diff options
Diffstat (limited to 'scripts')
-rwxr-xr-x | scripts/build-debian-control-files.py | 16 | ||||
-rwxr-xr-x | scripts/build-firmware-package.py | 40 | ||||
-rwxr-xr-x | scripts/build-homebrew-formula.py | 39 | ||||
-rwxr-xr-x | scripts/build-shadow-tree.py | 2 |
4 files changed, 47 insertions, 50 deletions
diff --git a/scripts/build-debian-control-files.py b/scripts/build-debian-control-files.py index 9817248..46958ea 100755 --- a/scripts/build-debian-control-files.py +++ b/scripts/build-debian-control-files.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/env python3 import subprocess import argparse @@ -25,18 +25,18 @@ Priority: optional Standards-Version: 3.9.6 Build-Depends: debhelper (>= 9), dh-python, - python (>= 2.7), - python-yaml + python3-yaml, + python3 Homepage: http://trac.cryptech.is/wiki Package: {args.package} Architecture: any -Depends: python, - python-serial (>= 3.0), - python-tornado (>= 4.0), - python-crypto, +Depends: python3, + python3-serial (>= 3.0), + python3-tornado (>= 4.0), + python3-crypto, ${{misc:Depends}}, - ${{python:Depends}}, + ${{python3:Depends}}, ${{shlibs:Depends}} {conflicts}\ Description: Cryptech Project open-source cryptographic software and firmware. diff --git a/scripts/build-firmware-package.py b/scripts/build-firmware-package.py index 9a58970..b36b55e 100755 --- a/scripts/build-firmware-package.py +++ b/scripts/build-firmware-package.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/env python3 import subprocess import tempfile @@ -6,18 +6,25 @@ import argparse import hashlib import tarfile import json +import sys import os +def run(*args, **kwargs): + kwargs.update(stdout = subprocess.PIPE, universal_newlines = True, check = True) + return subprocess.run(args, **kwargs) + parser = argparse.ArgumentParser() parser.add_argument("tarfile", type = argparse.FileType("wb"), help = "tarball to create") parser.add_argument("firmware", nargs = "+", help = "firmware files to stuff into tarball") args = parser.parse_args() tar = tarfile.TarFile.open(fileobj = args.tarfile, mode = "w|gz") -head = subprocess.check_output(("git", "rev-parse", "HEAD")).strip() -time = subprocess.check_output(("git", "show", "-s", "--format=%ct", "HEAD")).strip() -commits = dict((path, hash) for hash, path, branch in - (line.split() for line in subprocess.check_output(("git", "submodule", "status")).splitlines())) +head = run("git", "rev-parse", "HEAD").stdout.strip() +time = run("git", "show", "-s", "--format=%ct", "HEAD").stdout.strip() +commits = { path: hash + for hash, path, branch in ( + line.split() + for line in run("git", "submodule", "status").stdout.splitlines() ) } sha256 = {} for fn in args.firmware: @@ -25,20 +32,15 @@ for fn in args.firmware: sha256[os.path.basename(fn)] = hashlib.sha256(f.read()).hexdigest() tar.add(fn, os.path.basename(fn)) -with tempfile.NamedTemporaryFile() as f: - os.fchmod(f.fileno(), 0644) - use_gpg = os.path.isdir(os.getenv("GNUPGHOME", "")) - if use_gpg: - gpg = subprocess.Popen(("gpg", "--clearsign", "--personal-digest-preferences", "SHA256", "--no-permission-warning"), - stdin = subprocess.PIPE, stdout = f) - jf = gpg.stdin - else: - jf = f - json.dump(dict(head = head, time = time, commits = commits, sha256 = sha256), jf, indent = 2) - if use_gpg: - gpg.stdin.close() - if gpg.wait(): - raise subprocess.CalledProcessError(gpg.returncode, "gpg") +manifest = json.dumps(dict(head = head, time = time, commits = commits, sha256 = sha256), indent = 2, sort_keys = True) + +if os.path.isdir(os.getenv("GNUPGHOME", "")): + manifest = run("gpg", "--clearsign", "--personal-digest-preferences", "SHA256", "--no-permission-warning", + input = manifest).stdout + +with tempfile.NamedTemporaryFile("w+") as f: + os.fchmod(f.fileno(), 0o644) + f.write(manifest) f.seek(0) tar.add(f.name, "MANIFEST") diff --git a/scripts/build-homebrew-formula.py b/scripts/build-homebrew-formula.py index 54cdcae..56987c4 100755 --- a/scripts/build-homebrew-formula.py +++ b/scripts/build-homebrew-formula.