${CMAKE_CURRENT_SOURCE_DIR}/public/
${CMAKE_CURRENT_SOURCE_DIR}/partner/
${CMAKE_CURRENT_SOURCE_DIR}/platform/
+ ${CMAKE_CURRENT_SOURCE_DIR}/revoked/
DESTINATION
${TIZEN_DIR}
FILES_MATCHING
--- /dev/null
+Add revoked Tizen app-signing root certificate here with "pem" suffix.
${CMAKE_CURRENT_SOURCE_DIR}/public/
${CMAKE_CURRENT_SOURCE_DIR}/partner/
${CMAKE_CURRENT_SOURCE_DIR}/platform/
+ ${CMAKE_CURRENT_SOURCE_DIR}/revoked/
DESTINATION
${TIZEN_DIR}
FILES_MATCHING
--- /dev/null
+Add revoked Tizen app-signing root certificate here with "pem" suffix.
${CMAKE_CURRENT_SOURCE_DIR}/public/
${CMAKE_CURRENT_SOURCE_DIR}/partner/
${CMAKE_CURRENT_SOURCE_DIR}/platform/
+ ${CMAKE_CURRENT_SOURCE_DIR}/revoked/
DESTINATION
${TIZEN_DIR}
FILES_MATCHING
--- /dev/null
+Add revoked Tizen app-signing root certificate here with "pem" suffix.
${CMAKE_CURRENT_SOURCE_DIR}/public/
${CMAKE_CURRENT_SOURCE_DIR}/partner/
${CMAKE_CURRENT_SOURCE_DIR}/platform/
+ ${CMAKE_CURRENT_SOURCE_DIR}/revoked/
DESTINATION
${TIZEN_DIR}
FILES_MATCHING
--- /dev/null
+Add revoked Tizen app-signing root certificate here with "pem" suffix.
${CMAKE_CURRENT_SOURCE_DIR}/public/
${CMAKE_CURRENT_SOURCE_DIR}/partner/
${CMAKE_CURRENT_SOURCE_DIR}/platform/
+ ${CMAKE_CURRENT_SOURCE_DIR}/revoked/
DESTINATION
${TIZEN_DIR}
FILES_MATCHING
--- /dev/null
+Add revoked Tizen app-signing root certificate here with "pem" suffix.
${CMAKE_CURRENT_SOURCE_DIR}/public/
${CMAKE_CURRENT_SOURCE_DIR}/partner/
${CMAKE_CURRENT_SOURCE_DIR}/platform/
+ ${CMAKE_CURRENT_SOURCE_DIR}/revoked/
DESTINATION
${TIZEN_DIR}
FILES_MATCHING
--- /dev/null
+Add revoked Tizen app-signing root certificate here with "pem" suffix.
${CMAKE_CURRENT_SOURCE_DIR}/public/
${CMAKE_CURRENT_SOURCE_DIR}/partner/
${CMAKE_CURRENT_SOURCE_DIR}/platform/
+ ${CMAKE_CURRENT_SOURCE_DIR}/revoked/
DESTINATION
${TIZEN_DIR}
FILES_MATCHING
--- /dev/null
+Add revoked Tizen app-signing root certificate here with "pem" suffix.
${CMAKE_CURRENT_SOURCE_DIR}/public/
${CMAKE_CURRENT_SOURCE_DIR}/partner/
${CMAKE_CURRENT_SOURCE_DIR}/platform/
+ ${CMAKE_CURRENT_SOURCE_DIR}/revoked/
DESTINATION
${TIZEN_DIR}
FILES_MATCHING
--- /dev/null
+Add revoked Tizen app-signing root certificate here with "pem" suffix.
${CMAKE_CURRENT_SOURCE_DIR}/public/
${CMAKE_CURRENT_SOURCE_DIR}/partner/
${CMAKE_CURRENT_SOURCE_DIR}/platform/
+ ${CMAKE_CURRENT_SOURCE_DIR}/revoked/
DESTINATION
${TIZEN_DIR}
FILES_MATCHING
--- /dev/null
+Add revoked Tizen app-signing root certificate here with "pem" suffix.
Source1001: %{name}.manifest
BuildRequires: cmake
BuildRequires: openssl
+BuildRequires: pkgconfig(libtzplatform-config)
+
+%description
+Used for the installation of Tizen-specific CA certificates.
