Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-10-01 01:35:54 -04:00
Code Issues Packages Projects Releases Wiki Activity

More verification

Browse Source 
Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2022-08-26 23:02:25 -04:00
parent 3618774d9f
commit 86ed884251
No known key found for this signature in database
GPG Key ID: B286E9F57A07424B
10 changed files with 34 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
Misc/pubring.kbx
View File

Binary file not shown.

6
Scripts/Common/Functions.sh
View File

@ -27,10 +27,10 @@ resetWorkspace() {
}
export -f resetWorkspace;
verifyAllTags() {
repo forall -c 'source $DOS_WORKSPACE_ROOT/Scripts/Common/Tag_Verifier.sh && verifyTagIfPossible $REPO_PROJECT $REPO_PATH';
verifyAllPlatformTags() {
repo forall -c 'source $DOS_WORKSPACE_ROOT/Scripts/Common/Tag_Verifier.sh && verifyTagIfPlatform $REPO_PROJECT $REPO_PATH';
}
export -f verifyAllTags;
export -f verifyAllPlatformTags;
enter() {
echo "================================================================================================"

24
Scripts/Common/Tag_Verifier.sh
View File

@ -20,11 +20,16 @@ source "$DOS_SCRIPTS_COMMON/Shell.sh";
gpgVerifyGitTag() {
if [ -r "$DOS_TMP_GNUPG/pubring.kbx" ]; then
if git -C "$1" verify-tag "$2" &>/dev/null; then
echo -e "\e[0;32mGPG Verified Git Tag Successfully: $1\e[0m";
tagMatch=$(git -C "$1" describe --exact-match HEAD);
if [ ! -z "$tagMatch" ]; then
if git -C "$1" verify-tag "$tagMatch" &>/dev/null; then
echo -e "\e[0;32mGPG Verified Git Tag Successfully: $1\e[0m";
else
echo -e "\e[0;31mWARNING: GPG Verification of Git Tag Failed: $1\e[0m";
#sleep 60;
fi;
else
echo -e "\e[0;31mWARNING: GPG Verification of Git Tag Failed: $1\e[0m";
#sleep 60;
echo -e "\e[0;33mWARNING: No tag match for $1 \e[0m";
fi;
#git -C $1 log --show-signature -1;
else
@ -33,14 +38,9 @@ gpgVerifyGitTag() {
}
export -f gpgVerifyGitHead;
verifyTagIfPossible() {
verifyTagIfPlatform() {
if [[ "$1" == "platform/"* ]]; then
tagMatch=$(git -C "$DOS_BUILD_BASE$2" describe --exact-match HEAD);
if [ ! -z "$tagMatch" ]; then
gpgVerifyGitTag "$DOS_BUILD_BASE$2" "$tagMatch";
else
echo -e "\e[0;33mWARNING: No tag match for $2 \e[0m";
fi;
gpgVerifyGitTag "$DOS_BUILD_BASE$2";
fi;
}
export -f verifyTagIfPossible;
export -f verifyTagIfPlatform;

4
Scripts/LineageOS-14.1/Functions.sh
View File

@ -100,8 +100,8 @@ patchWorkspace() {
cd "$DOS_BUILD_BASE$1";
touch DOS_PATCHED_FLAG;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/cm"; fi;
verifyAllTags;
gpgVerifyGitHead $DOS_BUILD_BASE"external/chromium-webview";
verifyAllPlatformTags;
gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
source build/envsetup.sh;
#repopick -it bt-sbc-hd-dualchannel-nougat;

5
Scripts/LineageOS-15.1/Functions.sh
View File

@ -79,8 +79,9 @@ patchWorkspace() {
cd "$DOS_BUILD_BASE$1";
touch DOS_PATCHED_FLAG;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
verifyAllTags;
gpgVerifyGitHead $DOS_BUILD_BASE"external/chromium-webview";
verifyAllPlatformTags;
#gpgVerifyGitTag "$DOS_BUILD_BASE/external/hardened_malloc";
gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
#source build/envsetup.sh;

5
Scripts/LineageOS-16.0/Functions.sh
View File

@ -71,8 +71,9 @@ patchWorkspace() {
cd "$DOS_BUILD_BASE$1";
touch DOS_PATCHED_FLAG;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
verifyAllTags;
gpgVerifyGitHead $DOS_BUILD_BASE"external/chromium-webview";
verifyAllPlatformTags;
gpgVerifyGitTag "$DOS_BUILD_BASE/external/hardened_malloc";
gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
source build/envsetup.sh;
#repopick -it pie-firewall;

5
Scripts/LineageOS-17.1/Functions.sh
View File

@ -77,8 +77,9 @@ patchWorkspace() {
cd "$DOS_BUILD_BASE$1";
touch DOS_PATCHED_FLAG;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
verifyAllTags;
gpgVerifyGitHead $DOS_BUILD_BASE"external/chromium-webview";
verifyAllPlatformTags;
gpgVerifyGitTag "$DOS_BUILD_BASE/external/hardened_malloc";
gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
#source build/envsetup.sh;
#repopick -it ten-firewall;

5
Scripts/LineageOS-18.1/Functions.sh
View File

@ -118,8 +118,9 @@ patchWorkspace() {
cd "$DOS_BUILD_BASE$1";
touch DOS_PATCHED_FLAG;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
verifyAllTags;
gpgVerifyGitHead $DOS_BUILD_BASE"external/chromium-webview";
verifyAllPlatformTags;
gpgVerifyGitTag "$DOS_BUILD_BASE/external/hardened_malloc";
gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
#source build/envsetup.sh;
#repopick -it eleven-firewall;

6
Scripts/LineageOS-19.1/Functions.sh
View File

@ -109,8 +109,10 @@ patchWorkspace() {
cd "$DOS_BUILD_BASE$1";
touch DOS_PATCHED_FLAG;
if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/lineage"; fi;
verifyAllTags;
gpgVerifyGitHead $DOS_BUILD_BASE"external/chromium-webview";
verifyAllPlatformTags;
gpgVerifyGitTag "$DOS_BUILD_BASE/external/hardened_malloc";
gpgVerifyGitTag "$DOS_BUILD_BASE/external/SecureCamera";
gpgVerifyGitHead "$DOS_BUILD_BASE/external/chromium-webview";
#source build/envsetup.sh;

1
Scripts/init.sh
View File

@ -186,4 +186,5 @@ gpgVerifyGitHead $DOS_WALLPAPERS;
source "$DOS_SCRIPTS_COMMON/Shell.sh";
source "$DOS_SCRIPTS_COMMON/Functions.sh";
source "$DOS_SCRIPTS_COMMON/Tag_Verifier.sh";
source "$DOS_SCRIPTS/Functions.sh";