diff options
Diffstat (limited to 'contrib/verify-commits/gpg.sh')
| -rwxr-xr-x | contrib/verify-commits/gpg.sh | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/contrib/verify-commits/gpg.sh b/contrib/verify-commits/gpg.sh new file mode 100755 index 0000000000..375d711725 --- /dev/null +++ b/contrib/verify-commits/gpg.sh @@ -0,0 +1,33 @@ +#!/bin/sh +INPUT=$(cat /dev/stdin) +VALID=false +REVSIG=false +IFS=' +' +for LINE in $(echo "$INPUT" | gpg --trust-model always "$@" 2>/dev/null); do + case "$LINE" in + "[GNUPG:] VALIDSIG "*) + while read KEY; do + case "$LINE" in "[GNUPG:] VALIDSIG $KEY "*) VALID=true;; esac + done < ./contrib/verify-commits/trusted-keys + ;; + "[GNUPG:] REVKEYSIG "*) + [ "$BITCOIN_VERIFY_COMMITS_ALLOW_REVSIG" != 1 ] && exit 1 + while read KEY; do + case "$LINE" in "[GNUPG:] REVKEYSIG ${KEY#????????????????????????} "*) + REVSIG=true + GOODREVSIG="[GNUPG:] GOODSIG ${KEY#????????????????????????} " + esac + done < ./contrib/verify-commits/trusted-keys + ;; + esac +done +if ! $VALID; then + exit 1 +fi +if $VALID && $REVSIG; then + echo "$INPUT" | gpg --trust-model always "$@" | grep "\[GNUPG:\] \(NEWSIG\|SIG_ID\|VALIDSIG\)" 2>/dev/null + echo "$GOODREVSIG" +else + echo "$INPUT" | gpg --trust-model always "$@" 2>/dev/null +fi |