1# Class for generating signed IPK packages. 2# 3# Configuration variables used by this class: 4# IPK_GPG_PASSPHRASE_FILE 5# Path to a file containing the passphrase of the signing key. 6# IPK_GPG_NAME 7# Name of the key to sign with. 8# IPK_GPG_BACKEND 9# Optional variable for specifying the backend to use for signing. 10# Currently the only available option is 'local', i.e. local signing 11# on the build host. 12# IPK_GPG_SIGNATURE_TYPE 13# Optional variable for specifying the type of gpg signatures, can be: 14# 1. Ascii armored (ASC), default if not set 15# 2. Binary (BIN) 16# GPG_BIN 17# Optional variable for specifying the gpg binary/wrapper to use for 18# signing. 19# GPG_PATH 20# Optional variable for specifying the gnupg "home" directory: 21# 22 23inherit sanity 24 25IPK_SIGN_PACKAGES = '1' 26IPK_GPG_BACKEND ?= 'local' 27IPK_GPG_SIGNATURE_TYPE ?= 'ASC' 28 29python () { 30 # Check configuration 31 for var in ('IPK_GPG_NAME', 'IPK_GPG_PASSPHRASE_FILE'): 32 if not d.getVar(var): 33 raise_sanity_error("You need to define %s in the config" % var, d) 34 35 sigtype = d.getVar("IPK_GPG_SIGNATURE_TYPE") 36 if sigtype.upper() != "ASC" and sigtype.upper() != "BIN": 37 raise_sanity_error("Bad value for IPK_GPG_SIGNATURE_TYPE (%s), use either ASC or BIN" % sigtype) 38} 39 40def sign_ipk(d, ipk_to_sign): 41 from oe.gpg_sign import get_signer 42 43 bb.debug(1, 'Signing ipk: %s' % ipk_to_sign) 44 45 signer = get_signer(d, d.getVar('IPK_GPG_BACKEND')) 46 sig_type = d.getVar('IPK_GPG_SIGNATURE_TYPE') 47 is_ascii_sig = (sig_type.upper() != "BIN") 48 49 signer.detach_sign(ipk_to_sign, 50 d.getVar('IPK_GPG_NAME'), 51 d.getVar('IPK_GPG_PASSPHRASE_FILE'), 52 armor=is_ascii_sig) 53