verify gpg signature of tarballs

[zx2c4]

Since https://github.com/WireGuard/wireguard-vyatta-ubnt/commit/4dc2d68dc5cc069308a5f9175589a1dcc3bfa972 , downloads now use tarballs and with https://github.com/WireGuard/wireguard-vyatta-ubnt/commit/4a543f0f63881c6764be28b9fc066fbb44a6dfdc now adding the signing key. We can now check signatures before untaring:

zx2c4@thinkpad /tmp $ wget https://git.zx2c4.com/wireguard-linux-compat/snapshot/wireguard-linux-compat-1.0.20200429.tar.xz https://git.zx2c4.com/wireguard-linux-compat/snapshot/wireguard-linux-compat-1.0.20200429.tar.asc
--2020-05-03 13:38:47--  https://git.zx2c4.com/wireguard-linux-compat/snapshot/wireguard-linux-compat-1.0.20200429.tar.xz
2020-05-03 13:38:49 (192 KB/s) - ‘wireguard-linux-compat-1.0.20200429.tar.xz’ saved [261668]
--2020-05-03 13:38:49--  https://git.zx2c4.com/wireguard-linux-compat/snapshot/wireguard-linux-compat-1.0.20200429.tar.asc
2020-05-03 13:38:49 (69.5 MB/s) - ‘wireguard-linux-compat-1.0.20200429.tar.asc’ saved [858]

zx2c4@thinkpad /tmp $ unxz wireguard-linux-compat-1.0.20200429.tar.xz 

zx2c4@thinkpad /tmp $ gpgv --keyring AB9942E6D4A4CFC3412620A749FC7012A5DE03AE.gpg wireguard-linux-compat-1.0.20200429.tar.asc wireguard-linux-compat-1.0.20200429.tar
gpgv: Signature made Wed 29 Apr 2020 10:38:05 PM MDT
gpgv:                using RSA key AB9942E6D4A4CFC3412620A749FC7012A5DE03AE
gpgv:                issuer "jason@zx2c4.com"
gpgv: Good signature from "Jason A. Donenfeld <Jason@zx2c4.com>"

zx2c4@thinkpad /tmp $ tar -xJ --one-top-level=module --strip-components=1 -f wireguard-linux-compat-1.0.20200429.tar.asc wireguard-linux-compat-1.0.20200429.tar

[FossoresLP]

With 6ac71b3 the CI script now checks the signatures properly.