Saturday, December 4, 2010

Shell script for bulk signing

We at WSO2 most of the time release many products at once. With the binary distribution + source distribution + docs - amounts to a large number distributions.

And signing and generating MD5 and SHA1 for all those is a painful task.

Following script makes it easy - copy all the distributions to a single directory and copy the following script to the same directory as sign.sh and execute it as,

$ sh sign.sh prabath

Here, prabath is the alias of the GPG public key.

The following script will generate ASC,MD5 and SHA1 of all the distributions and will also dump the public key to KEYS file.

You should have installed GPG and configured it before running the script.
#!/bin/sh
rm *.asc
rm *.md5
rm *.sha1
rm KEYS
for f0 in  *.zip
 do
  echo $f0
  asc=".asc"
  md5=".md5"
  sha1=".sha1"
  f1=$f0$asc
  gpg --armor --output $f1 --detach-sig $f0
  f2=$f0$md5
  gpg --print-md MD5 $f0  > $f2
  f3=$f0$sha1
  gpg --print-md SHA1 $f0  > $f3
 done
gpg --armor --export $1 > KEYS

3 comments:

Afkham Azeez said...

But it keeps asking for the password for each file that is signed. Is there a way to avoid that?

Prabath said...

May be that is based on your GPG implementation.. For me on Mac - only once it prompts for the password...

chenmeinv0 said...

polo ralph lauren shirts
ralph lauren uk
tory burch outlet
nike outlet store
michael kors handbags
lebron 13 shoes
prada bags
nike air max shoes
cheap jordan shoes
mont blanc ballpoint pens
hzx20170302