VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2024-08-25 18:56:41 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2024-08-25 18:56:41 +0200
commitfa874cc611eb09ae5b6ec3598a23f72de858ad0a (patch)
tree15d449f15230bfd1b36bdb526e1456d0ddb99ce7 /src
parentaf734f41dfe844c473275337179222aa7112e995 (diff)
downloadVeraCrypt-fa874cc611eb09ae5b6ec3598a23f72de858ad0a.tar.gz
VeraCrypt-fa874cc611eb09ae5b6ec3598a23f72de858ad0a.zip
Linux: Add script to sign generated rpms
Diffstat (limited to 'src')
-rw-r--r--src/Build/sign_rpm.sh54
1 files changed, 54 insertions, 0 deletions
diff --git a/src/Build/sign_rpm.sh b/src/Build/sign_rpm.sh
new file mode 100644
index 00000000..9abc041e
--- /dev/null
+++ b/src/Build/sign_rpm.sh
@@ -0,0 +1,54 @@
+#!/bin/bash
+
+# Function to display usage information
+usage() {
+ echo "Usage: $0 <directory>"
+ exit 1
+}
+
+# Check if a directory was provided as an argument
+if [ $# -ne 1 ]; then
+ usage
+fi
+
+DIRECTORY="$1"
+
+# Check if the specified directory exists
+if [ ! -d "$DIRECTORY" ]; then
+ echo "Error: Directory '$DIRECTORY' does not exist."
+ exit 1
+fi
+
+# Check if there are any RPM files in the directory
+shopt -s nullglob # Make the glob return an empty array if no match
+rpm_files=("$DIRECTORY"/*.rpm)
+
+if [ ${#rpm_files[@]} -eq 0 ]; then
+ echo "No RPM files found in directory '$DIRECTORY'."
+ exit 0
+fi
+
+# Iterate over each RPM file in the directory
+for rpm_file in "${rpm_files[@]}"; do
+ echo "Processing $rpm_file..."
+
+ # Remove the existing signature if any
+ echo "Removing existing signature from $rpm_file (if any)..."
+ rpmsign --delsign "$rpm_file" || {
+ echo "Failed to remove signature from $rpm_file."
+ exit 1
+ }
+
+ # Sign the RPM file
+ echo "Signing $rpm_file..."
+ rpmsign --define "_gpg_name veracrypt@idrix.fr" \
+ --define "_gpg_digest_algo sha512" \
+ --define "_source_filedigest_algorithm 10" \
+ --define "_binary_filedigest_algorithm 10" \
+ --addsign "$rpm_file" || {
+ echo "Failed to sign $rpm_file. Aborting."
+ exit 1
+ }
+
+ echo "Successfully signed $rpm_file."
+done