ci: Verify WIBU systems signed all available deb files

.github/workflows/ci_ubuntu_verify_repo.yml

@@ -2,6 +2,31 @@ name: CI ubuntu verify repo
 'on':
   workflow_call: null
 jobs:
+  wibu-signed-deb-files:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout (GitHub)
+        uses: actions/checkout@v4
+      - name: Install debsig-verify
+        run: |
+          sudo apt update
+          sudo apt install -y debsig-verify
+      - name: Create debsig directory structures
+        run: |
+          sudo mkdir -p /etc/debsig/policies/5FCB7AB40CC62A25
+          sudo mkdir -p /usr/share/debsig/keyrings/5FCB7AB40CC62A25
+      - name: Install the debsig policy file
+        run: sudo cp policy.pol /etc/debsig/policies/5FCB7AB40CC62A25/
+        working-directory: ubuntu/
+      - name: Dearmor WIBU pubkey
+        run: gpg -o wibu_pub_dearmored.gpg --dearmor wibu_pub.gpg
+        working-directory: ubuntu/
+      - name: Install dearmored key
+        run: sudo cp wibu_pub_dearmored.gpg /usr/share/debsig/keyrings/5FCB7AB40CC62A25/debsig.gpg
+        working-directory: ubuntu/
+      - name: Verify WIBU systems signed all deb files
+        run: for i in ./*.deb; do debsig-verify "$i"; done
+        working-directory: ./ubuntu/
   regeneration_is_clean:
     runs-on: ubuntu-latest
     steps:

ubuntu/policy.pol

@@ -0,0 +1,14 @@
+<?xml version="1.0"?>
+<!DOCTYPE Policy SYSTEM "http://www.debian.org/debsig/1.0/policy.dtd">
+<Policy xmlns="https://www.debian.org/debsig/1.0/">
+
+  <Origin Name="codemeter" id="5FCB7Ab40CC62A25" Description="CodeMeter"/>
+
+  <Selection>
+    <Required Type="origin" File="debsig.gpg" id="5FCB7AB40CC62A25"/>
+  </Selection>
+
+   <Verification MinOptional="0">
+    <Required Type="origin" File="debsig.gpg" id="5FCB7AB40CC62A25"/>
+   </Verification>
+</Policy>

ubuntu/wibu_pub.gpg

@@ -0,0 +1,29 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBF4hyqMBEADSaQitekoKDzU8vd4WOFrtlfSsF8iJm/AIUCZHQ6wJ8sciSTJx
+7rUoxW6GixpxPz/caWrFztuljF4twoHLsfAwgUFcWd+TC32l5sZeC26VEdoDEgf2
+XonnUqNgT8fuoju2YkdZmqjhBjGRspGr3rgXtXegwWN+uFxiE5dhgy2wYtA6lZsW
+bcjU0qvqF2GpAe04rdPpSullpLcD+lgSvSZT2mVbbG56M6ouU72mFeEJlQKQHvPa
+stF7tLyyopdmDK/+SXh2I43MsS9G66i82hnEizg1ChHEVNcw+0PGwJ/4BRTdz/1e
+Lr2tIZQQhK3MceeV09V8IPTHRNRlEgzXVQkV8Ig3+NQrxGsxEhJZaRtC7pg9Mh3j
+ZvGesqZ92SG8QtPY/TZlQrQELbdavssGgRqd23X1GVxN8EmkmfKa58mIq8pGar2V
+QzEH/be6dGZ2PpJA0v2+Pa2iEuff7gSdG+5XFj9quWMWC7IyxpSJhFsg41cobeFt
+1gblxX81ppsDtkqkEM4gGhw7fsMd1MMRPmioXwhlfJOA2tZcENm0fmTc+pOvCsXB
+hIL6cXan1zXp0lgpBNvnfih9PeE4AFjjDOrAFv/iwkzU9uGAJZ0pzpOeDAb5Irte
+mh9HsUzcvFiVPERX5XSfZOnqpQAcbVGmcmRR2S5a3wJr8zowzFBmISnXmQARAQAB
+tChXSUJVLVNZU1RFTVMgQUcgPGFkbWluaXN0cmF0b3JAd2lidS5jb20+iQJNBBMB
+CAA3FiEES0UCM9cstCfQ53k5X8t6tAzGKiUFAl4hyqMCGwMFCwkIBwMEFQoJCAUW
+AgMBAAIeAQIXgAAKCRBfy3q0DMYqJVfKD/9qAdXBdl/8jVVAaGGENpPPrJ8VqJ3D
+Jtn9MIbkWyej01WqKikBmzsdlAqvdj0Q2OCxMULq+1KNYTI8zDn/xZpBheUjj6oT
+jP5ATW68eAkj83ZqyfZBLmOjj46UVHiqSttCCJjUqW6FsOaVd8fi/cs6Y6rY4/p0
+0TxlQnkNJfrhUwoNCTta829k9oxdWr1vsw1xv/swpCxv0Gs1x3aHQzOZ7ygo+6dK
+6jO5r+2A3ov7CDWAPDjNIL7DToRGxDSuFRJTcE7L4wIQzKU61LMlFq2u4tOqYqKL
+lVFtkc3Ikj5O6bF2VYzfGHidwrmH2D3Ah8t93DKtjDFyLhspSXEriQUBFFz3uz/0
+8u89mbmuz6VmAHPaZ/lFj57VwXMcz+7S7v1xeT/wyxA8G3fvyAzdxizFXK8CNN9P
+m9gJSZ2Vn7SoZQekdHBIqJofTUa23IWB+WRC6R+dZ/j6tYsBFj8u3lxGi5sz4HbM
+xFihRN4te2uPh6nuTfryInJRKOUk2gx7P0ybWwQLKAjGUnidcRAZOrYB03AuNG3e
+w9UDDeujLDKMhluxESdxwohJ3YFrqoqt8RRCm6dNew7vmmlymJBSSMC25AGYqvQ2
+hjcnKHfer0emqqqWPkiZAL3lJMJjHuYxMuCX5v99g2aJzg4mCr6gTZKFsCSOwa4g
+kEDwf3LdYcROfw==
+=+SuL
+-----END PGP PUBLIC KEY BLOCK-----