diff options
| author | Scott <scott@paragonie.com> | 2016-02-05 22:24:16 -0500 |
|---|---|---|
| committer | Scott <scott@paragonie.com> | 2016-02-05 22:24:16 -0500 |
| commit | 4c195e5ff75109027729a7ea275d681622301ee3 (patch) | |
| tree | baf3874f080fa543cdee45712974548adabcfa49 | |
| parent | 9de3053f6c2663b932057aef29d4e7f3254f465d (diff) | |
| parent | 0c66df2904dcd386221c8fa5e2bc140103dffc8f (diff) | |
| download | random_compat-4c195e5ff75109027729a7ea275d681622301ee3.zip random_compat-4c195e5ff75109027729a7ea275d681622301ee3.tar.gz random_compat-4c195e5ff75109027729a7ea275d681622301ee3.tar.bz2 | |
Merge pull request #83 from paragonie/phar
Proposal: deterministically build a Phar
| -rw-r--r-- | dist/random_compat.phar.pubkey | 9 | ||||
| -rw-r--r-- | other/build_phar.php | 57 |
2 files changed, 66 insertions, 0 deletions
diff --git a/dist/random_compat.phar.pubkey b/dist/random_compat.phar.pubkey new file mode 100644 index 0000000..57a547a --- /dev/null +++ b/dist/random_compat.phar.pubkey @@ -0,0 +1,9 @@ +-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA56Ododgbfwfg+QAxOPex +HtofrcX6DR6wOJ9H1E7LZiOWWBe1pR85oqBbWYC/0r858/KeMnVj6cH0KQ+FAWxE +VqKuX5oyl1u2fTKTMI0KIBXMu1CxWHKbZBHEtur8zEgoPyhMzOxCbKDtcfHLuKTK +pWBAsakH0LY6vVzJXqsLjsKJt65CeNlDAs8PhYnrX69bgb6M5u30fdTjhnBKeEJf +lKx9YIrYN3fwUvIxw93g+4mQQKOzg4nPvjVXabhUdBLi/X8eJLVSCbp7/Lisj/Uj +kzNBfYsd4b9vZnGsRVW4m3/+tyRSAEY3atio1KfoYKnqb2aPdfLxaKc03xK2JyaU +iQIDAQAB +-----END PUBLIC KEY----- diff --git a/other/build_phar.php b/other/build_phar.php new file mode 100644 index 0000000..70ef4b2 --- /dev/null +++ b/other/build_phar.php @@ -0,0 +1,57 @@ +<?php +$dist = dirname(__DIR__).'/dist'; +if (!is_dir($dist)) { + mkdir($dist, 0755); +} +if (file_exists($dist.'/random_compat.phar')) { + unlink($dist.'/random_compat.phar'); +} +$phar = new Phar( + $dist.'/random_compat.phar', + FilesystemIterator::CURRENT_AS_FILEINFO | \FilesystemIterator::KEY_AS_FILENAME, + 'random_compat.phar' +); +rename( + dirname(__DIR__).'/lib/random.php', + dirname(__DIR__).'/lib/index.php' +); +$phar->buildFromDirectory(dirname(__DIR__).'/lib'); +rename( + dirname(__DIR__).'/lib/index.php', + dirname(__DIR__).'/lib/random.php' +); + +/** + * If we pass an (optional) path to a private key as a second argument, we will + * sign the Phar with OpenSSL. + * + * If you leave this out, it will produce an unsigned .phar! + */ +if ($argc > 1) { + if (!@is_readable($argv[1])) { + echo 'Could not read the private key file:', $argv[1], "\n"; + exit(255); + } + $pkeyFile = file_get_contents($argv[1]); + + $private = openssl_get_privatekey($pkeyFile); + if ($private !== false) { + $pkey = ''; + openssl_pkey_export($private, $pkey); + $phar->setSignatureAlgorithm(Phar::OPENSSL, $pkey); + + /** + * Save the corresponding public key to the file + */ + if (!@is_readable($dist.'/random_compat.phar.pubkey')) { + $details = openssl_pkey_get_details($private); + file_put_contents( + $dist.'/random_compat.phar.pubkey', + $details['key'] + ); + } + } else { + echo 'An error occurred reading the private key from OpenSSL.', "\n"; + exit(255); + } +} |