|
|
|
@ -2,14 +2,19 @@
|
|
|
|
|
|
|
|
|
|
# Usage: <url> <fpr> <keyring>
|
|
|
|
|
|
|
|
|
|
set -e;
|
|
|
|
|
set -euf;
|
|
|
|
|
|
|
|
|
|
return_code=0;
|
|
|
|
|
readonly keyfile="$(mktemp --dry-run)";
|
|
|
|
|
|
|
|
|
|
mkdir --parents ~/.gnupg;
|
|
|
|
|
chmod "u=rwx,g=,o=" ~/.gnupg;
|
|
|
|
|
|
|
|
|
|
/usr/bin/wget --output-document="$keyfile" -- "$1";
|
|
|
|
|
/usr/bin/gpg2 --dry-run --quiet --import-options import-show --with-colons --import "$keyfile" | awk -F: '$1 == "fpr" { print $10 }' | head --lines=1 | grep --fixed-strings "$2";
|
|
|
|
|
/usr/bin/gpg2 --quiet --no-default-keyring --keyring "$3" --import "$keyfile";
|
|
|
|
|
/usr/bin/wget --quiet --output-document="$keyfile" -- "$1";
|
|
|
|
|
/usr/bin/gpg2 --dry-run --quiet --debug-level 0 --import-options import-show --with-colons --import "$keyfile" | awk -F: '$1 == "fpr" { print $10 }' | head --lines=1 | grep --fixed-strings "$2" > /dev/null;
|
|
|
|
|
readonly return_text="$(/usr/bin/gpg2 --no-default-keyring --keyring "$3" --import "$keyfile" 2>&1)";
|
|
|
|
|
if echo "$return_text" | grep --basic-regexp ' not changed$' > /dev/null; then
|
|
|
|
|
return_code=2;
|
|
|
|
|
fi
|
|
|
|
|
rm "$keyfile";
|
|
|
|
|
exit $return_code;
|
|
|
|
|