aboutsummaryrefslogtreecommitdiff
path: root/buildSrc/src/main/kotlin/neubs/customSign.kt
blob: 8140d71b65269ec1d3551bca60dbc8b5c2ef4963 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

/*
 * Copyright (C) 2024 NotEnoughUpdates contributors
 *
 * This file is part of NotEnoughUpdates.
 *
 * NotEnoughUpdates is free software: you can redistribute it
 * and/or modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation, either
 * version 3 of the License, or (at your option) any later version.
 *
 * NotEnoughUpdates is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with NotEnoughUpdates. If not, see <https://www.gnu.org/licenses/>.
 */

package neubs

import org.gradle.api.DefaultTask
import org.gradle.api.tasks.TaskAction
import java.security.KeyFactory
import java.security.Signature
import java.security.spec.PKCS8EncodedKeySpec

abstract class CustomSignTask : DefaultTask() {

    @TaskAction
    fun run() {
        println("Hash to sign: ")
        val hash = readLine()!!.trim().toUpperCase()
        require(hash.matches("[A-F0-9]{64}".toRegex())) { "Please provide a valid sha256 hash" }
        val secrets = project.file("secrets").listFiles()?.toList()
            ?.filter { !it.name.startsWith(".") } ?: emptyList()

        if (secrets.isEmpty()) error("Could not find any secret files.")
        secrets.forEach { require(it.name.endsWith(".der")) { "Invalid secret file ${it.name}" } }
        project.file("build/signatures").mkdirs()
        for (secret in secrets) {
            val keySpec = PKCS8EncodedKeySpec(secret.readBytes())
            val signature = Signature.getInstance("SHA256withRSA")
            signature.initSign(KeyFactory.getInstance("RSA").generatePrivate(keySpec))
            signature.update(hash.encodeToByteArray())
            val file = project.file("build/signatures/_${secret.nameWithoutExtension}.asc")
            file.writeBytes(signature.sign())
            println("Generated signature at ${file.absolutePath}")
        }
    }

    init {
        outputs.upToDateWhen { false }
    }
}
generated by cgit (git 2.46.0) at 2024-11-22 00:06:57 +0000