[Secure-testing-commits] r44153 - bin

Sebastien Delafond seb at moszumanska.debian.org
Fri Aug 26 03:40:44 UTC 2016 

Author: seb
Date: 2016-08-26 03:40:43 +0000 (Fri, 26 Aug 2016)
New Revision: 44153

Added:
   bin/sign-advisory.sh
Log:
[bin/sign-advisory.sh] New helper script for signing DSAs

  Sign a DSA generated by gen-D{L,S}A

  This allows for any number of headers below the regular 3 that
  gen-DSA generates (From, To, Subject).

  This can be useful if the advisory contains non-ASCII characters,
  like in first and last names for credits, and we need to send it as
  UTF-8. In that case, the signature will still be OK, and all the
  headers retained, even if we manually added those two to the DSA:

    Content-Transfer-Encoding: 8bit
    Content-type: text/plain; charset=UTF-8

Added: bin/sign-advisory.sh
===================================================================
--- bin/sign-advisory.sh	                        (rev 0)
+++ bin/sign-advisory.sh	2016-08-26 03:40:43 UTC (rev 44153)
@@ -0,0 +1,40 @@
+#! /bin/bash
+
+# Sign a DSA generated by gen-D{L,S}A
+# 
+# This allows for any number of headers below the regular 3 that
+# gen-DSA generates (From, To, Subject).
+# 
+# This can be useful if the advisory contains non-ASCII characters,
+# like in first and last names for credits, and we need to send it as
+# UTF-8. In that case, the signature will still be OK, and all the
+# headers retained, even if we manually added those two to the DSA:
+#
+#   Content-Transfer-Encoding: 8bit
+#   Content-type: text/plain; charset=UTF-8
+#
+# Copyright (C) 2016 Sebastien Delafond <seb at debian.org>
+
+set -e
+
+usage() {
+  echo "Usage: $0 </path/to/DSA-nnnn-m>"
+  echo "  this will create /path/to/DSA-nnnn-m.signed"
+}
+
+if [[ $# != 1 ]] ; then
+  usage
+  exit 1
+elif [[ $1 == "-h" ]] || [[ $1 == "--help" ]] ; then
+  usage
+  exit 0
+fi
+
+dsa=$1
+signed_dsa=${dsa}.signed
+
+# figure out the offset for actual DSA text, after headers
+n=$(awk '/^-+/ {print NR ; exit}' $dsa)
+
+# keep headers, and sign the content
+{ head -n $(($n - 1)) $dsa ; tail -n +$n $dsa | gpg --clearsign ; } >| $signed_dsa


Property changes on: bin/sign-advisory.sh
___________________________________________________________________
Added: svn:executable
   + *

More information about the Secure-testing-commits mailing list