Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2025-01-11 23:49:34 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fixup and enable GPG verification

Browse Source 
Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2022-08-24 15:50:36 -04:00
parent 4973d22c3a
commit 4bfedbc42d
No known key found for this signature in database
GPG Key ID: B286E9F57A07424B
4 changed files with 18 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Manifests/Manifest_LAOS-19.1.xml
View File

@ -47,8 +47,8 @@
<!-- START OF ADDITIONAL REPOS --> <!-- START OF ADDITIONAL REPOS -->
<!-- GrapheneOS --> <!-- GrapheneOS -->
<project path="external/hardened_malloc" name="GrapheneOS/hardened_malloc" remote="github" revision="12.1" /> <project path="external/hardened_malloc" name="GrapheneOS/hardened_malloc" remote="github" revision="0d6d63cbe7cb6326bb06e1161b680cb3229f25a0" />
<project path="external/SecureCamera" name="GrapheneOS/platform_external_Camera" remote="github" revision="12.1" /> <project path="external/SecureCamera" name="GrapheneOS/platform_external_Camera" remote="github" revision="13" />
<!-- END OF ADDITIONAL REPOS --> <!-- END OF ADDITIONAL REPOS -->
<!-- START OF DEVICE REPOS --> <!-- START OF DEVICE REPOS -->

BIN
Misc/pubring.kbx Normal file
View File

Binary file not shown.

6
Scripts/Common/Functions.sh
View File

@ -89,9 +89,9 @@ applyPatch() {
export -f applyPatch; export -f applyPatch;
gpgVerifyDirectory() { gpgVerifyDirectory() {
if [ -r "$HOME/.gnupg" ]; then if [ -r "$DOS_TMP_GNUPG/pubring.kbx" ]; then
for sig in $1/*.asc; do for sig in $1/*.asc; do
if gpg --verify $sig &>/dev/null; then if gpg --homedir "$DOS_TMP_GNUPG" --verify $sig &>/dev/null; then
echo -e "\e[0;32mGPG Verified Successfully: $sig\e[0m"; echo -e "\e[0;32mGPG Verified Successfully: $sig\e[0m";
else else
echo -e "\e[0;31mWARNING: GPG Verification Failed: $sig\e[0m"; echo -e "\e[0;31mWARNING: GPG Verification Failed: $sig\e[0m";
@ -99,7 +99,7 @@ gpgVerifyDirectory() {
fi; fi;
done; done;
else else
echo -e "\e[0;33mWARNING: ~/.gnupg is unavailable, GPG verification of $1 will not be performed!\e[0m"; echo -e "\e[0;33mWARNING: keyring is unavailable, GPG verification of $1 will not be performed!\e[0m";
fi; fi;
} }
export -f gpgVerifyDirectory; export -f gpgVerifyDirectory;

20
Scripts/init.sh
View File

@ -111,12 +111,12 @@ export DOS_THEME_700="E64A19"; #Deep Orange 700
umask 0022; umask 0022;
gpgVerifyGitHead() { gpgVerifyGitHead() {
if [ -r "$HOME/.gnupg" ]; then if [ -r "$DOS_TMP_GNUPG/pubring.kbx" ]; then
if git -C $1 verify-commit HEAD; then if git -C "$1" verify-commit HEAD &>/dev/null; then
echo -e "\e[0;32mGPG Verified Git HEAD Successfully: $1\e[0m"; echo -e "\e[0;32mGPG Verified Git HEAD Successfully: $1\e[0m";
else else
echo -e "\e[0;31mWARNING: GPG Verification of Git HEAD Failed: $1\e[0m"; echo -e "\e[0;31mWARNING: GPG Verification of Git HEAD Failed: $1\e[0m";
sleep 60; #sleep 60;
fi; fi;
#git -C $1 log --show-signature -1; #git -C $1 log --show-signature -1;
else else
@ -143,6 +143,12 @@ fi;
export DOS_TMP_DIR="/tmp/dos_tmp"; export DOS_TMP_DIR="/tmp/dos_tmp";
mkdir -p "$DOS_TMP_DIR"; mkdir -p "$DOS_TMP_DIR";
export DOS_HOSTS_FILE="$DOS_TMP_DIR/hosts"; export DOS_HOSTS_FILE="$DOS_TMP_DIR/hosts";
export DOS_TMP_GNUPG="$DOS_TMP_DIR/gnupg-$RANDOM";
mkdir -p "$DOS_TMP_GNUPG";
export GNUPGHOME="$DOS_TMP_GNUPG";
chmod 700 "$DOS_TMP_GNUPG";
export DOS_VERIFICATION_KEYRING=$DOS_WORKSPACE_ROOT"Misc/pubring.kbx";
cp "$DOS_VERIFICATION_KEYRING" "$DOS_TMP_GNUPG/";
export DOS_PREBUILT_APPS=$DOS_WORKSPACE_ROOT"PrebuiltApps/"; export DOS_PREBUILT_APPS=$DOS_WORKSPACE_ROOT"PrebuiltApps/";
export DOS_PATCHES_COMMON=$DOS_WORKSPACE_ROOT"Patches/Common/"; export DOS_PATCHES_COMMON=$DOS_WORKSPACE_ROOT"Patches/Common/";
@ -172,10 +178,10 @@ export LC_ALL=C;
export LANG=en_US.UTF-8; export LANG=en_US.UTF-8;
#START OF VERIFICATION #START OF VERIFICATION
#gpgVerifyGitHead $DOS_WORKSPACE_ROOT; gpgVerifyGitHead $DOS_WORKSPACE_ROOT;
#gpgVerifyGitHead $DOS_PREBUILT_APPS; gpgVerifyGitHead $DOS_PREBUILT_APPS;
#gpgVerifyGitHead $DOS_PATCHES_LINUX_CVES; gpgVerifyGitHead $DOS_PATCHES_LINUX_CVES;
#gpgVerifyGitHead $DOS_WALLPAPERS; gpgVerifyGitHead $DOS_WALLPAPERS;
#END OF VERIFICATION #END OF VERIFICATION
source "$DOS_SCRIPTS_COMMON/Shell.sh"; source "$DOS_SCRIPTS_COMMON/Shell.sh";