[Buildroot] [PATCH 5/6] wireless-regdb: add explicit signing key config
Kurt Van Dijck
dev.kurt at vandijck-laurijssen.be
Thu Jul 2 10:36:17 UTC 2020
This commit allows to set an explicit file with signing key to use.
Signed-off-by: Kurt Van Dijck <dev.kurt at vandijck-laurijssen.be>
---
package/wireless-regdb/Config.in | 18 ++++++++++++++++++
package/wireless-regdb/wireless-regdb.mk | 24 +++++++++++++++++++++---
2 files changed, 39 insertions(+), 3 deletions(-)
diff --git a/package/wireless-regdb/Config.in b/package/wireless-regdb/Config.in
index 55347b5e8c..be2c421438 100644
--- a/package/wireless-regdb/Config.in
+++ b/package/wireless-regdb/Config.in
@@ -26,4 +26,22 @@ config BR2_WIRELESS_REGDB_REBUILD
outdoor and indoor regulations differ.
Make sure to deploy your wireless-regdb public key if you use crda
or compile them into the kernel.
+
+if BR2_WIRELESS_REGDB_REBUILD
+
+config BR2_WIRELESS_REGDB_COMMONNAME
+ string "CommonName for x509 cert"
+ default "buildroot"
+
+config BR2_WIRELESS_REGDB_PRIVKEY
+ string "private key for signing wireless-regdb"
+ default "~/.buildroot"
+ help
+ Path to file containing private key to sign wireless-regdb.
+ The key should be in .pem format.
+
+ If the file does not exist, a new key will be generated
+
+endif
+
endif
diff --git a/package/wireless-regdb/wireless-regdb.mk b/package/wireless-regdb/wireless-regdb.mk
index 7c6b140a4a..d60428a8f0 100644
--- a/package/wireless-regdb/wireless-regdb.mk
+++ b/package/wireless-regdb/wireless-regdb.mk
@@ -13,16 +13,34 @@ WIRELESS_REGDB_LICENSE_FILES = LICENSE
ifeq ($(BR2_WIRELESS_REGDB_REBUILD),y)
+WIRELESS_REGDB_PRIVKEY = $(call qstrip,$(BR2_WIRELESS_REGDB_PRIVKEY))
+WIRELESS_REGDB_PRIVKEYNAME = $(patsubst .%,%,$(notdir $(WIRELESS_REGDB_PRIVKEY)))
+# make sure PRIVKEYNAME is set
+ifeq ($(WIRELESS_REGDB_PRIVKEYNAME),)
+WIRELESS_REGDB_PRIVKEY=~/.buildroot
+endif
+
+ifeq ($(call qstrip,$(BR2_WIRELESS_REGDB_COMMONNAME)),)
+BR2_WIRELESS_REGDB_COMMONNAME = "buildroot"
+endif
+
define WIRELESS_REGDB_PATCH_PYTHON3
sed -i -e '1 s/python$$/python3/' $(@D)/*.py
+ sed -i -e 's/= sforshee$$/= $(call qstrip,$(BR2_WIRELESS_REGDB_COMMONNAME))/' $(@D)/gen-pubcert.sh
endef
WIRELESS_REGDB_POST_PATCH_HOOKS += WIRELESS_REGDB_PATCH_PYTHON3
WIRELESS_REGDB_DEPENDENCIES += host-python3-m2crypto
+
define WIRELESS_REGDB_BUILD_CMDS
$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) \
- REGDB_AUTHOR=buildroot
+ REGDB_PRIVKEY=$(WIRELESS_REGDB_PRIVKEY) \
+ REGDB_PUBKEY=$(WIRELESS_REGDB_PRIVKEYNAME).pub \
+ REGDB_PUBCERT=$(WIRELESS_REGDB_PRIVKEYNAME).x509.pem
+ openssl x509 -in $(@D)/$(WIRELESS_REGDB_PRIVKEYNAME).x509.pem \
+ -outform DER \
+ -out $(@D)/$(WIRELESS_REGDB_PRIVKEYNAME).x509
endef
endif
@@ -32,8 +50,8 @@ define WIRELESS_REGDB_INSTALL_CRDA_TARGET_CMDS
$(TARGET_DIR)/usr/lib/crda/regulatory.bin
$(INSTALL) -m 644 -D -T $(@D)/sforshee.key.pub.pem \
$(TARGET_DIR)/etc/wireless-regdb/pubkeys/sforshee.key.pub.pem
- $(INSTALL) -m 644 -D -T ~/.wireless-regdb-buildroot.key.pub.pem \
- $(TARGET_DIR)/etc/wireless-regdb/pubkeys/buildroot.key.pub.pem
+ $(INSTALL) -m 644 -D -T $(@D)/$(WIRELESS_REGDB_PRIVKEYNAME).pub \
+ $(TARGET_DIR)/etc/wireless-regdb/pubkeys/$(WIRELESS_REGDB_PRIVKEYNAME).pub
endef
endif
--
2.25.0
More information about the buildroot
mailing list