diff options
-rw-r--r-- | CMakeLists.txt | 4 | ||||
-rw-r--r-- | certificates/CMakeLists.txt | 5 | ||||
-rw-r--r-- | certificates/developer/CMakeLists.txt | 11 | ||||
-rw-r--r-- | certificates/developer/tizen-developer-root-ca.pem (renamed from certificates/tizen-developer-root-ca.pem) | 0 | ||||
-rw-r--r-- | certificates/developer/tizen-developers-root.pem (renamed from certificates/tizen-developers-root.pem) | 0 | ||||
-rw-r--r-- | certificates/partner/CMakeLists.txt | 29 | ||||
-rw-r--r-- | certificates/partner/tizen-distributor-root-ca-partner-manufacturer.pem (renamed from certificates/tizen-distributor-root-ca-partner-manufacturer.pem) | 0 | ||||
-rw-r--r-- | certificates/partner/tizen-distributor-root-ca-partner-operator.pem (renamed from certificates/tizen-distributor-root-ca-partner-operator.pem) | 0 | ||||
-rw-r--r-- | certificates/partner/tizen-distributor-root-ca-partner.pem (renamed from certificates/tizen-distributor-root-ca-partner.pem) | 0 | ||||
-rw-r--r-- | certificates/partner/tizen-partner-class-developer-root.pem (renamed from certificates/tizen-partner-class-developer-root.pem) | 0 | ||||
-rw-r--r-- | certificates/partner/tizen-partner-class-root-authority.pem (renamed from certificates/tizen-partner-class-root-authority.pem) | 0 | ||||
-rw-r--r-- | certificates/platform/CMakeLists.txt | 11 | ||||
-rw-r--r-- | certificates/platform/tizen-platform-class-developer-root.pem (renamed from certificates/tizen-platform-class-developer-root.pem) | 0 | ||||
-rw-r--r-- | certificates/platform/tizen-platform-class-root-authority.pem (renamed from certificates/tizen-platform-class-root-authority.pem) | 0 | ||||
-rw-r--r-- | certificates/public/CMakeLists.txt | 23 | ||||
-rw-r--r-- | certificates/public/tizen-distributor-root-ca-public.pem (renamed from certificates/tizen-distributor-root-ca-public.pem) | 0 | ||||
-rw-r--r-- | certificates/public/tizen-public-class-developer-root.pem (renamed from certificates/tizen-public-class-developer-root.pem) | 0 | ||||
-rw-r--r-- | certificates/public/tizen-public-class-root-authority.pem (renamed from certificates/tizen-public-class-root-authority.pem) | 0 | ||||
-rw-r--r-- | certificates/public/tizen.root.preproduction.cert.pem (renamed from certificates/tizen.root.preproduction.cert.pem) | 0 | ||||
-rw-r--r-- | certificates/wac/CMakeLists.txt | 17 | ||||
-rw-r--r-- | certificates/wac/wac.publisherid.pem (renamed from certificates/wac.publisherid.pem) | 0 | ||||
-rw-r--r-- | certificates/wac/wac.root.preproduction.pem (renamed from certificates/wac.root.preproduction.pem) | 0 | ||||
-rw-r--r-- | certificates/wac/wac.root.production.pem (renamed from certificates/wac.root.production.pem) | 0 | ||||
-rw-r--r-- | packaging/ca-certificates-tizen.spec | 22 | ||||
-rw-r--r-- | tools/CMakeLists.txt | 25 | ||||
-rwxr-xr-x | tools/add-fingerprint.sh | 33 | ||||
-rw-r--r-- | tools/fingerprint_list.xml | 10 | ||||
-rw-r--r-- | tools/fingerprint_list.xsd | 21 |
28 files changed, 204 insertions, 7 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt new file mode 100644 index 0000000..d6a3307 --- /dev/null +++ b/CMakeLists.txt @@ -0,0 +1,4 @@ +CMAKE_MINIMUM_REQUIRED(VERSION 2.6) + +ADD_SUBDIRECTORY(certificates) +ADD_SUBDIRECTORY(tools) diff --git a/certificates/CMakeLists.txt b/certificates/CMakeLists.txt new file mode 100644 index 0000000..d7d43c5 --- /dev/null +++ b/certificates/CMakeLists.txt @@ -0,0 +1,5 @@ +ADD_SUBDIRECTORY(developer) +ADD_SUBDIRECTORY(public) +ADD_SUBDIRECTORY(partner) +ADD_SUBDIRECTORY(platform) +ADD_SUBDIRECTORY(wac) diff --git a/certificates/developer/CMakeLists.txt b/certificates/developer/CMakeLists.txt new file mode 100644 index 0000000..e61a30a --- /dev/null +++ b/certificates/developer/CMakeLists.txt @@ -0,0 +1,11 @@ +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-developer-root-ca.pem + DESTINATION ${TIZEN_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) + +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-developers-root.pem + DESTINATION ${TIZEN_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) diff --git a/certificates/tizen-developer-root-ca.pem b/certificates/developer/tizen-developer-root-ca.pem index 76c003c..76c003c 100644 --- a/certificates/tizen-developer-root-ca.pem +++ b/certificates/developer/tizen-developer-root-ca.pem diff --git a/certificates/tizen-developers-root.pem b/certificates/developer/tizen-developers-root.pem index deae3f7..deae3f7 100644 --- a/certificates/tizen-developers-root.pem +++ b/certificates/developer/tizen-developers-root.pem diff --git a/certificates/partner/CMakeLists.txt b/certificates/partner/CMakeLists.txt new file mode 100644 index 0000000..443c59c --- /dev/null +++ b/certificates/partner/CMakeLists.txt @@ -0,0 +1,29 @@ +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-distributor-root-ca-partner-manufacturer.pem + DESTINATION ${TIZEN_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) + +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-distributor-root-ca-partner-operator.pem + DESTINATION ${TIZEN_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) + +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-distributor-root-ca-partner.pem + DESTINATION ${TIZEN_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) + +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-partner-class-developer-root.pem + DESTINATION ${TIZEN_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) + +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-partner-class-root-authority.pem + DESTINATION ${TIZEN_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) diff --git a/certificates/tizen-distributor-root-ca-partner-manufacturer.pem b/certificates/partner/tizen-distributor-root-ca-partner-manufacturer.pem index c504d7a..c504d7a 100644 --- a/certificates/tizen-distributor-root-ca-partner-manufacturer.pem +++ b/certificates/partner/tizen-distributor-root-ca-partner-manufacturer.pem diff --git a/certificates/tizen-distributor-root-ca-partner-operator.pem b/certificates/partner/tizen-distributor-root-ca-partner-operator.pem index c6c09c4..c6c09c4 100644 --- a/certificates/tizen-distributor-root-ca-partner-operator.pem +++ b/certificates/partner/tizen-distributor-root-ca-partner-operator.pem diff --git a/certificates/tizen-distributor-root-ca-partner.pem b/certificates/partner/tizen-distributor-root-ca-partner.pem index 2be6916..2be6916 100644 --- a/certificates/tizen-distributor-root-ca-partner.pem +++ b/certificates/partner/tizen-distributor-root-ca-partner.pem diff --git a/certificates/tizen-partner-class-developer-root.pem b/certificates/partner/tizen-partner-class-developer-root.pem index fe1d0d2..fe1d0d2 100644 --- a/certificates/tizen-partner-class-developer-root.pem +++ b/certificates/partner/tizen-partner-class-developer-root.pem diff --git a/certificates/tizen-partner-class-root-authority.pem b/certificates/partner/tizen-partner-class-root-authority.pem index d71eab7..d71eab7 100644 --- a/certificates/tizen-partner-class-root-authority.pem +++ b/certificates/partner/tizen-partner-class-root-authority.pem diff --git a/certificates/platform/CMakeLists.txt b/certificates/platform/CMakeLists.txt new file mode 100644 index 0000000..d789cf6 --- /dev/null +++ b/certificates/platform/CMakeLists.txt @@ -0,0 +1,11 @@ +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-platform-class-developer-root.pem + DESTINATION ${TIZEN_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) + +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-platform-class-root-authority.pem + DESTINATION ${TIZEN_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) diff --git a/certificates/tizen-platform-class-developer-root.pem b/certificates/platform/tizen-platform-class-developer-root.pem index 8b44d04..8b44d04 100644 --- a/certificates/tizen-platform-class-developer-root.pem +++ b/certificates/platform/tizen-platform-class-developer-root.pem diff --git a/certificates/tizen-platform-class-root-authority.pem b/certificates/platform/tizen-platform-class-root-authority.pem index a89ef0b..a89ef0b 100644 --- a/certificates/tizen-platform-class-root-authority.pem +++ b/certificates/platform/tizen-platform-class-root-authority.pem diff --git a/certificates/public/CMakeLists.txt b/certificates/public/CMakeLists.txt new file mode 100644 index 0000000..6e5d9eb --- /dev/null +++ b/certificates/public/CMakeLists.txt @@ -0,0 +1,23 @@ +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-distributor-root-ca-public.pem + DESTINATION ${TIZEN_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) + +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-public-class-developer-root.pem + DESTINATION ${TIZEN_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) + +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-public-class-root-authority.pem + DESTINATION ${TIZEN_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) + +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen.root.preproduction.cert.pem + DESTINATION ${TIZEN_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) diff --git a/certificates/tizen-distributor-root-ca-public.pem b/certificates/public/tizen-distributor-root-ca-public.pem index 9b16176..9b16176 100644 --- a/certificates/tizen-distributor-root-ca-public.pem +++ b/certificates/public/tizen-distributor-root-ca-public.pem diff --git a/certificates/tizen-public-class-developer-root.pem b/certificates/public/tizen-public-class-developer-root.pem index 38b3b44..38b3b44 100644 --- a/certificates/tizen-public-class-developer-root.pem +++ b/certificates/public/tizen-public-class-developer-root.pem diff --git a/certificates/tizen-public-class-root-authority.pem b/certificates/public/tizen-public-class-root-authority.pem index 4158f06..4158f06 100644 --- a/certificates/tizen-public-class-root-authority.pem +++ b/certificates/public/tizen-public-class-root-authority.pem diff --git a/certificates/tizen.root.preproduction.cert.pem b/certificates/public/tizen.root.preproduction.cert.pem index bbf523b..bbf523b 100644 --- a/certificates/tizen.root.preproduction.cert.pem +++ b/certificates/public/tizen.root.preproduction.cert.pem diff --git a/certificates/wac/CMakeLists.txt b/certificates/wac/CMakeLists.txt new file mode 100644 index 0000000..f610998 --- /dev/null +++ b/certificates/wac/CMakeLists.txt @@ -0,0 +1,17 @@ +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/wac.publisherid.pem + DESTINATION ${WAC_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) + +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/wac.root.preproduction.pem + DESTINATION ${WAC_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) + +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/wac.root.production.pem + DESTINATION ${WAC_DIR} + PERMISSIONS OWNER_READ + GROUP_READ + WORLD_READ) diff --git a/certificates/wac.publisherid.pem b/certificates/wac/wac.publisherid.pem index 758fe66..758fe66 100644 --- a/certificates/wac.publisherid.pem +++ b/certificates/wac/wac.publisherid.pem diff --git a/certificates/wac.root.preproduction.pem b/certificates/wac/wac.root.preproduction.pem index 7c46a6a..7c46a6a 100644 --- a/certificates/wac.root.preproduction.pem +++ b/certificates/wac/wac.root.preproduction.pem diff --git a/certificates/wac.root.production.pem b/certificates/wac/wac.root.production.pem index efccefd..efccefd 100644 --- a/certificates/wac.root.production.pem +++ b/certificates/wac/wac.root.production.pem diff --git a/packaging/ca-certificates-tizen.spec b/packaging/ca-certificates-tizen.spec index 5235465..3ffde72 100644 --- a/packaging/ca-certificates-tizen.spec +++ b/packaging/ca-certificates-tizen.spec @@ -8,8 +8,12 @@ License: Apache-2.0 Source: %{name}-%{version}.tar.gz Source1001: %{name}.manifest BuildArch: noarch -%define tizen_dir /usr/share/ca-certificates/tizen -%define wac_dir /usr/share/ca-certificates/wac +BuildRequires: cmake +BuildRequires: openssl + +%define tizen_dir /usr/share/ca-certificates/tizen +%define wac_dir /usr/share/ca-certificates/wac +%define fingerprint_dir /usr/share/ca-certificates/fingerprint %description Used for the installation of Tizen-specific CA certificates. @@ -19,19 +23,23 @@ Used for