From: Johannes Berg Date: Mon, 9 Oct 2017 11:50:57 +0200 Subject: [PATCH] regdb: write firmware file format (version code 20) TODO: clean up the Makefile stuff ... Signed-off-by: Johannes Berg --- create mode 100755 db2fw.py --- a/Makefile +++ b/Makefile @@ -1,7 +1,5 @@ # Install prefix PREFIX ?= /usr -CRDA_PATH ?= $(PREFIX)/lib/crda -CRDA_KEY_PATH ?= $(CRDA_PATH)/pubkeys MANDIR ?= $(PREFIX)/share/man/ @@ -30,39 +28,47 @@ REGDB_AUTHOR ?= $(shell if [ -f $(DISTRO fi) REGDB_PRIVKEY ?= ~/.wireless-regdb-$(REGDB_AUTHOR).key.priv.pem -REGDB_PUBKEY ?= $(REGDB_AUTHOR).key.pub.pem - -REGDB_UPSTREAM_PUBKEY ?= sforshee.key.pub.pem +REGDB_PUBCERT ?= $(REGDB_AUTHOR).x509.pem REGDB_CHANGED = $(shell $(SHA1SUM) -c --status sha1sum.txt >/dev/null 2>&1; \ if [ $$? -ne 0 ]; then \ - echo maintainer-clean $(REGDB_PUBKEY); \ + echo maintainer-clean $(REGDB_PUBCERT); \ fi) .PHONY: all clean mrproper install maintainer-clean install-distro-key -all: $(REGDB_CHANGED) regulatory.bin sha1sum.txt +all: $(REGDB_CHANGED) regulatory.db.p7s sha1sum.txt clean: @rm -f *.pyc *.gz maintainer-clean: clean - @rm -f regulatory.bin + @rm -f regulatory.db regulatory.db.p7s mrproper: clean maintainer-clean - @echo Removed public key, regulatory.bin and compresed man pages - @rm -f $(REGDB_PUBKEY) .custom + @echo Removed public key, regulatory.db* and compressed man pages + @rm -f $(REGDB_PUBCERT) .custom -regulatory.bin: db.txt $(REGDB_PRIVKEY) $(REGDB_PUBKEY) - @echo Generating $@ digitally signed by $(REGDB_AUTHOR)... - ./db2bin.py regulatory.bin db.txt $(REGDB_PRIVKEY) +regulatory.db: db.txt db2fw.py + @echo "Generating $@" + ./db2fw.py regulatory.db db.txt + +regulatory.db.p7s: regulatory.db $(REGDB_PRIVKEY) $(REGDB_PUBCERT) + @echo "Signing regulatory.db (by $(REGDB_AUTHOR))..." + @openssl smime -sign \ + -signer $(REGDB_PUBCERT) \ + -inkey $(REGDB_PRIVKEY) \ + -in $< -nosmimecap -binary \ + -outform DER -out $@ sha1sum.txt: db.txt sha1sum $< > $@ -$(REGDB_PUBKEY): $(REGDB_PRIVKEY) - @echo "Generating public key for $(REGDB_AUTHOR)..." - openssl rsa -in $(REGDB_PRIVKEY) -out $(REGDB_PUBKEY) -pubout -outform PEM +$(REGDB_PUBCERT): $(REGDB_PRIVKEY) + @echo "Generating certificate for $(REGDB_AUTHOR)..." + @openssl req -config regulatory.openssl.conf \ + -key $(REGDB_PRIVKEY) -days 36500 -utf8 -nodes -batch \ + -x509 -outform PEM -out $(REGDB_PUBCERT) @echo $(REGDB_PUBKEY) > .custom @@ -97,16 +103,7 @@ install-distro-key: maintainer-clean $(D # make maintainer-clean # make # sudo make install -install: regulatory.bin.5.gz - install -m 755 -d $(DESTDIR)/$(CRDA_PATH) - install -m 755 -d $(DESTDIR)/$(CRDA_KEY_PATH) - if [ -f .custom ]; then \ - install -m 644 -t $(DESTDIR)/$(CRDA_KEY_PATH)/ $(shell cat .custom); \ - fi - install -m 644 -t $(DESTDIR)/$(CRDA_KEY_PATH)/ $(REGDB_UPSTREAM_PUBKEY) - install -m 644 -t $(DESTDIR)/$(CRDA_PATH)/ regulatory.bin +install: regulatory.db.5.gz + install -m 644 -t $(DESTDIR)/$(CRDA_PATH)/ regulatory.db install -m 755 -d $(DESTDIR)/$(MANDIR)/man5/ - install -m 644 -t $(DESTDIR)/$(MANDIR)/man5/ regulatory.bin.5.gz - -uninstall: - rm -rf $(DESTDIR)/$(CRDA_PATH)/ + install -m 644 -t $(DESTDIR)/$(MANDIR)/man5/ regulatory.db.5.gz --- a/README +++ b/README @@ -18,8 +18,8 @@ python module is used by the web viewer implemented as a MoinMoin macro (and used on http://wireless.kernel.org) to allow viewing the database for verification. -The dbparse module is also used by db2bin.py, the `compiler', which -compiles and signs the binary database. +The dbparse module is also used by db2bin.py and db2fw.py, the `compilers' +that compile the database to its binary formats. For more information, please see the CRDA git repository: