Land #7079, Import, sign, and publish signed dev keys

2016-07-11 22:19:45 -05:00 · 2016-07-11 22:19:45 -05:00 · 117a0945b1
parent 627fffdb08 7a321c7350
commit 117a0945b1
1 changed files with 26 additions and 0 deletions
--- a/tools/dev/sign-dev-keys.sh
+++ b/tools/dev/sign-dev-keys.sh
@ -0,0 +1,26 @@
+#!/bin/bash
+
+# Imports and signs dev keys fetched from Keybase, as asserted by the
+# Metasploit-Framework development wiki. Requires bash version 3 or so for
+# regular expression pattern match
+
+COMMITTER_KEYS_URL='https://raw.githubusercontent.com/wiki/rapid7/metasploit-framework/Committer-Keys.md'
+KEYBASE_KEY_URLS=$(
+ \curl -sSL $COMMITTER_KEYS_URL |
+ \awk '$4 ~/https:\/\/keybase.io\//' |
+ \sed 's#.*\(https://keybase.io/[^)]*\).*#\1/key.asc#'
+)
+
+for key in $KEYBASE_KEY_URLS; do
+  echo [*] Importing $key
+  THIS_KEY=$(
+    \curl -sSL $key |
+    \gpg --no-auto-check-trustdb --import - 2>&1 |
+    \head -1 | \cut -f 3 -d " " | \sed 's/://'
+  )
+  echo [*] Signing $THIS_KEY
+  \gpg --sign-key $THIS_KEY
+  echo [*] Sending $THIS_KEY
+  \gpg --keyserver sks-keyservers.net --send-key $THIS_KEY
+done
+