no
warnings;
our
@EXPORT
=
qw(check_all_gpg_signatures check_gpg_signature)
;
our
$VERSION
=
'0.002'
;
sub
_get_file_pairs (
$self
) {
my
$key
= _key(
$self
);
my
$string
=
$self
->config->
$key
();
my
(
$ret
,
$args
) = Getopt::Long::GetOptionsFromString(
$string
);
$self
->_print(
"Odd number of arguments in $key."
)
if
@$args
% 2;
my
@pairs
;
while
(
@$args
> 1 ) {
push
@pairs
, [
splice
@$args
, 0, 2, () ];
}
push
@pairs
, [
@$args
]
if
@$args
;
\
@pairs
}
sub
_key (
$self
) {
'gpg_signatures'
}
sub
check_all_gpg_signatures (
$self
) {
my
$pairs
=
$self
->_get_file_pairs;
foreach
my
$pair
(
$pairs
->@* ) {
$self
->check_gpg_signature(
$pair
->@* )
}
return
1;
}
sub
check_gpg_signature (
$self
,
$file
,
$signature_file
) {
$self
->_print(
"Checking GPG signature of <$file>...\n"
);
$self
->_die(
"\nERROR: Could not verify signature of <$file>: file does not exist\n"
)
unless
-e
$file
;
$self
->_die(
"\nERROR: Could not verify signature of <$file> with <$signature_file>: signature file does not exist\n"
)
unless
-e
$signature_file
;
my
$result
=
$self
->run(
qq(gpg --verify "$signature_file" "$file" 2>&1)
);
$result
=~ s/^/ /mg;
$self
->_print(
"$result"
);
unless
(
$result
=~ /\bGood signature from\b/ ) {
$self
->_die(
"\nERROR: signature verification failed"
);
}
return
1;
}
1;