKSUM512" >> "$PACKAGE.CHKSUM512.sig" echo " done" cd .. fi done cd .. done } ckverify() { ckdirs for SECTION in ${SECTIONS[@]} ; do cd $SECTION for PACKAGE in * ; do if [ -d "$PACKAGE" ]; then cd $PACKAGE echo "" echo "Verifying checksum file for '"$PACKAGE"' inside package directory" echo "'"$SECTION/$PACKAGE"'..." # First verify the checksum signature file echo "Verifying $PACKAGE.CHKSUM512.sig..." $SIGNIFY -C -p $PUBKEY -x "$PACKAGE.CHKSUM512.sig" # Then verify the checksum file echo "Verifying $PACKAGE.CHKSUM512..." $SIGNIFY -V -p $PUBKEY -m "$PACKAGE.CHKSUM512" cd .. fi done cd .. done } ckdiscard() { ckdirs for SECTION in ${SECTIONS[@]} ; do cd $SECTION for PACKAGE in * ; do if [ -d "$PACKAGE" ]; then cd $PACKAGE if [ -f "$PACKAGE".CHKSUM512 ] ; then echo "Discarding checksum file for '"$PACKAGE"' inside package directory" echo "'$SECTION/$PACKAGE'..." rm -fv "$PACKAGE".CHK* fi cd .. fi done cd .. done } while [ "$#" -gt "0" ] ; do if [ "$1" = "-h" ] ; then ckusage exit 0 elif [ "$1" = "-cc" ] ; then ckcreatesingle exit 0 elif [ "$1" = "-vv" ] ; then ckverifysingle exit 0 elif [ "$1" = "-dd" ] ; then ckdiscardsingle exit 0 elif [ "$1" = "-c" ] ; then ckcreate exit 0 elif [ "$1" = "-v" ] ; then ckverify exit 0 elif [ "$1" = "-d" ] ; then ckdiscard exit 0 else echo "${0##*/}: Unknown option: $1" echo "Try: $0 -h" exit 1 fi done