+
+%package devel
+Summary: Devel package of %{name} which contains RPM macros
+Group: Development/Libraries
+License: Apache-2.0
+Requires: %name = %version-%release
+
+%description devel
+%{name} devel package which contains RPM macros for runtime revoked certs fingerprint
%define ro_data_dir %{?TZ_SYS_RO_SHARE:%TZ_SYS_RO_SHARE}%{!?TZ_SYS_RO_SHARE:%_datadir}
+%define rw_data_dir %{?TZ_SYS_SHARE:%TZ_SYS_SHARE}%{!?TZ_SYS_SHARE:/opt/share}
%define tizen_dir %{ro_data_dir}/ca-certificates/tizen
%define fingerprint_dir %{ro_data_dir}/ca-certificates/fingerprint
+%define fingerprint_rw_dir %{rw_data_dir}/ca-certificates/fingerprint
+%define ro_etc_dir %{?TZ_SYS_RO_ETC:%TZ_SYS_RO_ETC}%{!?TZ_SYS_RO_ETC:%_sysconfdir}
-%description
-Used for the installation of Tizen-specific CA certificates.
+%define macro_ca_certificates_tizen %{ro_etc_dir}/rpm/macros.ca-certificates-tizen
%prep
%setup -q
%cmake . -DRELMODE=%{REL_MODE} \
-DTIZEN_DIR=%{tizen_dir} \
-DFINGERPRINT_DIR=%{fingerprint_dir} \
+ -DFINGERPRINT_RW_DIR=%{fingerprint_rw_dir} \
-DPROFILE_TARGET=%{?profile}
make %{?_smp_mflags}
%install
-rm -fr %{buildroot}
%make_install
-mkdir -p %{buildroot}%{tizen_dir}
-mkdir -p %{buildroot}%{fingerprint_dir}
+
+mkdir -p %{buildroot}%{ro_etc_dir}/rpm
+touch %{buildroot}%{macro_ca_certificates_tizen}
+echo "%TZ_SYS_REVOKED_CERTS_FINGERPRINTS_RUNTIME %{fingerprint_rw_dir}/fingerprint_list_runtime.xml" >> %{buildroot}%{macro_ca_certificates_tizen}
+
%files
%defattr(-,root,root,-)
%license LICENSE
%{tizen_dir}/*
%{fingerprint_dir}/*
+%{fingerprint_rw_dir}/fingerprint_list_runtime.xml
+
+%files devel
+%config %{macro_ca_certificates_tizen}
REALPATH
)
GET_FILENAME_COMPONENT(
+ FINGERPRINT_LIST_RW_XML
+ ${CMAKE_CURRENT_SOURCE_DIR}/fingerprint_list_runtime.xml
+ REALPATH
+ )
+GET_FILENAME_COMPONENT(
FINGERPRINT_LIST_XSD
${CMAKE_CURRENT_SOURCE_DIR}/fingerprint_list.xsd
REALPATH
${FINGERPRINT_LIST_XML}
RESULT_VARIABLE ERROR_CODE
)
+
IF(ERROR_CODE)
MESSAGE(FATAL_ERROR "Failed to generate fingerprint list")
ENDIF(ERROR_CODE)
-INSTALL(FILES ${FINGERPRINT_LIST_XML}
- ${FINGERPRINT_LIST_XSD}
- DESTINATION ${FINGERPRINT_DIR})
+EXECUTE_PROCESS(
+ COMMAND
+ ${CMAKE_CURRENT_SOURCE_DIR}/add-fingerprint.sh
+ ${CMAKE_SOURCE_DIR}/certificates/${PROFILE_TARGET}/${RELMODE}
+ ${FINGERPRINT_LIST_RW_XML}
+ RESULT_VARIABLE ERROR_CODE
+)
+
+IF(ERROR_CODE)
+ MESSAGE("Failed to generate fingerprint list rw")
+ENDIF(ERROR_CODE)
+
+INSTALL(FILES ${FINGERPRINT_LIST_XML} ${FINGERPRINT_LIST_XSD}
+ DESTINATION ${FINGERPRINT_DIR}
+)
+
+INSTALL(FILES ${FINGERPRINT_LIST_RW_XML}
+ DESTINATION ${FINGERPRINT_RW_DIR}
+)
exit 2
fi
-for CATEGORY in developer public partner platform test verify store
+for CATEGORY in developer public partner platform test verify store revoked
do
if [ -d "$CERT_ROOT/$CATEGORY" ]
then
--- /dev/null
+<CertificateSet>
+ <CertificateDomain name="tizen-revoked">
+ </CertificateDomain>
+</CertificateSet>
projects / platform / core / security / ca-certificates-tizen.git / commitdiff