diff options
author | Aqua-sama <aqua@iserlohn-fortress.net> | 2020-01-27 17:41:11 +0200 |
---|---|---|
committer | Aqua-sama <aqua@iserlohn-fortress.net> | 2020-01-27 17:41:11 +0200 |
commit | 9cfd25329a4dc1e1495b24e3dae0313a2e6a60f7 (patch) | |
tree | e9a9e9b09fb111b30bdb6af150d76707d9ff1e2a | |
parent | pluginloader: add test for PluginLoader::verify (diff) | |
download | smolbote-9cfd25329a4dc1e1495b24e3dae0313a2e6a60f7.tar.xz |
pluginloader: generate keys by meson
-rw-r--r-- | lib/pluginloader/meson.build | 18 | ||||
-rwxr-xr-x | lib/pluginloader/ssl-keygen.py | 15 | ||||
-rw-r--r-- | linux/makepkg/PKGBUILD | 6 | ||||
-rw-r--r-- | meson_options.txt | 2 |
4 files changed, 18 insertions, 23 deletions
diff --git a/lib/pluginloader/meson.build b/lib/pluginloader/meson.build index 534f385..acdd47e 100644 --- a/lib/pluginloader/meson.build +++ b/lib/pluginloader/meson.build @@ -1,14 +1,24 @@ python = import('python') python3 = python.find_installation('python3') -private_pem = meson.build_root() / get_option('ssl_private_pem') -public_pem = meson.build_root() / get_option('ssl_public_pem') +openssl = find_program('openssl', required: true) + +private_pem = custom_target('privateKey.pem', + output: 'privateKey.pem', + command: [ openssl, 'genrsa', '-out', '@OUTPUT@', '4096' ] +) + +public_pem = custom_target('publicKey.pem', + input: private_pem, + output: 'publicKey.pem', + command: [ openssl, 'rsa', '-in', '@INPUT@', '-pubout', '-out', '@OUTPUT@' ] +) publicKey_h = custom_target('publicKey_h', input: files('ssl-keygen.py'), output: 'publicKey.h', command: [python3, '@INPUT@', - '--private=' + private_pem, '--public=' + public_pem, + '--private', private_pem, '--public', public_pem, '--output=@OUTPUT@', '--array-name=publicKey_pem'] ) @@ -25,8 +35,6 @@ dep_pluginloader = declare_dependency( dependencies: [dep_qt5, dependency('openssl', required: true)]) ) -openssl = find_program('openssl', required: true) - # generate a test file that would be signed signedfile_dat = custom_target('signedfile.dat', input: 'write-random.py', diff --git a/lib/pluginloader/ssl-keygen.py b/lib/pluginloader/ssl-keygen.py index 7feaf1a..a1a70c4 100755 --- a/lib/pluginloader/ssl-keygen.py +++ b/lib/pluginloader/ssl-keygen.py @@ -6,12 +6,6 @@ import os.path import subprocess from functools import partial -def generate_private_key(out_pem='privateKey.pem'): - subprocess.run(['openssl', 'genrsa', '-out', out_pem, '4096'], check=True) - -def generate_public_key(in_pem='privateKey.pem', out_pem='publicKey.pem'): - subprocess.run(['openssl', 'rsa', '-in', in_pem, '-pubout', '-out', out_pem], check=True) - def hexdump(array_type, array_name, length_type, in_pem, out_h): array_len = 0 @@ -43,15 +37,6 @@ if __name__ == "__main__": args=parser.parse_args() - # check if public key exists - if not os.path.isfile(args.public): - # if there is no private key, generate one - if not os.path.isfile(args.private): - generate_private_key(args.private) - - # export public key from private - generate_public_key(args.private, args.public) - with open(args.public, "rb") as public_pem: hexdump(args.array_type, args.array_name, args.length_type, public_pem, args.output) diff --git a/linux/makepkg/PKGBUILD b/linux/makepkg/PKGBUILD index 6754fe8..18f9ebe 100644 --- a/linux/makepkg/PKGBUILD +++ b/linux/makepkg/PKGBUILD @@ -96,6 +96,10 @@ build() { ninja -C $srcdir/build "$MAKEFLAGS" } +check() { + ninja -C $srcdir/build test +} + package() { # Install cd $srcdir/build @@ -104,8 +108,8 @@ package() { if [ $_signPlugins == "1" ]; then msg "Signing plugins" for so in $pkgdir/$_prefix/lib/smolbote/plugins/*.so; do + openssl dgst -sha256 -sign $srcdir/build/lib/pluginloader/privateKey.pem -out $so.sig $so msg2 "Signed $(basename $so)" - openssl dgst -sha256 -sign $srcdir/build/privateKey.pem -out $so.sig $so done fi diff --git a/meson_options.txt b/meson_options.txt index 91f2d0e..1bbda86 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -8,5 +8,3 @@ option('updater', description: 'Build updater component', type: # Build options option('signPlugins', description: 'Generate OpenSSL signing key', type: 'feature', value: 'auto') -option('ssl_private_pem', description: 'OpenSSL private key path', type: 'string', value: 'privateKey.pem') -option('ssl_public_pem', description: 'OpenSSL public key path', type: 'string', value: 'publicKey.pem') |