mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-11-05 15:00:30 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

move genkey() and genpassword() to common.py for use in multiple sections

Browse source 
genkey() and genpassword() are now going to be used by `fdroid update` as
well as `fdroid init`, so they should be in common.py
This commit is contained in:
Hans-Christoph Steiner 2015-04-20 19:14:58 -04:00
parent 86865faa62
commit 4861595288
2 changed files with 35 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

33
fdroidserver/common.py
View file

@ -30,6 +30,8 @@ import Queue
import threading import threading
import magic import magic
import logging import logging
import hashlib
import socket
from distutils.version import LooseVersion from distutils.version import LooseVersion
from zipfile import ZipFile from zipfile import ZipFile
@ -2012,3 +2014,34 @@ def find_command(command):
return exe_file return exe_file
return None return None
def genpassword():
'''generate a random password for when generating keys'''
h = hashlib.sha256()
h.update(os.urandom(16)) # salt
h.update(bytes(socket.getfqdn()))
return h.digest().encode('base64').strip()
def genkey(keystore, repo_keyalias, password, keydname):
'''generate a new keystore with a new key in it for signing repos'''
logging.info('Generating a new key in "' + keystore + '"...')
write_password_file("keystorepass", password)
write_password_file("keypass", password)
p = FDroidPopen(['keytool', '-genkey',
'-keystore', keystore, '-alias', repo_keyalias,
'-keyalg', 'RSA', '-keysize', '4096',
'-sigalg', 'SHA256withRSA',
'-validity', '10000',
'-storepass:file', config['keystorepassfile'],
'-keypass:file', config['keypassfile'],
'-dname', keydname])
# TODO keypass should be sent via stdin
if p.returncode != 0:
raise BuildException("Failed to generate key", p.output)
# now show the lovely key that was just generated
p = FDroidPopen(['keytool', '-list', '-v',
'-keystore', keystore, '-alias', repo_keyalias,
'-storepass:file', config['keystorepassfile']])
logging.info(p.output.strip() + '\n\n')

37
fdroidserver/init.py
View file

@ -20,7 +20,6 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
import glob import glob
import hashlib
import os import os
import re import re
import shutil import shutil
@ -30,7 +29,6 @@ from optparse import OptionParser
import logging import logging
import common import common
from common import FDroidPopen, BuildException
config = {} config = {}
options = None options = None
@ -61,37 +59,6 @@ def disable_in_config(key, value):
f.writelines(data) f.writelines(data)
def genpassword():
'''generate a random password for when generating keys'''
h = hashlib.sha256()
h.update(os.urandom(16)) # salt
h.update(bytes(socket.getfqdn()))
return h.digest().encode('base64').strip()
def genkey(keystore, repo_keyalias, password, keydname):
'''generate a new keystore with a new key in it for signing repos'''
logging.info('Generating a new key in "' + keystore + '"...')
common.write_password_file("keystorepass", password)
common.write_password_file("keypass", password)
p = FDroidPopen(['keytool', '-genkey',
'-keystore', keystore, '-alias', repo_keyalias,
'-keyalg', 'RSA', '-keysize', '4096',
'-sigalg', 'SHA256withRSA',
'-validity', '10000',
'-storepass:file', config['keystorepassfile'],
'-keypass:file', config['keypassfile'],
'-dname', keydname])
# TODO keypass should be sent via stdin
if p.returncode != 0:
raise BuildException("Failed to generate key", p.output)
# now show the lovely key that was just generated
p = FDroidPopen(['keytool', '-list', '-v',
'-keystore', keystore, '-alias', repo_keyalias,
'-storepass:file', config['keystorepassfile']])
logging.info(p.output.strip() + '\n\n')
def main(): def main():
global options, config global options, config
@ -262,7 +229,7 @@ def main():
keystoredir = os.path.dirname(keystore) keystoredir = os.path.dirname(keystore)
if not os.path.exists(keystoredir): if not os.path.exists(keystoredir):
os.makedirs(keystoredir, mode=0o700) os.makedirs(keystoredir, mode=0o700)
password = genpassword() password = common.genpassword()
write_to_config(test_config, 'keystorepass', password) write_to_config(test_config, 'keystorepass', password)
write_to_config(test_config, 'keypass', password) write_to_config(test_config, 'keypass', password)
if options.repo_keyalias is None: if options.repo_keyalias is None:
@ -271,7 +238,7 @@ def main():
if not options.distinguished_name: if not options.distinguished_name:
keydname = 'CN=' + repo_keyalias + ', OU=F-Droid' keydname = 'CN=' + repo_keyalias + ', OU=F-Droid'
write_to_config(test_config, 'keydname', keydname) write_to_config(test_config, 'keydname', keydname)
genkey(keystore, repo_keyalias, password, keydname) common.genkey(keystore, repo_keyalias, password, keydname)
logging.info('Built repo based in "' + fdroiddir + '"') logging.info('Built repo based in "' + fdroiddir + '"')
logging.info('with this config:') logging.info('with this config:')