Replace xxd with python script

5 files changed, 104 insertions, 13 deletions

diff --git a/Kconfig b/Kconfig
index a2578ec..0fbafaa 100644
--- a/Kconfig
+++ b/Kconfig
@@ -7,7 +7,10 @@ menu "Application"
         default ":/icons/poi.svg"
 endmenu
 
-source lib/configuration/Kconfig
+source 'lib/configuration/Kconfig'
+
+# Plugin loading
+source 'lib/plugin/Kconfig'
 
 config USEPLASMA
     bool "Enable KDE Frameworks integration"
diff --git a/lib/plugin/Kconfig b/lib/plugin/Kconfig
new file mode 100644
index 0000000..1de9403
--- /dev/null
+++ b/lib/plugin/Kconfig
@@ -0,0 +1,29 @@
+config USEPLUGINS
+    bool "Enable plugins"
+    default y
+
+menu "Plugin Settings"
+    depends on USEPLUGINS
+
+    choice PLUGIN_SIGNATURE_CHECK
+        bool "Plugin Signature enforcement"
+        default PLUGIN_SIGNATURE_CHECKED
+
+        config PLUGIN_SIGNATURE_IGNORED
+            bool "Don't check plugin signatures"
+
+        config PLUGIN_SIGNATURE_NONFATAL
+            bool "Check signature validity, but always load plugins"
+
+        config PLUGIN_SIGNATURE_CHECKED
+            bool "Don't load plugins with invalid signatures"
+
+        config PLUGIN_SIGNATURE_ENFORCED
+            bool "Only load plugins with valid signatures"
+
+    endchoice
+
+    config PLUGIN_SIGNATURE_HASH
+        string "Hashing algorithm used by the signature"
+        default "SHA256"
+endmenu
diff --git a/linux/.config b/linux/.config
index b483d41..6ba6018 100644
--- a/linux/.config
+++ b/linux/.config
@@ -70,6 +70,16 @@ CONFIG_PROFILE_DEFAULT=""
 CONFIG_PROFILE_DEFAULT_SEARCH="https://duckduckgo.com/?q=%1&ia=web"
 CONFIG_PROFILE_DEFAULT_HOMEPAGE="about:blank"
 CONFIG_PROFILE_DEFAULT_NEWTAB="about:blank"
+CONFIG_USEPLUGINS=y
+
+#
+# Plugin Settings
+#
+# CONFIG_PLUGIN_SIGNATURE_IGNORED is not set
+# CONFIG_PLUGIN_SIGNATURE_NONFATAL is not set
+CONFIG_PLUGIN_SIGNATURE_CHECKED=y
+# CONFIG_PLUGIN_SIGNATURE_ENFORCED is not set
+CONFIG_PLUGIN_SIGNATURE_HASH="SHA256"
 # CONFIG_USEPLASMA is not set
 # CONFIG_USEBREAKPAD is not set
 
diff --git a/linux/makepkg/PKGBUILD b/linux/makepkg/PKGBUILD
index 3907ff8..badf319 100644
--- a/linux/makepkg/PKGBUILD
+++ b/linux/makepkg/PKGBUILD
@@ -26,6 +26,18 @@ sha512sums=('SKIP'
 #validgpgkeys=(# Aqua-sama <aqua@iserlohn-fortress.net>
 #              BB1C090188E3E32B375C13FD095DE26BC16D2E98)
 
+## Build Options
+
+# Run menuconfig
+#_menuconfig=
+
+# Enable plugin signing:
+# - generate a 4096-bit RSA key and embed the public key into the binary
+# - apply the plugin signing patch to the config, enabling PluginLoader::verify
+# - sign the plugins with the private key, and install the signatures
+# Because this embeds the public key into the executable, enabling this option will break reproducible builds.
+_signPlugins=
+
 prepare() {
     cd $srcdir/smolbote
 
@@ -33,16 +45,18 @@ prepare() {
     git config submodule.3rd-party/SingleApplication/SingleApplication.git.url $srcdir/SingleApplication
     git submodule update 3rd-party/SingleApplication/SingleApplication.git
 
-    msg "Creating OpenSSL signing key"
-    mkdir $srcdir/signing
-    cd $srcdir/signing
-    # generate rsa keypair
-    openssl genrsa -out privateKey.pem 4096
-    msg2 "RSA/4096 key created in $srcdir/signing/privateKey.pem. Keep this key if you want to sign additional plugins."
-
-    openssl rsa -in privateKey.pem -pubout -out publicKey.pem
-    xxd -i publicKey.pem $srcdir/smolbote/src/plugin/publicKey.h
-    msg2 "Public key exported, and will be embedded into the resulting application. This will break reproducible builds."
+    if [ -n $_signPlugins ]; then
+        msg "Creating OpenSSL signing key"
+        mkdir $srcdir/signing
+        cd $srcdir/signing
+        # generate rsa keypair
+        openssl genrsa -out privateKey.pem 4096
+        msg2 "Keypair written to $srcdir/signing/privateKey.pem."
+
+        openssl rsa -in privateKey.pem -pubout -out publicKey.pem
+        ./tools/hexdump.py --name='publicKey_pem' publicKey.pem $srcdir/smolbote/src/plugin/publicKey.h
+        msg2 "Public key exported to $srcdir/signing/publicKey.pem."
+    fi
 }
 
 pkgver() {
@@ -71,7 +85,7 @@ build() {
     # b_lto: Use link time optimization
     meson --buildtype=plain --prefix=/usr/local --auto-features=disabled \
         -Db_pie=true -Db_lto=true -Dcpp_link_args="-fuse-ld=gold" \
-        -DPlasma=enabled -Dmanpage=enabled \
+        -Dmanpage=enabled \
         $srcdir/build
 
     # Run menuconfig
@@ -87,9 +101,10 @@ package() {
     cd $srcdir/build
     DESTDIR="$pkgdir" ninja install
 
-    msg Signing plugins
+    msg "Signing plugins"
     for so in $pkgdir/usr/local/lib/smolbote/plugins/*.so; do
         openssl dgst -sha256 -sign $srcdir/signing/privateKey.pem -out $so.sig $so
+        install -m644 $so.sig $pkgdir/usr/lib/smolbote/plugins/$so.sig
     done
 }
 
diff --git a/tools/hexdump.py b/tools/hexdump.py
new file mode 100755
index 0000000..f79fc5f
--- /dev/null
+++ b/tools/hexdump.py
@@ -0,0 +1,34 @@
+#!/usr/bin/env python3
+
+import argparse
+from functools import partial
+
+parser = argparse.ArgumentParser(description='Convert a file to C array')
+parser.add_argument('input', type=str, help='Input file')
+parser.add_argument('output', type=str, help='Output file')
+parser.add_argument('--array-type', type=str, default='const unsigned char', help='Array type')
+parser.add_argument('--length-type', type=str, default='const unsigned int', help='Length type')
+parser.add_argument('--name', type=str, default='a', help='Array name')
+
+args=parser.parse_args()
+
+print("{} {}[] = {{".format(args.array_type, args.name))
+
+n = 0
+
+with open(args.input, "rb") as in_file:
+  for c in iter(partial(in_file.read, 1), b''):
+    if n % 16 == 0:
+      print("    ", end='')
+
+    print("0x%02X," % ord(c), end='')
+
+    n += 1
+    if n % 16 == 0:
+      print("")
+    else:
+      print(" ", end='')
+
+print("\n};")
+print("{} {}_len = {};".format(args.length_type, args.name, n))
+