Fixed cert generation on Android. Fixes #65.

This commit is contained in:
Mark Qvist 2024-12-17 13:25:55 +01:00
parent 9e6cdc859a
commit c1f04e8e3e
2 changed files with 7 additions and 2 deletions

View File

@ -10,7 +10,7 @@ source.exclude_patterns = app_storage/*,venv/*,Makefile,./Makefil*,requirements,
version.regex = __version__ = ['"](.*)['"] version.regex = __version__ = ['"](.*)['"]
version.filename = %(source.dir)s/main.py version.filename = %(source.dir)s/main.py
android.numeric_version = 20241213 android.numeric_version = 20241217
requirements = kivy==2.3.0,libbz2,pillow==10.2.0,qrcode==7.3.1,usb4a,usbserial4a,able_recipe,libwebp,libogg,libopus,opusfile,numpy,cryptography,ffpyplayer,codec2,pycodec2,sh,pynacl,typing-extensions requirements = kivy==2.3.0,libbz2,pillow==10.2.0,qrcode==7.3.1,usb4a,usbserial4a,able_recipe,libwebp,libogg,libopus,opusfile,numpy,cryptography,ffpyplayer,codec2,pycodec2,sh,pynacl,typing-extensions

View File

@ -47,7 +47,11 @@ def get_key(key_path, force_reload=False):
return LOADED_KEY return LOADED_KEY
elif os.path.isfile(KEY_PATH): elif os.path.isfile(KEY_PATH):
with open(KEY_PATH, "rb") as f: with open(KEY_PATH, "rb") as f:
if cryptography_major_version > 3:
key = load_pem_private_key(f.read(), KEY_PASSPHRASE) key = load_pem_private_key(f.read(), KEY_PASSPHRASE)
else:
from cryptography.hazmat.backends import default_backend
key = load_pem_private_key(f.read(), KEY_PASSPHRASE, backend=default_backend())
else: else:
if cryptography_major_version > 3: if cryptography_major_version > 3:
key = ec.generate_private_key(curve=ec.SECP256R1()) key = ec.generate_private_key(curve=ec.SECP256R1())
@ -87,6 +91,7 @@ def gen_cert(cert_path, key):
cb = cb.not_valid_before(datetime.datetime.now(datetime.timezone.utc)+datetime.timedelta(days=-14)) cb = cb.not_valid_before(datetime.datetime.now(datetime.timezone.utc)+datetime.timedelta(days=-14))
cb = cb.not_valid_after(datetime.datetime.now(datetime.timezone.utc)+datetime.timedelta(days=3652)) cb = cb.not_valid_after(datetime.datetime.now(datetime.timezone.utc)+datetime.timedelta(days=3652))
cb = cb.add_extension(x509.SubjectAlternativeName([x509.DNSName("localhost")]), critical=False) cb = cb.add_extension(x509.SubjectAlternativeName([x509.DNSName("localhost")]), critical=False)
if cryptography_major_version > 3: if cryptography_major_version > 3:
cert = cb.sign(key, hashes.SHA256()) cert = cb.sign(key, hashes.SHA256())
else: else: