search

megastep / makeself

A self-extracting archiving tool for Unix systems, in 100% shell script.
https://makeself.io
GNU General Public License v2.0
2.3k stars 370 forks source link

Support for gpg / ssl signed archives #74

Open jlfranklin opened 8 years ago

jlfranklin commented 8 years ago

I see there is support for encrypting an archive with gpg or ssl, but I would like to add on a digital signature that the script verifies before unpacking.

megastep commented 8 years ago

This is something that could be done in a way similar to how we currently check the archive against a checksum, however the main problem as far as I am concerned is having the tools it depends on to verify the signatures. This might be OK if you have openssl installed for instance, but for a lot of the platforms I try to support that's not a safe assumption.

However if that is something that would work in your own environment, I'd be open to add this kind of feature.

jlfranklin commented 8 years ago

It should be easy enough to use which gpg or which openssl to check for the supporting tool and emit an error or warning if requested but not found.

dantran commented 8 years ago

+1

dguayrobotiq commented 6 years ago

Any update on this? This would be useful for my case too !

zero-pytagoras commented 8 months ago

@megastep is there any update on the matter ?