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/env python3 # Yes, this is a Python program writing a Ruby program. @@ -32,7 +32,7 @@ template = '''\ # code, however, is what Homebrew considers "bindings", so we install # those where user scripts as well as our own can find them...then we # add a symlink so that our scripts can find our bindings regardless -# of which copy of Python 2.7 Homebrew decides we should use this week. +# of which copy of Python Homebrew decides we should use this week. # # We have to build our own software before installing our Python code, # because at least one of the Python modules we install @@ -54,16 +54,18 @@ class {classname} < Formula url "{url}" sha256 "{sha256}" + depends_on "python@3.8" + {conflicts} resource "pyserial" do - url "https://pypi.python.org/packages/3c/d8/a9fa247ca60b02b3bebbd61766b4f321393b57b13c53b18f6f62cf172c08/pyserial-3.1.1.tar.gz" - sha256 "d657051249ce3cbd0446bcfb2be07a435e1029da4d63f53ed9b4cdde7373364c" + url "https://files.pythonhosted.org/packages/cc/74/11b04703ec416717b247d789103277269d567db575d2fd88f25d9767fe3d/pyserial-3.4.tar.gz" + sha256 "6e2d401fdee0eab996cf734e67773a0143b932772ca8b42451440cfed942c627" end resource "PyYAML" do - url "http://pyyaml.org/download/pyyaml/PyYAML-3.11.tar.gz" - sha256 "c36c938a872e5ff494938b33b14aaa156cb439ec67548fcab3535bb78b0846e8" + url "http://pyyaml.org/download/pyyaml/PyYAML-5.3.1.tar.gz" + sha256 "b8eac752c5e14d3eca0e6dd9199cd627518cb5ec06add0de9d32baeee6fe645d" end resource "tornado" do @@ -71,16 +73,6 @@ class {classname} < Formula sha256 "f267acc96d5cf3df0fd8a7bfb5a91c2eb4ec81d5962d1a7386ceb34c655634a8" end - resource "singledispatch" do - url "https://pypi.python.org/packages/source/s/singledispatch/singledispatch-3.4.0.3.tar.gz" - sha256 "5b06af87df13818d14f08a028e42f566640aef80805c3b50c5056b086e3c2b9c" - end - - resource "backports_abc" do - url "https://files.pythonhosted.org/packages/source/b/backports_abc/backports_abc-0.5.tar.gz" - sha256 "033be54514a03e255df75c5aee8f9e672f663f93abb723444caec8fe43437bde" - end - resource "pycrypto" do url "https://pypi.python.org/packages/source/p/pycrypto/pycrypto-2.6.1.tar.gz" sha256 "f2ce1e989b272cfcb677616763e0a2e7ec659effa67a88aa92b3a65528f60a3c" @@ -88,11 +80,14 @@ class {classname} < Formula def install - ENV.prepend_create_path "PYTHONPATH", libexec/"vendor/lib/python2.7/site-packages" + xy = Language::Python.major_minor_version "python3" + + ENV.prepend_create_path "PYTHONPATH", libexec/"vendor/lib/python#{{xy}}/site-packages" resources.each do |r| + ohai "Building resource #{{r.url}}" r.stage do - system "python", *Language::Python.setup_install_args(libexec/"vendor") + system "python3", *Language::Python.setup_install_args(libexec/"vendor") end end @@ -100,10 +95,10 @@ class {classname} < Formula ENV.deparallelize system "make", "-C", "sw/pkcs11" - system "python", *Language::Python.setup_install_args(prefix) + system "python3", *Language::Python.setup_install_args(prefix) bin.env_script_all_files(libexec/"bin", :PYTHONPATH => ENV["PYTHONPATH"]) - ln_s lib/"python2.7/site-packages/cryptech", libexec/"vendor/lib/python2.7/site-packages/cryptech" + ln_s lib/"python#{{xy}}/site-packages/cryptech", libexec/"vendor/lib/python#{{xy}}/site-packages/cryptech" share.install "cryptech-alpha-firmware.tar.gz" lib.install "sw/pkcs11/libcryptech-pkcs11.dylib" @@ -118,8 +113,8 @@ with open(args.tarball, "rb") as f: classname = "".join(word.capitalize() for word in args.package.split("-")) -conflicts = "".join(" conflicts_with \"{}\", :because => \"HSM firmware and PKCS #11 library must match\"\n".format(conflict) - for conflict in args.conflicts.split()) +conflicts = "\n".join(" conflicts_with \"{}\", :because => \"HSM firmware and PKCS #11 library must match\"".format(conflict) + for conflict in args.conflicts.split()) url = os.path.join(args.url_base, os.path.basename(args.tarball)) diff --git a/scripts/build-shadow-tree.py b/scripts/build-shadow-tree.py index 378797f..0f3a4a1 100755 --- a/scripts/build-shadow-tree.py +++ b/scripts/build-shadow-tree.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/env python3 # Create a symlink build tree like the old X11 project "lndir" program. # |