mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-09-15 15:32:30 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Allow repo pubkey to defined directly in config

Browse source
This commit is contained in:
Ciaran Gultnieks 2015-01-10 15:44:16 +00:00
parent 1cc1ee32ee
commit 4ae896511e
2 changed files with 25 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

7
examples/config.py
View file

@ -73,6 +73,13 @@ The repository of older versions of applications from the main demo repository.
# jarsigner using -alias. (Not needed in an unsigned repository). # jarsigner using -alias. (Not needed in an unsigned repository).
# repo_keyalias = "fdroidrepo" # repo_keyalias = "fdroidrepo"
# Optionally, the public key for the key defined by repo_keyalias above can
# be specified here. There is no need to do this, as the public key can and
# will be retrieved from the keystore when needed. However, specifying it
# manually can allow some processing to take place without access to the
# keystore.
# repo_pubkey = "..."
# The keystore to use for release keys when building. This needs to be # The keystore to use for release keys when building. This needs to be
# somewhere safe and secure, and backed up! The best way to manage these # somewhere safe and secure, and backed up! The best way to manage these
# sensitive keys is to use a "smartcard" (aka Hardware Security Module). To # sensitive keys is to use a "smartcard" (aka Hardware Security Module). To

11
fdroidserver/update.py
View file

@ -33,6 +33,7 @@ from pyasn1.error import PyAsn1Error
from pyasn1.codec.der import decoder, encoder from pyasn1.codec.der import decoder, encoder
from pyasn1_modules import rfc2315 from pyasn1_modules import rfc2315
from hashlib import md5 from hashlib import md5
from binascii import hexlify, unhexlify
from PIL import Image from PIL import Image
import logging import logging
@ -714,6 +715,10 @@ def make_index(apps, sortedids, apks, repodir, archive, categories):
return " ".join(ret) return " ".join(ret)
def extract_pubkey(): def extract_pubkey():
global repo_pubkey_fingerprint
if 'repo_pubkey' in config:
pubkey = unhexlify(config['repo_pubkey'])
else:
p = FDroidPopen(['keytool', '-exportcert', p = FDroidPopen(['keytool', '-exportcert',
'-alias', config['repo_keyalias'], '-alias', config['repo_keyalias'],
'-keystore', config['keystore'], '-keystore', config['keystore'],
@ -725,9 +730,9 @@ def make_index(apps, sortedids, apks, repodir, archive, categories):
msg += ' Is your crypto smartcard plugged in?' msg += ' Is your crypto smartcard plugged in?'
logging.critical(msg) logging.critical(msg)
sys.exit(1) sys.exit(1)
global repo_pubkey_fingerprint pubkey = p.output
repo_pubkey_fingerprint = cert_fingerprint(p.output) repo_pubkey_fingerprint = cert_fingerprint(pubkey)
return "".join("%02x" % ord(b) for b in p.output) return hexlify(pubkey)
repoel.setAttribute("pubkey", extract_pubkey()) repoel.setAttribute("pubkey", extract_pubkey())