pluginloader: generate keys by meson

4 files changed, 18 insertions, 23 deletions

diff --git a/lib/pluginloader/meson.build b/lib/pluginloader/meson.build
index 534f385..acdd47e 100644
--- a/lib/pluginloader/meson.build
+++ b/lib/pluginloader/meson.build
@@ -1,14 +1,24 @@
 python = import('python')
 python3 = python.find_installation('python3')
 
-private_pem = meson.build_root() / get_option('ssl_private_pem')
-public_pem = meson.build_root() / get_option('ssl_public_pem')
+openssl = find_program('openssl', required: true)
+
+private_pem = custom_target('privateKey.pem',
+  output: 'privateKey.pem',
+  command: [ openssl, 'genrsa', '-out', '@OUTPUT@', '4096' ]
+)
+
+public_pem = custom_target('publicKey.pem',
+  input: private_pem,
+  output: 'publicKey.pem',
+  command: [ openssl, 'rsa', '-in', '@INPUT@', '-pubout', '-out', '@OUTPUT@' ]
+)
 
 publicKey_h = custom_target('publicKey_h',
   input: files('ssl-keygen.py'),
   output: 'publicKey.h',
   command: [python3, '@INPUT@',
-    '--private=' + private_pem, '--public=' + public_pem,
+    '--private', private_pem, '--public', public_pem,
     '--output=@OUTPUT@', '--array-name=publicKey_pem']
 )
 
@@ -25,8 +35,6 @@ dep_pluginloader = declare_dependency(
         dependencies: [dep_qt5, dependency('openssl', required: true)])
 )
 
-openssl = find_program('openssl', required: true)
-
 # generate a test file that would be signed
 signedfile_dat = custom_target('signedfile.dat',
   input: 'write-random.py',
diff --git a/lib/pluginloader/ssl-keygen.py b/lib/pluginloader/ssl-keygen.py
index 7feaf1a..a1a70c4 100755
--- a/lib/pluginloader/ssl-keygen.py
+++ b/lib/pluginloader/ssl-keygen.py
@@ -6,12 +6,6 @@ import os.path
 import subprocess
 from functools import partial
 
-def generate_private_key(out_pem='privateKey.pem'):
-    subprocess.run(['openssl', 'genrsa', '-out', out_pem, '4096'], check=True)
-
-def generate_public_key(in_pem='privateKey.pem', out_pem='publicKey.pem'):
-    subprocess.run(['openssl', 'rsa', '-in', in_pem, '-pubout', '-out', out_pem], check=True)
-
 def hexdump(array_type, array_name, length_type, in_pem, out_h):
     array_len = 0
     
@@ -43,15 +37,6 @@ if __name__ == "__main__":
 
     args=parser.parse_args()
 
-    # check if public key exists
-    if not os.path.isfile(args.public):
-        # if there is no private key, generate one
-        if not os.path.isfile(args.private):
-            generate_private_key(args.private)
-
-        # export public key from private
-        generate_public_key(args.private, args.public)
-
     with open(args.public, "rb") as public_pem:
         hexdump(args.array_type, args.array_name, args.length_type, public_pem, args.output)
 
diff --git a/linux/makepkg/PKGBUILD b/linux/makepkg/PKGBUILD
index 6754fe8..18f9ebe 100644
--- a/linux/makepkg/PKGBUILD
+++ b/linux/makepkg/PKGBUILD
@@ -96,6 +96,10 @@ build() {
     ninja -C $srcdir/build "$MAKEFLAGS"
 }
 
+check() {
+    ninja -C $srcdir/build test
+}
+
 package() {
     # Install
     cd $srcdir/build
@@ -104,8 +108,8 @@ package() {
     if [ $_signPlugins == "1" ]; then
     msg "Signing plugins"
     for so in $pkgdir/$_prefix/lib/smolbote/plugins/*.so; do
+        openssl dgst -sha256 -sign $srcdir/build/lib/pluginloader/privateKey.pem -out $so.sig $so
         msg2 "Signed $(basename $so)"
-        openssl dgst -sha256 -sign $srcdir/build/privateKey.pem -out $so.sig $so
     done
     fi
 
diff --git a/meson_options.txt b/meson_options.txt
index 91f2d0e..1bbda86 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -8,5 +8,3 @@ option('updater',       description: 'Build updater component',           type:
 
 # Build options
 option('signPlugins',     description: 'Generate OpenSSL signing key',  type: 'feature', value: 'auto')
-option('ssl_private_pem', description: 'OpenSSL private key path',      type: 'string',  value: 'privateKey.pem')
-option('ssl_public_pem',  description: 'OpenSSL public key path',       type: 'string',  value: 'publicKey.pem')