aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Kconfig5
-rw-r--r--lib/plugin/Kconfig29
-rw-r--r--linux/.config10
-rw-r--r--linux/makepkg/PKGBUILD39
-rwxr-xr-xtools/hexdump.py34
5 files changed, 104 insertions, 13 deletions
diff --git a/Kconfig b/Kconfig
index a2578ec..0fbafaa 100644
--- a/Kconfig
+++ b/Kconfig
@@ -7,7 +7,10 @@ menu "Application"
default ":/icons/poi.svg"
endmenu
-source lib/configuration/Kconfig
+source 'lib/configuration/Kconfig'
+
+# Plugin loading
+source 'lib/plugin/Kconfig'
config USEPLASMA
bool "Enable KDE Frameworks integration"
diff --git a/lib/plugin/Kconfig b/lib/plugin/Kconfig
new file mode 100644
index 0000000..1de9403
--- /dev/null
+++ b/lib/plugin/Kconfig
@@ -0,0 +1,29 @@
+config USEPLUGINS
+ bool "Enable plugins"
+ default y
+
+menu "Plugin Settings"
+ depends on USEPLUGINS
+
+ choice PLUGIN_SIGNATURE_CHECK
+ bool "Plugin Signature enforcement"
+ default PLUGIN_SIGNATURE_CHECKED
+
+ config PLUGIN_SIGNATURE_IGNORED
+ bool "Don't check plugin signatures"
+
+ config PLUGIN_SIGNATURE_NONFATAL
+ bool "Check signature validity, but always load plugins"
+
+ config PLUGIN_SIGNATURE_CHECKED
+ bool "Don't load plugins with invalid signatures"
+
+ config PLUGIN_SIGNATURE_ENFORCED
+ bool "Only load plugins with valid signatures"
+
+ endchoice
+
+ config PLUGIN_SIGNATURE_HASH
+ string "Hashing algorithm used by the signature"
+ default "SHA256"
+endmenu
diff --git a/linux/.config b/linux/.config
index b483d41..6ba6018 100644
--- a/linux/.config
+++ b/linux/.config
@@ -70,6 +70,16 @@ CONFIG_PROFILE_DEFAULT=""
CONFIG_PROFILE_DEFAULT_SEARCH="https://duckduckgo.com/?q=%1&ia=web"
CONFIG_PROFILE_DEFAULT_HOMEPAGE="about:blank"
CONFIG_PROFILE_DEFAULT_NEWTAB="about:blank"
+CONFIG_USEPLUGINS=y
+
+#
+# Plugin Settings
+#
+# CONFIG_PLUGIN_SIGNATURE_IGNORED is not set
+# CONFIG_PLUGIN_SIGNATURE_NONFATAL is not set
+CONFIG_PLUGIN_SIGNATURE_CHECKED=y
+# CONFIG_PLUGIN_SIGNATURE_ENFORCED is not set
+CONFIG_PLUGIN_SIGNATURE_HASH="SHA256"
# CONFIG_USEPLASMA is not set
# CONFIG_USEBREAKPAD is not set
diff --git a/linux/makepkg/PKGBUILD b/linux/makepkg/PKGBUILD
index 3907ff8..badf319 100644
--- a/linux/makepkg/PKGBUILD
+++ b/linux/makepkg/PKGBUILD
@@ -26,6 +26,18 @@ sha512sums=('SKIP'
#validgpgkeys=(# Aqua-sama <aqua@iserlohn-fortress.net>
# BB1C090188E3E32B375C13FD095DE26BC16D2E98)
+## Build Options
+
+# Run menuconfig
+#_menuconfig=
+
+# Enable plugin signing:
+# - generate a 4096-bit RSA key and embed the public key into the binary
+# - apply the plugin signing patch to the config, enabling PluginLoader::verify
+# - sign the plugins with the private key, and install the signatures
+# Because this embeds the public key into the executable, enabling this option will break reproducible builds.
+_signPlugins=
+
prepare() {
cd $srcdir/smolbote
@@ -33,16 +45,18 @@ prepare() {
git config submodule.3rd-party/SingleApplication/SingleApplication.git.url $srcdir/SingleApplication
git submodule update 3rd-party/SingleApplication/SingleApplication.git
- msg "Creating OpenSSL signing key"
- mkdir $srcdir/signing
- cd $srcdir/signing
- # generate rsa keypair
- openssl genrsa -out privateKey.pem 4096
- msg2 "RSA/4096 key created in $srcdir/signing/privateKey.pem. Keep this key if you want to sign additional plugins."
-
- openssl rsa -in privateKey.pem -pubout -out publicKey.pem
- xxd -i publicKey.pem $srcdir/smolbote/src/plugin/publicKey.h
- msg2 "Public key exported, and will be embedded into the resulting application. This will break reproducible builds."
+ if [ -n $_signPlugins ]; then
+ msg "Creating OpenSSL signing key"
+ mkdir $srcdir/signing
+ cd $srcdir/signing
+ # generate rsa keypair
+ openssl genrsa -out privateKey.pem 4096
+ msg2 "Keypair written to $srcdir/signing/privateKey.pem."
+
+ openssl rsa -in privateKey.pem -pubout -out publicKey.pem
+ ./tools/hexdump.py --name='publicKey_pem' publicKey.pem $srcdir/smolbote/src/plugin/publicKey.h
+ msg2 "Public key exported to $srcdir/signing/publicKey.pem."
+ fi
}
pkgver() {
@@ -71,7 +85,7 @@ build() {
# b_lto: Use link time optimization
meson --buildtype=plain --prefix=/usr/local --auto-features=disabled \
-Db_pie=true -Db_lto=true -Dcpp_link_args="-fuse-ld=gold" \
- -DPlasma=enabled -Dmanpage=enabled \
+ -Dmanpage=enabled \
$srcdir/build
# Run menuconfig
@@ -87,9 +101,10 @@ package() {
cd $srcdir/build
DESTDIR="$pkgdir" ninja install
- msg Signing plugins
+ msg "Signing plugins"
for so in $pkgdir/usr/local/lib/smolbote/plugins/*.so; do
openssl dgst -sha256 -sign $srcdir/signing/privateKey.pem -out $so.sig $so
+ install -m644 $so.sig $pkgdir/usr/lib/smolbote/plugins/$so.sig
done
}
diff --git a/tools/hexdump.py b/tools/hexdump.py
new file mode 100755
index 0000000..f79fc5f
--- /dev/null
+++ b/tools/hexdump.py
@@ -0,0 +1,34 @@
+#!/usr/bin/env python3
+
+import argparse
+from functools import partial
+
+parser = argparse.ArgumentParser(description='Convert a file to C array')
+parser.add_argument('input', type=str, help='Input file')
+parser.add_argument('output', type=str, help='Output file')
+parser.add_argument('--array-type', type=str, default='const unsigned char', help='Array type')
+parser.add_argument('--length-type', type=str, default='const unsigned int', help='Length type')
+parser.add_argument('--name', type=str, default='a', help='Array name')
+
+args=parser.parse_args()
+
+print("{} {}[] = {{".format(args.array_type, args.name))
+
+n = 0
+
+with open(args.input, "rb") as in_file:
+ for c in iter(partial(in_file.read, 1), b''):
+ if n % 16 == 0:
+ print(" ", end='')
+
+ print("0x%02X," % ord(c), end='')
+
+ n += 1
+ if n % 16 == 0:
+ print("")
+ else:
+ print(" ", end='')
+
+print("\n};")
+print("{} {}_len = {};".format(args.length_type, args.name, n))
+