--- /dev/null
+CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
+
+ADD_SUBDIRECTORY(certificates)
+ADD_SUBDIRECTORY(tools)
--- /dev/null
+ADD_SUBDIRECTORY(developer)
+ADD_SUBDIRECTORY(public)
+ADD_SUBDIRECTORY(partner)
+ADD_SUBDIRECTORY(platform)
+ADD_SUBDIRECTORY(wac)
--- /dev/null
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-developer-root-ca.pem
+ DESTINATION ${TIZEN_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
+
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-developers-root.pem
+ DESTINATION ${TIZEN_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
--- /dev/null
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-distributor-root-ca-partner-manufacturer.pem
+ DESTINATION ${TIZEN_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
+
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-distributor-root-ca-partner-operator.pem
+ DESTINATION ${TIZEN_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
+
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-distributor-root-ca-partner.pem
+ DESTINATION ${TIZEN_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
+
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-partner-class-developer-root.pem
+ DESTINATION ${TIZEN_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
+
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-partner-class-root-authority.pem
+ DESTINATION ${TIZEN_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
--- /dev/null
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-platform-class-developer-root.pem
+ DESTINATION ${TIZEN_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
+
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-platform-class-root-authority.pem
+ DESTINATION ${TIZEN_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
--- /dev/null
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-distributor-root-ca-public.pem
+ DESTINATION ${TIZEN_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
+
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-public-class-developer-root.pem
+ DESTINATION ${TIZEN_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
+
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen-public-class-root-authority.pem
+ DESTINATION ${TIZEN_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
+
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/tizen.root.preproduction.cert.pem
+ DESTINATION ${TIZEN_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
--- /dev/null
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/wac.publisherid.pem
+ DESTINATION ${WAC_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
+
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/wac.root.preproduction.pem
+ DESTINATION ${WAC_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
+
+INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/wac.root.production.pem
+ DESTINATION ${WAC_DIR}
+ PERMISSIONS OWNER_READ
+ GROUP_READ
+ WORLD_READ)
Source: %{name}-%{version}.tar.gz
Source1001: %{name}.manifest
BuildArch: noarch
-%define tizen_dir /usr/share/ca-certificates/tizen
-%define wac_dir /usr/share/ca-certificates/wac
+BuildRequires: cmake
+BuildRequires: openssl
+
+%define tizen_dir /usr/share/ca-certificates/tizen
+%define wac_dir /usr/share/ca-certificates/wac
+%define fingerprint_dir /usr/share/ca-certificates/fingerprint
%description
Used for the installation of Tizen-specific CA certificates.
cp %{SOURCE1001} .
%build
+%cmake . -DTIZEN_DIR=%{tizen_dir} \
+ -DWAC_DIR=%{wac_dir} \
+ -DFINGERPRINT_DIR=%{fingerprint_dir}
%install
rm -fr %{buildroot}
-mkdir -p %{buildroot}/%{tizen_dir}
-mkdir -p %{buildroot}/%{wac_dir}
-cp -arf certificates/tizen*.pem %{buildroot}/%{tizen_dir}/
-cp -arf certificates/wac*.pem %{buildroot}/%{wac_dir}/
+%make_install
+mkdir -p %{buildroot}%{tizen_dir}
+mkdir -p %{buildroot}%{wac_dir}
+mkdir -p %{buildroot}%{fingerprint_dir}
%files
+%defattr(-,root,root,-)
%manifest %{name}.manifest
%license LICENSE
-%defattr(-,root,root,-)
%{tizen_dir}/*
%{wac_dir}/*
+%{fingerprint_dir}/*
%changelog
--- /dev/null
+GET_FILENAME_COMPONENT(
+ FINGERPRINT_LIST_XML
+ ${CMAKE_CURRENT_SOURCE_DIR}/fingerprint_list.xml
+ REALPATH
+ )
+GET_FILENAME_COMPONENT(
+ FINGERPRINT_LIST_XSD
+ ${CMAKE_CURRENT_SOURCE_DIR}/fingerprint_list.xsd
+ REALPATH
+ )
+
+EXECUTE_PROCESS(
+ COMMAND
+ ${CMAKE_CURRENT_SOURCE_DIR}/add-fingerprint.sh
+ ${CMAKE_SOURCE_DIR}/certificates
+ ${FINGERPRINT_LIST_XML}
+ RESULT_VARIABLE ERROR_CODE
+)
+IF(ERROR_CODE)
+ MESSAGE(FATAL_ERROR "Failed to generate fingerprint list")
+ENDIF(ERROR_CODE)
+
+INSTALL(FILES ${FINGERPRINT_LIST_XML}
+ ${FINGERPRINT_LIST_XSD}
+ DESTINATION ${FINGERPRINT_DIR})
--- /dev/null
+#!/bin/sh
+
+CERT_ROOT=$1
+XML_PATH=$2
+
+if [ -z "$2" ]
+then
+ echo "usage: `basename $0` certificate_root_path fingerprint_xml_path"
+ exit 2
+fi
+
+for CATEGORY in developer public partner platform
+do
+ if [ -d "$CERT_ROOT/$CATEGORY" ]
+ then
+ echo
+ echo " <<$CATEGORY>>"
+ for CERT_PATH in `ls $CERT_ROOT/$CATEGORY/*.pem`
+ do
+ FINGERPRINT=`/usr/bin/openssl x509 -noout -fingerprint -in $CERT_PATH | cut -d '=' -f 2`
+ echo " ${CERT_PATH##*/}:"
+ echo " $FINGERPRINT"
+ ##################################################################
+ # Find "<CertificateDomain name="tizen-xxxxxxx">" #
+ # then add the fingerprint into the next line #
+ ##################################################################
+ # <FingerprintSHA1>[...fingerprints...]</FingerprintSHA1> #
+ ##################################################################
+ /bin/sed -i "s#<CertificateDomain name=\"tizen-$CATEGORY\">.*#&\n <FingerprintSHA1>$FINGERPRINT</FingerprintSHA1><!-- ${CERT_PATH##*/} -->#" $XML_PATH
+ done
+ fi
+done
+echo
--- /dev/null
+<CertificateSet>
+ <CertificateDomain name="tizen-developer"><!-- used to verify tizen widgets -->
+ </CertificateDomain>
+ <CertificateDomain name="tizen-public">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-partner">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-platform">
+ </CertificateDomain>
+</CertificateSet>
--- /dev/null
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema">
+
+<xs:element name="CertificateSet" type="CertificateSetType" />
+<xs:complexType name="CertificateSetType">
+ <xs:sequence>
+ <xs:element ref="CertificateDomain" minOccurs="0" maxOccurs="unbounded" />
+ </xs:sequence>
+</xs:complexType>
+
+<xs:element name="CertificateDomain" type="CertificateDomainType" />
+<xs:complexType name="CertificateDomainType">
+ <xs:sequence>
+ <xs:element ref="FingerprintSHA1" minOccurs="0" maxOccurs="unbounded" />
+ </xs:sequence>
+ <xs:attribute name="name" type="xs:string" use="required" />
+</xs:complexType>
+
+<xs:element name="FingerprintSHA1" type="xs:string"/>
+
+</xs:schema>