#!/bin/sh # SPDX-License-Identifier: GPL-2.0-only # Based on apt-key from apt-0.6.25 # Licensed under GPL Version 2 set -e usage() { echo "Usage: opkg-key [options] command [arguments]" echo echo "Manage opkg's list of trusted keys" echo echo "Commands and arguments:" echo " add - Add the key contained in ('-' for stdin)" echo " del - Remove the key " echo " list - List keys" echo " fingerprint - List keys with fingerprints" echo " reset - Remove all keys, resetting the keyring" echo " populate - Import keys from /usr/share/opkg/keyrings" echo " help - Print this usage message and exit" echo echo "Options:" echo " -o - Use as the offline root directory" echo } if [ "$1" = "-o" ]; then ROOT=$2 shift 2 echo "Note: using \"$ROOT\" as root path" else ROOT="" fi GPGHOMEDIR="$ROOT/etc/opkg/gpg" command="$1" if [ -z "$command" ]; then usage exit 1 fi shift # For the particular use case we have in importing/trusting keys the # differences between gpg and gpg2 are moot. if [ -f "$(which gpg)" ]; then GPGCMD="gpg" elif [ -f "$(which gpg2)" ]; then GPGCMD="gpg2" else echo >&2 "Error: gnupg does not appear to be installed." exit 1 fi GPG="$GPGCMD --no-options --homedir $GPGHOMEDIR" # Gpg home dir isn't created automatically when --homedir option is used if [ ! -e "$GPGHOMEDIR" ]; then mkdir -m 0700 "$GPGHOMEDIR" echo "Created gpg homedir" fi case "$command" in add) $GPG --quiet --batch --import "$1" ret=$? if [ $ret -eq 0 ]; then echo "OK" else echo "Failed" fi ;; del|rm|remove) $GPG --quiet --batch --delete-key --yes "$1" ret=$? if [ $ret -eq 0 ]; then echo "OK" else echo "Failed" fi ;; list) $GPG --batch --list-keys ;; finger*) $GPG --batch --fingerprint ;; adv*) echo "Executing: $GPG $*" $GPG $* ;; reset) find "$GPGHOMEDIR" ! -path "$GPGHOMEDIR/gpg.conf" ! -path "$GPGHOMEDIR" -prune -exec rm -r {} \; echo "OK" ;; populate) for f in $ROOT/usr/share/opkg/keyrings/*.gpg; do echo "Importing keys from '`basename $f`'..." $GPG --quiet --batch --import "$f" done echo "OK" ;; help) usage ;; *) usage exit 1 ;; esac