From a37d0d9cd6d636949f423d1bab25d12b88ee18e0 Mon Sep 17 00:00:00 2001
From: "Lance R. Vick" <lance@lrvick.net>
Date: Mon, 13 Feb 2023 04:00:33 -0800
Subject: [PATCH] restore file based sign/verify commands

---
 Makefile | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/Makefile b/Makefile
index f887676..01652c2 100644
--- a/Makefile
+++ b/Makefile
@@ -17,6 +17,30 @@ clean: toolchain
 	")
 	$(MAKE) toolchain-clean
 
+.PHONY: sign
+sign:
+	set -e; \
+	git config --get user.signingkey 2>&1 >/dev/null || { \
+		echo "Error: git user.signingkey is not defined"; \
+		exit 1; \
+	}; \
+	fingerprint=$$(\
+		git config --get user.signingkey \
+		| sed 's/.*\([A-Z0-9]\{16\}\).*/\1/g' \
+	); \
+	gpg --armor \
+		--detach-sig  \
+		--output $(RELEASE_DIR)/manifest.$${fingerprint}.asc \
+		$(RELEASE_DIR)/manifest.txt
+
+.PHONY: verify
+verify: | $(RELEASE_DIR)/manifest.txt
+	set -e; \
+	for file in $(RELEASE_DIR)/manifest.*.asc; do \
+		echo "\nVerifying: $${file}\n"; \
+		gpg --verify $${file} $(RELEASE_DIR)/manifest.txt; \
+	done;
+
 .PHONY: mrproper
 mrproper:
 	docker image rm -f $(IMAGE)