summaryrefslogtreecommitdiff
path: root/src/luarocks/signing.lua
diff options
context:
space:
mode:
Diffstat (limited to 'src/luarocks/signing.lua')
-rw-r--r--src/luarocks/signing.lua48
1 files changed, 48 insertions, 0 deletions
diff --git a/src/luarocks/signing.lua b/src/luarocks/signing.lua
new file mode 100644
index 0000000..cb91643
--- /dev/null
+++ b/src/luarocks/signing.lua
@@ -0,0 +1,48 @@
+local signing = {}
+
+local cfg = require("luarocks.core.cfg")
+local fs = require("luarocks.fs")
+
+local function get_gpg()
+ local vars = cfg.variables
+ local gpg = vars.GPG
+ local gpg_ok, err = fs.is_tool_available(gpg, "gpg")
+ if not gpg_ok then
+ return nil, err
+ end
+ return gpg
+end
+
+function signing.signature_url(url)
+ return url .. ".asc"
+end
+
+function signing.sign_file(file)
+ local gpg, err = get_gpg()
+ if not gpg then
+ return nil, err
+ end
+
+ local sigfile = file .. ".asc"
+ if fs.execute(gpg, "--armor", "--output", sigfile, "--detach-sign", file) then
+ return sigfile
+ else
+ return nil, "failed running " .. gpg .. " to sign " .. file
+ end
+end
+
+function signing.verify_signature(file, sigfile)
+ local gpg, err = get_gpg()
+ if not gpg then
+ return nil, err
+ end
+
+ if fs.execute(gpg, "--verify", sigfile, file) then
+ return true
+ else
+ return nil, "GPG returned a verification error"
+ end
+
+end
+
+return signing
generated by cgit v1.2.3 (git 2.25.1) at 2026-02-12 05:11:52 +0000