mirror of
https://gitlab.com/fdroid/fdroidserver.git
synced 2024-11-10 17:30:11 +01:00
18f3acc32e
There is no longer any reason for these to be intertwined. This deliberately avoids touching some files as much as possible because they are super tangled and due to be replaced. Those files are: * fdroidserver/build.py * fdroidserver/update.py # Conflicts: # tests/testcommon.py # Conflicts: # fdroidserver/btlog.py # fdroidserver/import_subcommand.py
42 lines
1.5 KiB
Python
42 lines
1.5 KiB
Python
#!/usr/bin/env python3
|
|
|
|
from argparse import ArgumentParser
|
|
from fdroidserver import common
|
|
from fdroidserver.common import FDroidPopen
|
|
from fdroidserver.exception import BuildException
|
|
|
|
fdroid_summary = 'import the local keystore into a SmartCard HSM'
|
|
|
|
|
|
def main():
|
|
parser = ArgumentParser()
|
|
common.setup_global_opts(parser)
|
|
common.parse_args(parser)
|
|
config = common.read_config()
|
|
env_vars = {
|
|
'LC_ALL': 'C.UTF-8',
|
|
'FDROID_KEY_STORE_PASS': config['keystorepass'],
|
|
'FDROID_KEY_PASS': config['keypass'],
|
|
'SMARTCARD_PIN': str(config['smartcard_pin']),
|
|
}
|
|
p = FDroidPopen([config['keytool'], '-importkeystore',
|
|
'-srcalias', config['repo_keyalias'],
|
|
'-srckeystore', config['keystore'],
|
|
'-srcstorepass:env', 'FDROID_KEY_STORE_PASS',
|
|
'-srckeypass:env', 'FDROID_KEY_PASS',
|
|
'-destalias', config['repo_keyalias'],
|
|
'-destkeystore', 'NONE',
|
|
'-deststoretype', 'PKCS11',
|
|
'-providerName', 'SunPKCS11-OpenSC',
|
|
'-providerClass', 'sun.security.pkcs11.SunPKCS11',
|
|
'-providerArg', 'opensc-fdroid.cfg',
|
|
'-deststorepass:env', 'SMARTCARD_PIN',
|
|
'-J-Djava.security.debug=sunpkcs11'],
|
|
envs=env_vars)
|
|
if p.returncode != 0:
|
|
raise BuildException("Failed to import into HSM!", p.output)
|
|
|
|
|
|
if __name__ == "__main__":
|
|
main()
|