mirrors/raspiblitz
1
0
Fork 0
mirror of https://github.com/rootzoll/raspiblitz.git synced 2025-02-28 16:58:03 +01:00
Code Issues Projects Releases Packages Wiki Activity

lit update to 0.10.1-alpha, add pgp key (#3962)

Browse source
This commit is contained in:
openoms 2023-07-08 13:20:35 +00:00 committed by GitHub
parent e7b1772f3b
commit 82bd29c2d0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
home.admin/config.scripts/bonus.lit.sh
View file

@ -1,7 +1,7 @@
#!/bin/bash
# https://github.com/lightninglabs/lightning-terminal/releases
LITVERSION="0.9.2-alpha"
LITVERSION="0.10.1-alpha"
# command info
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
@ -12,20 +12,16 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
fi
# check who signed the release in https://github.com/lightninglabs/lightning-terminal/releases
PGPsigner="ellemouton"
PGPsigner="ViktorTigerstrom"
if [ $PGPsigner = ellemouton ]; then
PGPpkeys="https://github.com/${PGPsigner}.gpg"
PGPcheck="D7D916376026F177"
pgpPubKey="D7D916376026F177"
elif [ $PGPsigner = guggero ]; then
PGPpkeys="https://keybase.io/${PGPsigner}/pgp_keys.asc"
PGPcheck="03DB6322267C373B"
pgpPubKey="03DB6322267C373B"
elif [ $PGPsigner = roasbeef ]; then
PGPpkeys="https://keybase.io/${PGPsigner}/pgp_keys.asc "
PGPcheck="3BBD59E99B280306"
elif [ $PGPsigner = ellemouton ]; then
PGPpkeys="https://keybase.io/ellemo/pgp_keys.asc "
PGPcheck="D7D916376026F17"
pgpPubKey="3BBD59E99B280306"
elif [ $PGPsigner = ViktorTigerstrom ]; then
pgpPubKey="187F6ADD93AE3B0CF335AA6AB984570980684DCC"
fi
source /mnt/hdd/raspiblitz.conf
@ -168,6 +164,9 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
mkdir -p "${downloadDir}"
cd "${downloadDir}" || exit 1
# get pgp key
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys ${pgpPubKey} || exit 1
# extract the SHA256 hash from the manifest file for the corresponding platform
wget -N https://github.com/lightninglabs/lightning-terminal/releases/download/v${LITVERSION}/manifest-v${LITVERSION}.txt
if [ ${isARM} -eq 1 ]; then
@ -189,37 +188,20 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
echo "# check binary was not manipulated (checksum test)"
wget -N https://github.com/lightninglabs/lightning-terminal/releases/download/v${LITVERSION}/manifest-v${LITVERSION}.sig
wget --no-check-certificate -O ./pgp_keys.asc ${PGPpkeys}
binaryChecksum=$(sha256sum ${binaryName} | cut -d " " -f1)
if [ "${binaryChecksum}" != "${SHA256}" ]; then
echo "# FAIL # Downloaded LiT BINARY not matching SHA256 checksum: ${SHA256}"
exit 1
fi
echo "# check gpg finger print"
gpg --show-keys --keyid-format LONG ./pgp_keys.asc
fingerprint=$(gpg --show-keys --keyid-format LONG "./pgp_keys.asc" 2>/dev/null |
grep "${PGPcheck}" -c)
if [ ${fingerprint} -lt 1 ]; then
echo ""
echo "# BUILD WARNING --> LiT PGP author not as expected"
echo "Should contain PGP: ${PGPcheck}"
echo "PRESS ENTER to TAKE THE RISK if you think all is OK"
read key
fi
gpg --import ./pgp_keys.asc
sleep 3
verifyResult=$(
LANG=en_US.utf8
gpg --verify manifest-v${LITVERSION}.sig manifest-v${LITVERSION}.txt 2>&1
)
goodSignature=$(echo ${verifyResult} | grep 'Good signature' -c)
echo "goodSignature(${goodSignature})"
correctKey=$(echo ${verifyResult} | tr -d " \t\n\r" | grep "${GPGcheck}" -c)
echo "correctKey(${correctKey})"
if [ ${correctKey} -lt 1 ] || [ ${goodSignature} -lt 1 ]; then
echo ""
echo "# BUILD FAILED --> LND PGP Verify not OK / signature(${goodSignature}) verify(${correctKey})"
if [ ${goodSignature} -lt 1 ]; then
echo
echo "# BUILD FAILED --> Failed to verify the LiT binary"
exit 1
fi