add scripts for signing

scripts/check.sh

@@ -0,0 +1,99 @@
+#!/bin/bash
+file="$1"
+
+### signatures ###
+public=(
+	"16b0e942929d6592d4a01b66b334427ba4db03b388a876432958d9010bd8d8b5"
+	"b0197042824a752c2dba717a4b2ded88852111bbe12e6b5f57fdfa3abb9312c0"
+	"ba2e6ff4de41ade9959702195d4c26c764e7aab85c627363681c29dbc4a8a2c5"
+	"a4da8601d27c73a22094a98b02501367c451f364aaabfcf5c597784bf272429c"
+	"fb9d6beba63dcb6175d0248c1e743b5fe4359474eb264d27f389d7a962e24477"
+	"f70f9ddeb307fff8fca31a76f4fbd0ac676dab8ad143625f0a4160d434d72876"
+	"9841dde0b9f6485d5fcdc858fb15c1db1c3bc77fb81aef3f0d4b835f76a3d73b"
+	"39ef16b1853e54249dae2d06948329a93e3e13f354aaab792552aacd1d0b45ba"
+	"5126eda4161bca3fcae134fa0e1824e55dffb986cc4e7fe37842857a118e2820"
+)
+
+name=(
+	"HeJ"
+	"thardes2"
+	"oscar-"
+	"THiSCO"
+	"northalpha"
+	"Barbarossa"
+	"kb-light"
+	"phimeas"
+	"leeps"
+)
+
+### programm comes here ###
+function progress {
+        echo -en "\033[1;34m➔  "
+        echo -en $*
+        echo -en "\033[0m\n"
+}
+
+function info {
+        echo -en "\033[1;36m"
+        echo -en $*
+        echo -en "\033[0m\n"
+}
+
+function success {
+        echo -en "\033[1;32m  ✔ "
+        echo -en $*
+        echo -en "\033[0m\n"
+}
+
+function fail {
+        echo -en "\033[1;31m  ✘ "
+        echo -en $*
+        echo -en "\033[0m\n"
+}
+
+if [ $# != 1 ]; then
+	fail "Usage: `basename ${0}` manifest_file" >&2
+	exit 1
+fi
+
+if [ ! -r "${file}" ]; then
+	fail "Manifest \"${file}\" does not exist or is not readable!" >&2
+	exit 1
+fi
+
+manifest="$(mktemp)"
+n=0
+m=0
+count=$((${#public[@]}))
+
+sed -e '/\-\-\-/,$d' $file > $manifest
+signatures=$( sed -e '1,/\-\-\-/d' ${file} )
+
+progress "checking signatures of ${file}"
+
+for sign in ${signatures[@]}; do
+	n=$(($n+1))
+	right=0
+	for i in `seq 0 $(($count-1))`; do
+		if type "ecdsautil" > /dev/null 2>&1; then
+			ecdsautil verify -s $sign -p ${public[i]} ${manifest}
+		elif type "ecdsaverify" > /dev/null 2>&1; then
+			ecdsaverify -s $sign -p ${public[i]} ${manifest}
+		else
+			fail "ecdsautil not found"
+			exit 1
+		fi
+		if [ $? -eq 0 ]; then
+			m=$(($m+1))
+			right=1
+			success "valid signature of ${name[i]}"
+		fi
+	done
+	if [ $right == 0 ]; then
+		 fail "can't verify signature No $n"
+	fi
+done
+
+rm -f -- "${manifest}"
+progress "finsh"
+info "$n signatures checked, $m signatures valid."

scripts/sign.sh

@@ -0,0 +1,48 @@
+#!/bin/sh
+
+manifest="$1"
+keyfile="$2"
+
+if [ $# != 2 ]; then
+	echo "Usage: `basename $0` manifest_file keyfile" >&2
+	exit 1
+fi
+
+if [ ! -w "${manifest}" ]; then
+	echo "ERROR: Manifest \"${manifest}\" does not exists or is not writeable!" >&2
+	exit 1
+fi
+
+if [ ! -r "${keyfile}" ]; then
+	echo "ERROR: Keyfile \"${keyfile}\" does not exist or is not readable!" >&2
+	exit 1
+fi
+
+echo -en "Signing '${manifest}' with '${keyfile}' using ECDSA, this might take some time ... "
+
+BRANCH=$(grep -i branch "${manifest}" | cut -d"=" -f 2)
+
+upper="$(mktemp)"
+lower="$(mktemp)"
+
+awk "BEGIN    { sep=0 }
+     /^---\$/ { sep=1; next }
+              { if(sep==0) print > \"$upper\";
+                else       print > \"$lower\"}" \
+    "${manifest}"
+
+if type "ecdsautil" > /dev/null 2>&1; then
+	ecdsautil sign "${upper}" < "${keyfile}" >> "${lower}"
+elif type "ecdsasign" > /dev/null 2>&1; then
+	ecdsasign "${upper}" < "${keyfile}" >> "${lower}"
+else
+	echo "ERROR: ecdsautil not found" >&2
+	exit 1
+fi
+
+cat  "${upper}"  > "${manifest}"
+echo ---        >> "${manifest}"
+cat  "${lower}" >> "${manifest}"
+rm -f -- "${upper}" "${lower}"
+
+echo "done"