From: Paul Spooren Date: Mon, 31 Jan 2022 13:02:40 +0000 (+0100) Subject: build: generate keys via `generate_keys` X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=201874f8b23267df276c6fc4bdae968c31754e85;p=openwrt%2Fstaging%2Faparcar.git build: generate keys via `generate_keys` Signed-off-by: Paul Spooren --- diff --git a/Makefile b/Makefile index d85df6c3cf..b1bb4cb531 100644 --- a/Makefile +++ b/Makefile @@ -133,6 +133,30 @@ ifneq ($(CONFIG_CCACHE),) $(STAGING_DIR_HOST)/bin/ccache -s endif +generate_keys: package/system/apk/host/compile package/system/ucert/host/compile + if [ -s $(BUILD_KEY) ] && [ -s $(BUILD_KEY).pub ]; then \ + printf "$(_R)WARNING: $(BUILD_KEY) already exists$(_N)\n" >&2; \ + else \ + $(STAGING_DIR_HOST)/bin/usign -G -s $(BUILD_KEY) -p $(BUILD_KEY).pub -c "Local build key"; \ + printf "$(_G)SUCCESS: $(BUILD_KEY) generated$(_N)\n" >&2; \ + fi + + if [ -s $(BUILD_KEY).ucert ]; then \ + printf "$(_R)WARNING: $(BUILD_KEY).ucert already exists$(_N)\n" >&2; \ + else \ + $(STAGING_DIR_HOST)/bin/ucert -I -c $(BUILD_KEY).ucert -p $(BUILD_KEY).pub -s $(BUILD_KEY); \ + printf "$(_G)SUCCESS: $(BUILD_KEY) generated$(_N)\n" >&2; \ + fi + + if [ -s $(BUILD_KEY_APK_SEC) -a -s $(BUILD_KEY_APK_PUB) ]; then \ + printf "$(_R)WARNING: $(BUILD_KEY_APK_SEC) already exists$(_N)\n" >&2; \ + else \ + openssl ecparam -name prime256v1 -genkey -noout -out $(BUILD_KEY_APK_SEC); \ + printf "$(_G)SUCCESS: $(BUILD_KEY_APK_SEC) generated$(_N)\n" >&2; \ + openssl ec -in $(BUILD_KEY_APK_SEC) -pubout > $(BUILD_KEY_APK_PUB); \ + printf "$(_G)SUCCESS: $(BUILD_KEY_APK_PUB) generated$(_N)\n" >&2; \ + fi + .PHONY: clean dirclean prereq prepare world package/symlinks package/symlinks-install package/symlinks-clean -endif +endif \ No newline at end of file diff --git a/include/toplevel.mk b/include/toplevel.mk index ce744bc92c..7c35427708 100644 --- a/include/toplevel.mk +++ b/include/toplevel.mk @@ -265,5 +265,4 @@ ifeq ($(findstring v,$(DEBUG)),) .SILENT: symlinkclean clean dirclean distclean config-clean download help tmpinfo-clean .config scripts/config/mconf scripts/config/conf menuconfig staging_dir/host/.prereq-build tmp/.prereq-package prepare-tmpinfo endif .PHONY: help FORCE -.NOTPARALLEL: - +.NOTPARALLEL: \ No newline at end of file diff --git a/include/verbose.mk b/include/verbose.mk index 3ecf842d11..6651dad731 100644 --- a/include/verbose.mk +++ b/include/verbose.mk @@ -24,6 +24,7 @@ endif ifeq ($(IS_TTY),1) ifneq ($(strip $(NO_COLOR)),1) _Y:=\\033[33m + _G:=\\033[32m _R:=\\033[31m _N:=\\033[m endif diff --git a/package/base-files/Makefile b/package/base-files/Makefile index a95764d3b0..25308e20b9 100644 --- a/package/base-files/Makefile +++ b/package/base-files/Makefile @@ -21,7 +21,7 @@ PKG_LICENSE:=GPL-2.0 # Extend depends from version.mk PKG_CONFIG_DEPENDS += \ - CONFIG_SIGNED_PACKAGES CONFIG_TARGET_INIT_PATH CONFIG_TARGET_PREINIT_DISABLE_FAILSAFE \ + CONFIG_TARGET_INIT_PATH CONFIG_TARGET_PREINIT_DISABLE_FAILSAFE \ CONFIG_NAND_SUPPORT \ CONFIG_LEGACY_SDCARD_SUPPORT \ CONFIG_EMMC_SUPPORT \ @@ -100,20 +100,6 @@ define Build/Compile/Default endef Build/Compile = $(Build/Compile/Default) -ifdef CONFIG_SIGNED_PACKAGES - define Build/Configure - [ -s $(BUILD_KEY) -a -s $(BUILD_KEY).pub ] || \ - $(STAGING_DIR_HOST)/bin/usign -G -s $(BUILD_KEY) -p $(BUILD_KEY).pub -c "Local build key" - - [ -s $(BUILD_KEY).ucert ] || \ - $(STAGING_DIR_HOST)/bin/ucert -I -c $(BUILD_KEY).ucert -p $(BUILD_KEY).pub -s $(BUILD_KEY) - - [ -s $(BUILD_KEY_APK_SEC) -a -s $(BUILD_KEY_APK_PUB) ] || \ - openssl ecparam -name prime256v1 -genkey -noout -out $(BUILD_KEY_APK_SEC); \ - openssl ec -in $(BUILD_KEY_APK_SEC) -pubout > $(BUILD_KEY_APK_PUB) - - endef - ifndef CONFIG_BUILDBOT define Package/base-files/install-key mkdir -p $(1)/etc/opkg/keys @@ -124,7 +110,6 @@ ifndef CONFIG_BUILDBOT endef endif -endif ifeq ($(CONFIG_NAND_SUPPORT),) define Package/base-files/nand-support