the installation of Tizen-specific CA certificates. cp %{SOURCE1001} . %build +%cmake . -DTIZEN_DIR=%{tizen_dir} \ + -DWAC_DIR=%{wac_dir} \ + -DFINGERPRINT_DIR=%{fingerprint_dir} %install rm -fr %{buildroot} -mkdir -p %{buildroot}/%{tizen_dir} -mkdir -p %{buildroot}/%{wac_dir} -cp -arf certificates/tizen*.pem %{buildroot}/%{tizen_dir}/ -cp -arf certificates/wac*.pem %{buildroot}/%{wac_dir}/ +%make_install +mkdir -p %{buildroot}%{tizen_dir} +mkdir -p %{buildroot}%{wac_dir} +mkdir -p %{buildroot}%{fingerprint_dir} %files +%defattr(-,root,root,-) %manifest %{name}.manifest %license LICENSE -%defattr(-,root,root,-) %{tizen_dir}/* %{wac_dir}/* +%{fingerprint_dir}/* %changelog diff --git a/tools/CMakeLists.txt b/tools/CMakeLists.txt new file mode 100644 index 0000000..ba1dda8 --- /dev/null +++ b/tools/CMakeLists.txt @@ -0,0 +1,25 @@ +GET_FILENAME_COMPONENT( + FINGERPRINT_LIST_XML + ${CMAKE_CURRENT_SOURCE_DIR}/fingerprint_list.xml + REALPATH + ) +GET_FILENAME_COMPONENT( + FINGERPRINT_LIST_XSD + ${CMAKE_CURRENT_SOURCE_DIR}/fingerprint_list.xsd + REALPATH + ) + +EXECUTE_PROCESS( + COMMAND + ${CMAKE_CURRENT_SOURCE_DIR}/add-fingerprint.sh + ${CMAKE_SOURCE_DIR}/certificates + ${FINGERPRINT_LIST_XML} + RESULT_VARIABLE ERROR_CODE +) +IF(ERROR_CODE) + MESSAGE(FATAL_ERROR "Failed to generate fingerprint list") +ENDIF(ERROR_CODE) + +INSTALL(FILES ${FINGERPRINT_LIST_XML} + ${FINGERPRINT_LIST_XSD} + DESTINATION ${FINGERPRINT_DIR}) diff --git a/tools/add-fingerprint.sh b/tools/add-fingerprint.sh new file mode 100755 index 0000000..9bde6b2 --- /dev/null +++ b/tools/add-fingerprint.sh @@ -0,0 +1,33 @@ +#!/bin/sh + +CERT_ROOT=$1 +XML_PATH=$2 + +if [ -z "$2" ] +then + echo "usage: `basename $0` certificate_root_path fingerprint_xml_path" + exit 2 +fi + +for CATEGORY in developer public partner platform +do + if [ -d "$CERT_ROOT/$CATEGORY" ] + then + echo + echo " <<$CATEGORY>>" + for CERT_PATH in `ls $CERT_ROOT/$CATEGORY/*.pem` + do + FINGERPRINT=`/usr/bin/openssl x509 -noout -fingerprint -in $CERT_PATH | cut -d '=' -f 2` + echo " ${CERT_PATH##*/}:" + echo " $FINGERPRINT" + ################################################################## + # Find "<CertificateDomain name="tizen-xxxxxxx">" # + # then add the fingerprint into the next line # + ################################################################## + # <FingerprintSHA1>[...fingerprints...]</FingerprintSHA1> # + ################################################################## + /bin/sed -i "s#<CertificateDomain name=\"tizen-$CATEGORY\">.*#&\n <FingerprintSHA1>$FINGERPRINT</FingerprintSHA1><!-- ${CERT_PATH##*/} -->#" $XML_PATH + done + fi +done +echo diff --git a/tools/fingerprint_list.xml b/tools/fingerprint_list.xml new file mode 100644 index 0000000..8fefc3d --- /dev/null +++ b/tools/fingerprint_list.xml @@ -0,0 +1,10 @@ +<CertificateSet> + <CertificateDomain name="tizen-developer"><!-- used to verify tizen widgets --> + </CertificateDomain> + <CertificateDomain name="tizen-public"> + </CertificateDomain> + <CertificateDomain name="tizen-partner"> + </CertificateDomain> + <CertificateDomain name="tizen-platform"> + </CertificateDomain> +</CertificateSet> diff --git a/tools/fingerprint_list.xsd b/tools/fingerprint_list.xsd new file mode 100644 index 0000000..b0fab23 --- /dev/null +++ b/tools/fingerprint_list.xsd @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="utf-8"?> +<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"> + +<xs:element name="CertificateSet" type="CertificateSetType" /> +<xs:complexType name="CertificateSetType"> + <xs:sequence> + <xs:element ref="CertificateDomain" minOccurs="0" maxOccurs="unbounded" /> + </xs:sequence> +</xs:complexType> + +<xs:element name="CertificateDomain" type="CertificateDomainType" /> +<xs:complexType name="CertificateDomainType"> + <xs:sequence> + <xs:element ref="FingerprintSHA1" minOccurs="0" maxOccurs="unbounded" /> + </xs:sequence> + <xs:attribute name="name" type="xs:string" use="required" /> +</xs:complexType> + +<xs:element name="FingerprintSHA1" type="xs:string"/> + +</xs:schema> |