index : archiso32 | |
Archlinux32 iso tools | gitolite user |
summaryrefslogtreecommitdiff |
author | nl6720 <nl6720@gmail.com> | 2023-06-01 09:37:11 +0300 |
---|---|---|
committer | nl6720 <nl6720@gmail.com> | 2023-08-02 16:06:49 +0300 |
commit | 8ddd08f51dc4117fc940541225d09cbc805aedeb (patch) | |
tree | 20dede273c8fd9a2dd2402b7bd723ec65eb99f09 | |
parent | 279d3c09711bd75f1ba3b31eb942f69052d3bbed (diff) |
-rwxr-xr-x | .gitlab/ci/build_archiso.sh | 21 |
diff --git a/.gitlab/ci/build_archiso.sh b/.gitlab/ci/build_archiso.sh index 248cb8c..0504fd2 100755 --- a/.gitlab/ci/build_archiso.sh +++ b/.gitlab/ci/build_archiso.sh @@ -252,25 +252,16 @@ create_ephemeral_codesigning_keys() { -days 2 \ -out "${ca_cert}" - cat <<EOF >>"${ca_conf}" - -[ v3_intermediate_ca ] -# Extensions for a typical intermediate CA ('man x509v3_config'). -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid:always,issuer -basicConstraints = critical, CA:true, pathlen:0 -keyUsage = critical, digitalSignature, cRLSign, keyCertSign - -EOF - - cat <<EOF >>"${codesigning_conf}" - + local extension_text + IFS='' read -r -d '' extension_text <<EOF || true [codesigning] keyUsage=digitalSignature extendedKeyUsage=codeSigning, clientAuth, emailProtection - EOF + printf '%s' "${extension_text}" >> "${ca_conf}" + printf '%s' "${extension_text}" >> "${codesigning_conf}" + openssl req \ -newkey rsa:4096 \ -keyout "${codesigning_key}" \ @@ -285,7 +276,7 @@ EOF openssl ca \ -batch \ -config "${ca_conf}" \ - -extensions v3_intermediate_ca \ + -extensions codesigning \ -days 2 \ -notext \ -md sha256 \ |