From 947befa77b52dbfc81e38a26ceca52ec1f0d66c6 Mon Sep 17 00:00:00 2001 From: Jerry Date: Sun, 27 Jan 2019 13:58:37 +0800 Subject: [PATCH] first commit --- .gitattributes | 7 ++++ .gitignore | 3 ++ Makefile | 20 +++++++++++ jerryxiao-revoked | 0 jerryxiao-trusted | 1 + jerryxiao.gpg | 60 ++++++++++++++++++++++++++++++++ master-keyids | 1 + master/JerryXiao.asc | 30 ++++++++++++++++ packager-keyids | 1 + packager-revoked-keyids | 0 packager/JerryXiao.asc | 30 ++++++++++++++++ update-keys | 77 +++++++++++++++++++++++++++++++++++++++++ 12 files changed, 230 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 Makefile create mode 100644 jerryxiao-revoked create mode 100644 jerryxiao-trusted create mode 100644 jerryxiao.gpg create mode 100644 master-keyids create mode 100644 master/JerryXiao.asc create mode 100644 packager-keyids create mode 100644 packager-revoked-keyids create mode 100644 packager/JerryXiao.asc create mode 100644 update-keys diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..188aa7b --- /dev/null +++ b/.gitattributes @@ -0,0 +1,7 @@ +update-keys export-ignore +.gitattributes export-ignore +.gitignore export-ignore +master-keyids export-ignore +packager-keyids export-ignore +master export-ignore +packager export-ignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..f7dc989 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +*~ +jerryxiao-keyring-*.tar.gz +jerryxiao-keyring-*.tar.gz.sig diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..192a3ac --- /dev/null +++ b/Makefile @@ -0,0 +1,20 @@ +V=20180316 + +PREFIX = /usr/local + +install: + install -dm755 $(DESTDIR)$(PREFIX)/share/pacman/keyrings/ + install -m0644 jerryxiao{.gpg,-trusted,-revoked} $(DESTDIR)$(PREFIX)/share/pacman/keyrings/ + +uninstall: + rm -f $(DESTDIR)$(PREFIX)/share/pacman/keyrings/jerryxiao{.gpg,-trusted,-revoked} + rmdir -p --ignore-fail-on-non-empty $(DESTDIR)$(PREFIX)/share/pacman/keyrings/ + +dist: + git archive --format=tar --prefix=jerryxiao-keyring-$(V)/ $(V) | gzip -9 > jerryxiao-keyring-$(V).tar.gz + gpg --detach-sign --use-agent jerryxiao-keyring-$(V).tar.gz + +upload: + # scp jerryxiao-keyring-$(V).tar.gz jerryxiao-keyring-$(V).tar.gz.sig nymeria.archlinux.org:/srv/ftp/other/archlinux-keyring/ + +.PHONY: install uninstall dist upload diff --git a/jerryxiao-revoked b/jerryxiao-revoked new file mode 100644 index 0000000..e69de29 diff --git a/jerryxiao-trusted b/jerryxiao-trusted new file mode 100644 index 0000000..3e726d0 --- /dev/null +++ b/jerryxiao-trusted @@ -0,0 +1 @@ +186242204A2EC70438E9CE3B9D9CE43650FF2BAA:4: diff --git a/jerryxiao.gpg b/jerryxiao.gpg new file mode 100644 index 0000000..e204f8c --- /dev/null +++ b/jerryxiao.gpg @@ -0,0 +1,60 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBFwCOmEBCAC4ruZv67toZ1cbhMaqWVAmnHVkbOMZjy9uXTp2kdBsQAS2wYBj +8hGdLy4fVGU+S+zf2/gcjX9T6iMyu0LSdFTSBG1vzPpcaVi8+Oq8ndVO135RZj4L +rr8BiT+zVT57De8kddXhiivmhp6NzRExwHEUMtj3ode95i8bCe2DxDBuIxHsIuh7 +ftqAR4t30iA/SLaeGRSySjk6WUpQtDqVy8vsS8mIG4/9LD6wjHX50yUfVrjBZedC +fJlWTW/tf0cEZnifl5K/sebpQqfkIPbWDBE19ruu6lZAQhYEzGANdBSFUPMgWVP7 +2n3fp9Uh7FDnbNMw1R4vM/50FEbhTfdTHLO/ABEBAAG0JEplcnJ5IFhpYW8gPGlz +amVycnl4aWFvQG91dGxvb2suY29tPokBVAQTAQgAPhYhBBhiQiBKLscEOOnOO52c +5DZQ/yuqBQJcAjphAhsDBQkJZgGABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJ +EJ2c5DZQ/yuqyf8H/2echpLhKD6quyOjG1ZpFnDua2igaOPTHNM0v1opDPiiduYb +JSNTczdK63vrQ8ss4umjDmH9GE8sKYKz2bAaQW2dEHT9i+eyWRvmL+M5EWaCCiM/ +mkGD57rkyogURMFOKrklryM+6Rb/3N2a13DccZCgCNRneCNhfJ/7PaHL8JKBB5Z0 +TuHg7SxYAOLYadAPUGTJ5vZHz9wbBJSRw8HVUnAa94y13Sc9i2UmbLED4zxomcK3 +ApwrEFH3E1j7qtq0elyE8clX6zK1STNdFI98ffv6GAFO6nGfmSqDckya1MpZWsZt +1pLXqabh5va8h2WGSm7COI6dRi3tDf4lvOsl6T65AQ0EXAI6YQEIAML3Eeto1bm6 +5YDUVD13naRXyHM9W9tsHzQa7vM/3W/gAWlomQuziT+lqYdCclANShrHTyAyhOlP ++MeLw1Y1BEjomzo4XqQqBL3Mg/9p0o2zvZN1/IrIpmQoOyA96MNZbyDCabUv1IKb +CQMMKlb7iW2x+90wLAlM9+M2p6cE9RKmPZ4vdoSFzqKzO5Q1E6peTxhWx8zqfuge +AIG/ZR1ajFrc7OpspAwWhcnQ9wgt8tCRdIJy589q2DfCWiWhKgdRoP1IRdJlXbgS +xPVTEE0QPYMWILKGegMcreK1iC/m2r39MZhKC+jKHRkmluM8z5tj6L/H19OMBp8l +L+0QtDfN39UAEQEAAYkBPAQYAQgAJhYhBBhiQiBKLscEOOnOO52c5DZQ/yuqBQJc +AjphAhsMBQkJZgGAAAoJEJ2c5DZQ/yuq1+4H/3POjaiqi9XefTrsF0c8Q2/Mkvao +OW1PDmdXglaPcBDAW9vi9dd6HGPR0gYES3eU9D/LzqcjR5T6OqD/72A/OVL9mDtF +LgKtyV7mJ8T6hrcTYO0MI9hnJNb7lwocFsgKGo9byxKyT6T89rpqAprawz+pAu4z +E+c1zYjP0WxUKzRNipmUem6P/go8LMuDW94nZo5I5yksmWOkZNbmQRi5G8cF4f+G +bwWOEQwH38YmjkuLYnBVeX+Qr6rcrhn1MIDrfp5Pz28hxgYDIVT2D1ei6Rx/6rXA +Tsj96Vbjy6ZEnkSLZy13j8G6lpvgCoyuXw7G2PGlj4ngKrLkuQjVXFTI8JQ= +=LYj4 +-----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBFwCOmEBCAC4ruZv67toZ1cbhMaqWVAmnHVkbOMZjy9uXTp2kdBsQAS2wYBj +8hGdLy4fVGU+S+zf2/gcjX9T6iMyu0LSdFTSBG1vzPpcaVi8+Oq8ndVO135RZj4L +rr8BiT+zVT57De8kddXhiivmhp6NzRExwHEUMtj3ode95i8bCe2DxDBuIxHsIuh7 +ftqAR4t30iA/SLaeGRSySjk6WUpQtDqVy8vsS8mIG4/9LD6wjHX50yUfVrjBZedC +fJlWTW/tf0cEZnifl5K/sebpQqfkIPbWDBE19ruu6lZAQhYEzGANdBSFUPMgWVP7 +2n3fp9Uh7FDnbNMw1R4vM/50FEbhTfdTHLO/ABEBAAG0JEplcnJ5IFhpYW8gPGlz +amVycnl4aWFvQG91dGxvb2suY29tPokBVAQTAQgAPhYhBBhiQiBKLscEOOnOO52c +5DZQ/yuqBQJcAjphAhsDBQkJZgGABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJ +EJ2c5DZQ/yuqyf8H/2echpLhKD6quyOjG1ZpFnDua2igaOPTHNM0v1opDPiiduYb +JSNTczdK63vrQ8ss4umjDmH9GE8sKYKz2bAaQW2dEHT9i+eyWRvmL+M5EWaCCiM/ +mkGD57rkyogURMFOKrklryM+6Rb/3N2a13DccZCgCNRneCNhfJ/7PaHL8JKBB5Z0 +TuHg7SxYAOLYadAPUGTJ5vZHz9wbBJSRw8HVUnAa94y13Sc9i2UmbLED4zxomcK3 +ApwrEFH3E1j7qtq0elyE8clX6zK1STNdFI98ffv6GAFO6nGfmSqDckya1MpZWsZt +1pLXqabh5va8h2WGSm7COI6dRi3tDf4lvOsl6T65AQ0EXAI6YQEIAML3Eeto1bm6 +5YDUVD13naRXyHM9W9tsHzQa7vM/3W/gAWlomQuziT+lqYdCclANShrHTyAyhOlP ++MeLw1Y1BEjomzo4XqQqBL3Mg/9p0o2zvZN1/IrIpmQoOyA96MNZbyDCabUv1IKb +CQMMKlb7iW2x+90wLAlM9+M2p6cE9RKmPZ4vdoSFzqKzO5Q1E6peTxhWx8zqfuge +AIG/ZR1ajFrc7OpspAwWhcnQ9wgt8tCRdIJy589q2DfCWiWhKgdRoP1IRdJlXbgS +xPVTEE0QPYMWILKGegMcreK1iC/m2r39MZhKC+jKHRkmluM8z5tj6L/H19OMBp8l +L+0QtDfN39UAEQEAAYkBPAQYAQgAJhYhBBhiQiBKLscEOOnOO52c5DZQ/yuqBQJc +AjphAhsMBQkJZgGAAAoJEJ2c5DZQ/yuq1+4H/3POjaiqi9XefTrsF0c8Q2/Mkvao +OW1PDmdXglaPcBDAW9vi9dd6HGPR0gYES3eU9D/LzqcjR5T6OqD/72A/OVL9mDtF +LgKtyV7mJ8T6hrcTYO0MI9hnJNb7lwocFsgKGo9byxKyT6T89rpqAprawz+pAu4z +E+c1zYjP0WxUKzRNipmUem6P/go8LMuDW94nZo5I5yksmWOkZNbmQRi5G8cF4f+G +bwWOEQwH38YmjkuLYnBVeX+Qr6rcrhn1MIDrfp5Pz28hxgYDIVT2D1ei6Rx/6rXA +Tsj96Vbjy6ZEnkSLZy13j8G6lpvgCoyuXw7G2PGlj4ngKrLkuQjVXFTI8JQ= +=LYj4 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/master-keyids b/master-keyids new file mode 100644 index 0000000..50f92d7 --- /dev/null +++ b/master-keyids @@ -0,0 +1 @@ +186242204A2EC70438E9CE3B9D9CE43650FF2BAA JerryXiao diff --git a/master/JerryXiao.asc b/master/JerryXiao.asc new file mode 100644 index 0000000..edcdf85 --- /dev/null +++ b/master/JerryXiao.asc @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBFwCOmEBCAC4ruZv67toZ1cbhMaqWVAmnHVkbOMZjy9uXTp2kdBsQAS2wYBj +8hGdLy4fVGU+S+zf2/gcjX9T6iMyu0LSdFTSBG1vzPpcaVi8+Oq8ndVO135RZj4L +rr8BiT+zVT57De8kddXhiivmhp6NzRExwHEUMtj3ode95i8bCe2DxDBuIxHsIuh7 +ftqAR4t30iA/SLaeGRSySjk6WUpQtDqVy8vsS8mIG4/9LD6wjHX50yUfVrjBZedC +fJlWTW/tf0cEZnifl5K/sebpQqfkIPbWDBE19ruu6lZAQhYEzGANdBSFUPMgWVP7 +2n3fp9Uh7FDnbNMw1R4vM/50FEbhTfdTHLO/ABEBAAG0JEplcnJ5IFhpYW8gPGlz +amVycnl4aWFvQG91dGxvb2suY29tPokBVAQTAQgAPhYhBBhiQiBKLscEOOnOO52c +5DZQ/yuqBQJcAjphAhsDBQkJZgGABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJ +EJ2c5DZQ/yuqyf8H/2echpLhKD6quyOjG1ZpFnDua2igaOPTHNM0v1opDPiiduYb +JSNTczdK63vrQ8ss4umjDmH9GE8sKYKz2bAaQW2dEHT9i+eyWRvmL+M5EWaCCiM/ +mkGD57rkyogURMFOKrklryM+6Rb/3N2a13DccZCgCNRneCNhfJ/7PaHL8JKBB5Z0 +TuHg7SxYAOLYadAPUGTJ5vZHz9wbBJSRw8HVUnAa94y13Sc9i2UmbLED4zxomcK3 +ApwrEFH3E1j7qtq0elyE8clX6zK1STNdFI98ffv6GAFO6nGfmSqDckya1MpZWsZt +1pLXqabh5va8h2WGSm7COI6dRi3tDf4lvOsl6T65AQ0EXAI6YQEIAML3Eeto1bm6 +5YDUVD13naRXyHM9W9tsHzQa7vM/3W/gAWlomQuziT+lqYdCclANShrHTyAyhOlP ++MeLw1Y1BEjomzo4XqQqBL3Mg/9p0o2zvZN1/IrIpmQoOyA96MNZbyDCabUv1IKb +CQMMKlb7iW2x+90wLAlM9+M2p6cE9RKmPZ4vdoSFzqKzO5Q1E6peTxhWx8zqfuge +AIG/ZR1ajFrc7OpspAwWhcnQ9wgt8tCRdIJy589q2DfCWiWhKgdRoP1IRdJlXbgS +xPVTEE0QPYMWILKGegMcreK1iC/m2r39MZhKC+jKHRkmluM8z5tj6L/H19OMBp8l +L+0QtDfN39UAEQEAAYkBPAQYAQgAJhYhBBhiQiBKLscEOOnOO52c5DZQ/yuqBQJc +AjphAhsMBQkJZgGAAAoJEJ2c5DZQ/yuq1+4H/3POjaiqi9XefTrsF0c8Q2/Mkvao +OW1PDmdXglaPcBDAW9vi9dd6HGPR0gYES3eU9D/LzqcjR5T6OqD/72A/OVL9mDtF +LgKtyV7mJ8T6hrcTYO0MI9hnJNb7lwocFsgKGo9byxKyT6T89rpqAprawz+pAu4z +E+c1zYjP0WxUKzRNipmUem6P/go8LMuDW94nZo5I5yksmWOkZNbmQRi5G8cF4f+G +bwWOEQwH38YmjkuLYnBVeX+Qr6rcrhn1MIDrfp5Pz28hxgYDIVT2D1ei6Rx/6rXA +Tsj96Vbjy6ZEnkSLZy13j8G6lpvgCoyuXw7G2PGlj4ngKrLkuQjVXFTI8JQ= +=LYj4 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/packager-keyids b/packager-keyids new file mode 100644 index 0000000..50f92d7 --- /dev/null +++ b/packager-keyids @@ -0,0 +1 @@ +186242204A2EC70438E9CE3B9D9CE43650FF2BAA JerryXiao diff --git a/packager-revoked-keyids b/packager-revoked-keyids new file mode 100644 index 0000000..e69de29 diff --git a/packager/JerryXiao.asc b/packager/JerryXiao.asc new file mode 100644 index 0000000..edcdf85 --- /dev/null +++ b/packager/JerryXiao.asc @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBFwCOmEBCAC4ruZv67toZ1cbhMaqWVAmnHVkbOMZjy9uXTp2kdBsQAS2wYBj +8hGdLy4fVGU+S+zf2/gcjX9T6iMyu0LSdFTSBG1vzPpcaVi8+Oq8ndVO135RZj4L +rr8BiT+zVT57De8kddXhiivmhp6NzRExwHEUMtj3ode95i8bCe2DxDBuIxHsIuh7 +ftqAR4t30iA/SLaeGRSySjk6WUpQtDqVy8vsS8mIG4/9LD6wjHX50yUfVrjBZedC +fJlWTW/tf0cEZnifl5K/sebpQqfkIPbWDBE19ruu6lZAQhYEzGANdBSFUPMgWVP7 +2n3fp9Uh7FDnbNMw1R4vM/50FEbhTfdTHLO/ABEBAAG0JEplcnJ5IFhpYW8gPGlz +amVycnl4aWFvQG91dGxvb2suY29tPokBVAQTAQgAPhYhBBhiQiBKLscEOOnOO52c +5DZQ/yuqBQJcAjphAhsDBQkJZgGABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJ +EJ2c5DZQ/yuqyf8H/2echpLhKD6quyOjG1ZpFnDua2igaOPTHNM0v1opDPiiduYb +JSNTczdK63vrQ8ss4umjDmH9GE8sKYKz2bAaQW2dEHT9i+eyWRvmL+M5EWaCCiM/ +mkGD57rkyogURMFOKrklryM+6Rb/3N2a13DccZCgCNRneCNhfJ/7PaHL8JKBB5Z0 +TuHg7SxYAOLYadAPUGTJ5vZHz9wbBJSRw8HVUnAa94y13Sc9i2UmbLED4zxomcK3 +ApwrEFH3E1j7qtq0elyE8clX6zK1STNdFI98ffv6GAFO6nGfmSqDckya1MpZWsZt +1pLXqabh5va8h2WGSm7COI6dRi3tDf4lvOsl6T65AQ0EXAI6YQEIAML3Eeto1bm6 +5YDUVD13naRXyHM9W9tsHzQa7vM/3W/gAWlomQuziT+lqYdCclANShrHTyAyhOlP ++MeLw1Y1BEjomzo4XqQqBL3Mg/9p0o2zvZN1/IrIpmQoOyA96MNZbyDCabUv1IKb +CQMMKlb7iW2x+90wLAlM9+M2p6cE9RKmPZ4vdoSFzqKzO5Q1E6peTxhWx8zqfuge +AIG/ZR1ajFrc7OpspAwWhcnQ9wgt8tCRdIJy589q2DfCWiWhKgdRoP1IRdJlXbgS +xPVTEE0QPYMWILKGegMcreK1iC/m2r39MZhKC+jKHRkmluM8z5tj6L/H19OMBp8l +L+0QtDfN39UAEQEAAYkBPAQYAQgAJhYhBBhiQiBKLscEOOnOO52c5DZQ/yuqBQJc +AjphAhsMBQkJZgGAAAoJEJ2c5DZQ/yuq1+4H/3POjaiqi9XefTrsF0c8Q2/Mkvao +OW1PDmdXglaPcBDAW9vi9dd6HGPR0gYES3eU9D/LzqcjR5T6OqD/72A/OVL9mDtF +LgKtyV7mJ8T6hrcTYO0MI9hnJNb7lwocFsgKGo9byxKyT6T89rpqAprawz+pAu4z +E+c1zYjP0WxUKzRNipmUem6P/go8LMuDW94nZo5I5yksmWOkZNbmQRi5G8cF4f+G +bwWOEQwH38YmjkuLYnBVeX+Qr6rcrhn1MIDrfp5Pz28hxgYDIVT2D1ei6Rx/6rXA +Tsj96Vbjy6ZEnkSLZy13j8G6lpvgCoyuXw7G2PGlj4ngKrLkuQjVXFTI8JQ= +=LYj4 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/update-keys b/update-keys new file mode 100644 index 0000000..fa18504 --- /dev/null +++ b/update-keys @@ -0,0 +1,77 @@ +#!/bin/bash + +export LANG=C + +TMPDIR=$(mktemp -d) +trap "rm -rf '${TMPDIR}'" EXIT + +KEYSERVER='hkp://pool.sks-keyservers.net' +GPG="gpg --quiet --batch --no-tty --no-permission-warning --keyserver "${KEYSERVER}" --homedir ${TMPDIR}" + +pushd "$(dirname "$0")" >/dev/null + +$GPG --gen-key </dev/null + printf 'minimize\nquit\ny\n' | \ + ${GPG} --command-fd 0 --edit-key ${keyid} + ${GPG} --yes --lsign-key ${keyid} &>/dev/null + ${GPG} --armor --no-emit-version --export ${keyid} >> master/${username}.asc + echo "${keyid}:4:" >> jerryxiao-trusted +done < master-keyids +${GPG} --import-ownertrust < jerryxiao-trusted 2>/dev/null + +while read -ra data; do + keyid="${data[0]}" + printf "Receive ${keyid}" + ${GPG} --recv-keys ${keyid} &>/dev/null +done < packager-keyids +while read -ra data; do + keyid="${data[0]}" + username="${data[@]:1}" + printf 'clean\nquit\ny\n' | \ + ${GPG} --command-fd 0 --edit-key ${keyid} + ${GPG} --list-keys --with-colons ${keyid} + if ! ${GPG} --list-keys --with-colons ${keyid} 2>/dev/null | grep -q '^pub:f:'; then + echo "key is not fully trusted: ${keyid} ${username}" + else + ${GPG} --armor --no-emit-version --export ${keyid} >> packager/${username}.asc + fi +done < packager-keyids + +while read -ra data; do + keyid="${data[0]}" + username="${data[1]}" + ${GPG} --recv-keys ${keyid} &>/dev/null + printf 'clean\nquit\ny\n' | \ + ${GPG} --command-fd 0 --edit-key ${keyid} + if ! ${GPG} --list-keys --with-colons ${keyid} 2>/dev/null | grep -q '^pub:f:'; then + ${GPG} --armor --no-emit-version --export ${keyid} >> packager-revoked/${username}.asc + echo "${keyid}" >> jerryxiao-revoked + else + echo "key is still fully trusted: ${keyid} ${username}" + fi +done < packager-revoked-keyids + +touch jerryxiao-trusted jerryxiao-revoked + +cat master/*.asc packager/*.asc packager-revoked/*.asc > jerryxiao.gpg + +popd >/dev/null