aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAqua-sama <aqua@iserlohn-fortress.net>2020-01-27 17:41:11 +0200
committerAqua-sama <aqua@iserlohn-fortress.net>2020-01-27 17:41:11 +0200
commit9cfd25329a4dc1e1495b24e3dae0313a2e6a60f7 (patch)
treee9a9e9b09fb111b30bdb6af150d76707d9ff1e2a
parentpluginloader: add test for PluginLoader::verify (diff)
downloadsmolbote-9cfd25329a4dc1e1495b24e3dae0313a2e6a60f7.tar.xz
pluginloader: generate keys by meson
-rw-r--r--lib/pluginloader/meson.build18
-rwxr-xr-xlib/pluginloader/ssl-keygen.py15
-rw-r--r--linux/makepkg/PKGBUILD6
-rw-r--r--meson_options.txt2
4 files changed, 18 insertions, 23 deletions
diff --git a/lib/pluginloader/meson.build b/lib/pluginloader/meson.build
index 534f385..acdd47e 100644
--- a/lib/pluginloader/meson.build
+++ b/lib/pluginloader/meson.build
@@ -1,14 +1,24 @@
python = import('python')
python3 = python.find_installation('python3')
-private_pem = meson.build_root() / get_option('ssl_private_pem')
-public_pem = meson.build_root() / get_option('ssl_public_pem')
+openssl = find_program('openssl', required: true)
+
+private_pem = custom_target('privateKey.pem',
+ output: 'privateKey.pem',
+ command: [ openssl, 'genrsa', '-out', '@OUTPUT@', '4096' ]
+)
+
+public_pem = custom_target('publicKey.pem',
+ input: private_pem,
+ output: 'publicKey.pem',
+ command: [ openssl, 'rsa', '-in', '@INPUT@', '-pubout', '-out', '@OUTPUT@' ]
+)
publicKey_h = custom_target('publicKey_h',
input: files('ssl-keygen.py'),
output: 'publicKey.h',
command: [python3, '@INPUT@',
- '--private=' + private_pem, '--public=' + public_pem,
+ '--private', private_pem, '--public', public_pem,
'--output=@OUTPUT@', '--array-name=publicKey_pem']
)
@@ -25,8 +35,6 @@ dep_pluginloader = declare_dependency(
dependencies: [dep_qt5, dependency('openssl', required: true)])
)
-openssl = find_program('openssl', required: true)
-
# generate a test file that would be signed
signedfile_dat = custom_target('signedfile.dat',
input: 'write-random.py',
diff --git a/lib/pluginloader/ssl-keygen.py b/lib/pluginloader/ssl-keygen.py
index 7feaf1a..a1a70c4 100755
--- a/lib/pluginloader/ssl-keygen.py
+++ b/lib/pluginloader/ssl-keygen.py
@@ -6,12 +6,6 @@ import os.path
import subprocess
from functools import partial
-def generate_private_key(out_pem='privateKey.pem'):
- subprocess.run(['openssl', 'genrsa', '-out', out_pem, '4096'], check=True)
-
-def generate_public_key(in_pem='privateKey.pem', out_pem='publicKey.pem'):
- subprocess.run(['openssl', 'rsa', '-in', in_pem, '-pubout', '-out', out_pem], check=True)
-
def hexdump(array_type, array_name, length_type, in_pem, out_h):
array_len = 0
@@ -43,15 +37,6 @@ if __name__ == "__main__":
args=parser.parse_args()
- # check if public key exists
- if not os.path.isfile(args.public):
- # if there is no private key, generate one
- if not os.path.isfile(args.private):
- generate_private_key(args.private)
-
- # export public key from private
- generate_public_key(args.private, args.public)
-
with open(args.public, "rb") as public_pem:
hexdump(args.array_type, args.array_name, args.length_type, public_pem, args.output)
diff --git a/linux/makepkg/PKGBUILD b/linux/makepkg/PKGBUILD
index 6754fe8..18f9ebe 100644
--- a/linux/makepkg/PKGBUILD
+++ b/linux/makepkg/PKGBUILD
@@ -96,6 +96,10 @@ build() {
ninja -C $srcdir/build "$MAKEFLAGS"
}
+check() {
+ ninja -C $srcdir/build test
+}
+
package() {
# Install
cd $srcdir/build
@@ -104,8 +108,8 @@ package() {
if [ $_signPlugins == "1" ]; then
msg "Signing plugins"
for so in $pkgdir/$_prefix/lib/smolbote/plugins/*.so; do
+ openssl dgst -sha256 -sign $srcdir/build/lib/pluginloader/privateKey.pem -out $so.sig $so
msg2 "Signed $(basename $so)"
- openssl dgst -sha256 -sign $srcdir/build/privateKey.pem -out $so.sig $so
done
fi
diff --git a/meson_options.txt b/meson_options.txt
index 91f2d0e..1bbda86 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -8,5 +8,3 @@ option('updater', description: 'Build updater component', type:
# Build options
option('signPlugins', description: 'Generate OpenSSL signing key', type: 'feature', value: 'auto')
-option('ssl_private_pem', description: 'OpenSSL private key path', type: 'string', value: 'privateKey.pem')
-option('ssl_public_pem', description: 'OpenSSL public key path', type: 'string', value: 'publicKey.pem')